If the words “asbestos,” “silicone breast implants,” “Vioxx®,” and, for old-time litigators, “Ford Pinto®,” make you misty with nostalgia for the old days of mass litigation, take heart: The Internet of Things may just bring back the roaring days of big-ticket litigation. Failure to design security into connected devices may subject manufactures and developers to litigation and regulatory proceedings that could dwarf the mass torts of yore.
The Internet of Things “IoT”, a term for the industry that develops and manufactures appliances and devices that send data, had already been pummeled by adverse media reports. Most recently, there have been misappropriated baby video monitor feeds going to the Internet and Google’s Nest® thermostat was programmed to display the graphic, “Dave, I know you want to disconnect me but I can’t let you do that.” Just this past week, IoT took another hit when it was reported that hackers had attacked the computer system of a Jeep and remotely disabled its transmission while it was being driven.
If a security patch or controls to keep out malware were available to prevent such attacks but were not implemented from the design stage and onward, did the device manufacturer fail to meet its duty of reasonable care? Of course, these litigation theories go beyond product liability (if the device is inherently dangerous, does strict liability read its head?) to privacy: Would the same standards apply to a cyber attack in which the homeowner or device owner’s whereabouts of other personal information ends up in unauthorized hands? The Economist featured this topic in the “Leaders” section of its July 18-24 issue, noting that the failure to “design security into the device rather than bolt it on later” is “a disaster in the making.”
Then, of course, the Federal Trade Commission may get into the act in a proceeding with regard to allegations of misrepresentation of security and privacy controls. State attorneys general might then investigate the aforementioned and if the litigation wave starts to crest, law firms may hire recent law school graduates, and law school enrollment may rise again and maybe, just maybe, the Internet of Things will bring the litigation practice out of the doldrums left from the Great Recession.
If you have questions about cybersecurity and potential liability exposure for your company or its devices or applications, please call Kenneth N. Rashbaum.