UK Regulator Sets Out Priorities For Growing The Internet Of Things

The U.K.’s telecoms regulator Ofcom has identified four areas it plans to prioritize in order to support the development of the Internet of Things, after taking input from various industry “stakeholders” last year.

“Ofcom’s plan is to ensure the U.K. has the tools and infrastructure to allow the IoT to develop unhindered,” it said today, noting there are already more than 40 million devices connected via the IoT in the country — a figure that’s forecast to grow more than 8x by 2022.

“We have listened closely to industry and want to develop a framework for this technology to evolve in a way which will ultimately benefit citizens and consumers,” it added.

Future large-scale applications for IoT technology which Ofcom points to as having the potential for various benefits — such as reduced costs, lower pollution, increased efficiency — include smart farming, for automating crop irrigation and feeding; smart energy grids that can match energy generation from multiple power generation sources with changing demand; telemedicine and remote care for monitoring patients and the frail elderly; and intelligent transport systems to better manage traffic.

The four priority areas the regulator intends to focus on to foster IoT growth are:

  • Spectrum availability
  • Data privacy
  • Network security and resilience
  • Network addressing

On the networks side, Ofcom noted the IoT will inevitably increase reliance on secure and reliable data networks and data storage — so that’s a clear priority area for fostering growth. Along with IPv6, given that the latest comms protocol best supports multiple connections.

It noted:

IoT services will likely use bespoke addressing systems or addresses based on the internet standard known as IPv6, the latest version of the Internet Protocol which is able to support connections between a significantly greater number of devices. To support this, Ofcom will continue to monitor the progress already being made by internet service providers in supporting IPv6 connectivity.

On the spectrum point, Ofcom said it believes IoT demand will be met by current provision in the “medium-term” but intends to monitor this to identify whether additional spectrum might be needed.

The regulator has already released some spectrum for short range devices, and has also been pushing for the launch of licence-exempt white spaces spectrum in the U.K. to be used, in part, for machine-to-machine comms. Various trials using this type of spectrum are underway, with a possible rollout this year — although that launch timeline was previously pegged for late 2013 (so evidently hasn’t been considered hugely pressing at this nascent stage).

On the data privacy point, the regulator dubbed the protection of individuals’ personal data as “a key part of the development of the IoT” — given, presumably, the potential for widespread consumer mistrust of connected devices — and asserts that this will be covered under existing legislation, such as the Data Protection Act 1998.

However it also raised concerns that there may be additional requirements when it comes to regulating the IoT, noting:

…traditional approaches to data privacy may have limitations in the context of the IoT. Ofcom will work with the Information Commissioner’s Office, government, other regulators and industry to explore solutions to data privacy issues in the IoT.

Ofcom is not alone in picking up on changing privacy concerns relating to the IoT. Earlier this month, in the U.S., the consumer-focused FTC set out detailed concerns about consumer privacy challenges posed by the collective impact of connected devices, and suggested some specific best practice measures that IoT companies should adopt — such as security by design; practicing data minimization; and increasing consumer transparency about data usage and re-usage. Update: The FTC has also today released a detailed report expanding on these privacy best practices for businesses in the IoT space.

In the U.K. the Information Commissioner’s Office (ICO) has the primary duty for privacy issues, so it’s not for Ofcom to set out such detailed measures here. But it looks to be positioning itself to adopt a facilitating role between various government and industry stakeholders — to keep IoT development ticking along.

What’s likely to be a key piece of work for these regulatory and data protection bodies is figuring out how comprehensively existing data protection regulations encompass the IoT. And coming up with a core framework to govern data sharing within an increasingly dense data-generating landscape of multiple networked objects.

Understanding consumer attitudes and considering how best to educate people so they can make informed decisions about how much data they share are also likely to become pressing considerations as the IoT proliferates.