Based on a Report of the RAND Corporation Final Report (D7) 31st May 2013 (Prepared for the European Commission, DG Communications Networks, Content and Technology (CONNECT)


The Internet of Things builds out from today’s internet by creating a pervasive and self-organising network of connected, identifiable and addressable physical objects enabling application development in and across key vertical sectors through the use of embedded chips.

Internet of Things (IoT) is a technology and a market development based on the inter-connection of everyday objects among themselves and applications. IoT will enable an ecosystem of smart applications and services, which will improve and simplify EU citizens' lives.

Whereas in the first run Internet of Things referred to the advent of barcodes and Radio-frequency identification (FID), helping to automate inventory, tracking and basic identification, the second current wave of IoT sees a strong verve for connecting sensors, objects, devices, data and applications. The next wave could be called a “cognitive IoT”, facilitating object and data reuse across application domains, leveraging on hyper-connectivity, interoperability solutions and semantic enriched information distribution, incorporating intelligence at different levels, in the objects, devices, network(s), systems and in the applications for evidence-based decision making and priority setting.

Economically , it could generate billions of Euros that easily translate into growth and employment, provided it ensures trust and security for the European citizens and businesses. At the same time, the IoT will bring hyper-connectivity to a global society, using augmented and rich interfaces. This global society will also be characterised by higher semi-autonomous system behaviour than today.

Smart cities are an obvious application of IoT as a horizontal enabler, covering sustainable smart grids, smart mobility, and smart health.

Advances in integration and miniaturisation of ultra-low power components and micro systems and increased autonomy and flexibility of service robots is accelerating the diffusion of embedded ICT in all types of physical objects and artefacts ranging from clothes and even bodies to homes, cars and transport systems, as well as all public spaces and cities.

 The IoT presents issues across several domains

 According to experts the current development of the IoT may not be aligned with Europe’s policy objectives. Part of this is due to the limited influence of European (government and industry) actors and it may not be possible to address the consequences once the IoT has matured.

 The socioeconomic impacts of the IoT are expected by many industry analysts to develop rapidly over the next five to ten years into an important element of the European digital economy. But it cannot be assumed that this growth will be coherent or manageable. Current trajectories suggest the emergence of multiple competing architectures and identification schemes, leading to potentially damaging fragmentation across and within sectors or the triumph of a ‘second best’ candidate. This is not simply a market phenomenon; the governance of the internet involves standardisation, government policy and a measure of self-regulation, but the institutions and decisions may lack accountability and may not effectively balance competing interests.

 In order for government, business and societal organisations to realise the potential of the IoT and meet its challenges, its application must be accepted and trusted – not universally, uncritically or unequivocally, but in a proportionate, reasoned and effective manner. This requires both accurate and comprehensible information and the operationalisation of ethical principles.

Some levels of the IoT value chain are likely to suffer classic market failure due to entry and exit barriers, natural monopolies, information asymmetries and externalities. This will not be true of all layers – the openness and interoperability on which the IoT business proposition rests should lower barriers in the device layer. But this, too, can be problematic, if effective use depends on continuing collaborative innovation by end users, application providers and other stakeholders, and if switching is easier than (investment in) adaptation. The unreliability of unaided market forces can be seen, for example, in inadequate investment in security (externalities), the unreliability of consumer sovereignty (information asymmetry) and the barriers to innovation arising from inappropriate spectrum policy and fragmentary or closed standards.

Despite its youth, the IoT is seen as one of the fastest growing IT segments. By 2020, upper estimates of its annual global economic potential across all affected sectors range from $1.4 trillion to $14.4 trillion. Some of the most promising and intriguing opportunities come from the linkage of the IoT to other systems and technologies, such as clouds, smart grids, nanotechnology and robotics.

The potential economic implications of a rapidly developing IoT reflect the changing pattern of horizontal and vertical relations among the businesses that supply, use and serve the IoT. Of particular interest is the competitive tension between large market players from these other sectors, and the potential for a more open environment for small and medium-sized enterprises (SMEs) and innovative entrants within and beyond the IoT.

In particular, because the ‘things’ of the IoT act autonomously and as part of a densely linked ecosystem, sole control of the IoT cannot be assumed to lie with the owners of devices or with providers of essential infrastructure services.

As in other emerging technology domains, European competitiveness can be enhanced by exploiting the strength of its research capabilities, reinforced by antitrust, public procurement and international trade initiatives. More specifically, businesses and other IoT users can benefit from the embedding of existing European standards of consumer and data protection, which may become a unique source of competitive advantage in marketing European IoT technologies and services worldwide.

