Thursday, June 14, 2018

HR 6032 Introduced – Internet Connected Devices


Last week Rep. Latta (R,OH) introduced HR 6032, the State of Modern Application, Research, and Trends of (SMART) IoT Act. The bill would require the Commerce Department to conduct a study of the internet-connected devices industry.

Study


Section 2 of the bill requires Commerce to conduct a two-part study. The first is a survey of the internet-connected devices industry and the second is a review of Federal government agencies that have jurisdiction over the industries identified in the first survey.

The bill relies on a very broad definition of ‘internet-connected devices’ which it specifically conflates with the term ‘Internet of Things’. Section 2(c)(2) defines internet-connected devices as a physical object that both:

• Is capable of connecting to the internet, either directly or indirectly through a network, to communicate information at the direction of an individual; and
Has computer processing capabilities for collecting, sending, receiving, or analyzing data.

The inevitable report to Congress is required.

Moving Forward


Latta is the Chair of the Digital Commerce and Consumer Protection Subcommittee of the House Energy and Commerce Committee. He has used his influence there to conduct a markup hearing of this bill yesterday. The bill was adopted without amendment by a voice vote.

This bill is likely to move forward to the full Committee and then the full House without much in the way of opposition. It does not authorize any regulation or expenditure of funds, so there is little here to attract concern.

Commentary


The major problem with this bill is two-fold. First, it uses an overly broad definition which includes practically anything that can connect to the internet. Secondly, it provides no funds for the required study which limits the ability of the Department of Commerce to complete an effective study.

The definition problem is one common with any discussion of IoT. A reasonably good definition of IoT can be found on Wikipedia:

The Internet of Things (IoT) is the network of physical devices, vehicles, home appliances and other items embedded with electronics, software, sensors, actuators, and connectivity which enables these things to connect and exchange data, creating opportunities for more direct integration of the physical world into computer-based systems, resulting in efficiency improvements, economic benefits and reduced human intervention.

Unfortunately, even that definition has problems because its explication of types of ‘physical devices’ included in the definition is incomplete. It does not include, for example, control systems, building environment and access systems, and …. well we could just keep adding things.

This bill (and others, see S 1691 for example), instead of trying to define ‘IoT’ directly, relies on the definition of ‘internet connected devices’. Unfortunately, that forces the inclusion of just about any electronic device, including phones, personal computers, main frames and even super computers. This goes well beyond the IoT problem that Latta is trying to address.

Now, this could result in one of two things. DoC could attempt to complete the survey and report using the definition provided in the bill. But, the lack of specific funding would make that difficult and would result in an incomplete study. Or, it could attempt to divine Latta’s actual intent and limit their study to the ‘smart devices’ (another poorly defined term) that are being increasingly being connected to the internet with securityless (made up word) abandon.

Oh yes; security. That is something else that is curiously missing from specific mention in the bill. Well, not entirely true, in the paragraph on the report to Congress it requires that the report includes “recommendations of the Secretary for growth of the United States economy through the secure [emphasis added] advancement of internet-connected devices” {§2(b)(2)}. Of course, no definition is provided so we could be talking about cybersecurity, supply chain security, or even (a stretch to be sure) physical security.

Okay, one last problem (really, I am stopping here), there is no mention of the bandwidth issue that is associated with these internet-connected devices. And that would include radio frequency bandwidth for both the wireless connections nearly universally used by these devices and the amount of information clogging the information highway.

No comments:

 
/* Use this with templates/template-twocol.html */