But this depends on the availability and structure of investment. China has already earmarked €625m for IoT investment. Public and private sector investors will have the possibility to provide infrastructure and application funding for the IoT including private financing, public investment, public–private partnerships, and social (eg crowd-funded) finance.

Building an ethical IoT

The commercial and technical development and broader socioeconomic impacts of any information and communications technology (ICT) derive from the way it deals with the ethical tensions arising from the way it connects people and organisations with different objectives. The IoT creates new forms of contact that make it hard for those currently charged with responsibilities to know, understand and control these connections; the classical protections of negotiation, markets and contracts may not work as well for human-to-machine, let alone M2M contacts. Having investigated these ethical issues, especially in relation to privacy, autonomy, trust, identity and social inclusion, and without greater attention to improving individual understanding and awareness, solutions, even if implemented, might not survive.

Architecture, security and identification

Architecture, in particular, must provide a set of common rules to keep systems close enough to allow interoperability and thus facilitate efficient emergence of better systems, while allowing enough flexibility to encourage innovation. Current development is producing substantial heterogeneity of applications, environments and systems but not (seamless) interoperability. The resulting technical and cost issues across sectors make it likely that a range of specialist architectures will emerge that can lock in this weakness.

The same fragmentation risk affects naming and addressing norms; differences across geographical areas and industries can limit interoperability and competition. Much of this fragmentation can be overcome by suitable open standards. Many of the applicable standards are inherited from other areas (eg radio communication, general ICT); there is thus an ongoing debate over the necessity for IoT-specific standards and the role of specific standards bodies. Several specific initiatives have been created to incorporate and adapt existing standards and to complete the IoT portfolio with additional standards.

However, at this early stage of development, it is not clear how uniformly standards are applied or enforced, nor have any preferable approaches been identified for application and enforcement.

The ubiquity of sensor (and eventually actuator) networks poses some unique and interesting questions with respect to security as a public good and whether cyber security is subject to market failure as well as adding novel aspects to pre-existent privacy and security risks. The IoT could also result in cyber-attacks targeting new endpoints, such as smart homes, therefore requiring strategies that can be efficient across multiple domains and competing priorities.

Strategic objectives of European IoT governance

General objectives of EU action include accountability, safety and interoperability of an inclusive, ethical and open IoT, characterised by effective and efficient competition and competitiveness.

Potential gaps in the existing legal framework

As an extension to the internet, the IoT is affected by internet governance structures. But the internet itself does not ‘fit’ neatly within all the relevant governance frameworks (telecom, competition, privacy, consumer protection and so on), Its problems are not always effectively addressed by extensions of these frameworks. And that extension may in turn weaken the effectiveness of existing competition and other rules. The IoT poses its own unique challenges and also involves additional reverence governance domains (eg safety, transportation) more centrally than the internet does.

The frameworks for competition (in particular market definitions and the role of competition authorities), privacy and data protection (in particular regarding liability and responsibility), universal service and cyber security are likely to require adjustment or compensating ‘soft law’ measures.

The European Commission should play a central role in coordinating policy dialogue to ensure common understanding and coherent effective action across sectors, regions and policy areas; support for meaningful digital literacy programmes and awareness-raising to empower self-regulation and improve individual interaction with the IoT; and support and promotion of knowledge sharing, research and validation projects with funding, continuous debate and policy articulation especially on identification, privacy and ethics in IoT environments. Although an ethical charter may be a useful component of self-regulation, support for the general approach is patchy .

As an interim measure, creating a European ‘Ethical Tech’ brand could encourage innovators and providers to develop ethical technology in line with market and user needs.

The information necessary to track the development of the IoT is fragmented and difficult to use. This problem of too much, too little and the wrong kind of information may account for slow progress to date. Rapid changes – and the exaflood of data – are expected to continue. In order to develop and implement appropriate flexible and future-proof policy this problem must be overcome. In this regard, it is fortunate that the various governance domains that affect and are affected by the IoT each collect and analyse information. This creates the basis for a coordinated policy approach allied to an articulated information structure organised around the IoT. This IoT observatory could follow the impact of challenges in areas that cannot be directly measured, such as ethics, privacy and security, and should lead to more joined-up policy and deeper and more balanced understanding; the sharing of information and co-creation of data resources for monitoring and evaluation will also create shared understanding and help to break down organisational stovepipes. This is not limited to past and present information: the information should be used to create a rich set of shared scenarios for joint explorations of the emerging IoT. As always, it is important to establish measurespecific indicators that underpin a monitoring strategy (in conjunction with DG CONNECT’s ‘Metrics’ initiative.

Add new comment