While many around the world are watching and waiting for the U.S. Presential election results, let’s focus on three important ballot initiatives that passed. Two strengthen consumer privacy protections while another expands consumer access to data on vehicles. All are good steps forward for the IoT in their respective states but one could have a major nationwide impact.
You can’t see me
Let’s start our travels in Portland, Maine, where voters supported and passed a law against facial recognition usage by local law enforcement and government agencies.
Earlier this year, the city enacted a temporary ban on usage of this technology, which has repeatedly shown bias against people of color. The successful vote this week extends the ban for five years and provides at least $1,000 in fines awarded to citizens surveilled through facial recognition.
While using AI or ML to recognize objects or people shown on cameras can be a good thing (home security comes to mind), profiling or surveillance of people using facial recognition doesn’t sit well in most democracies. My hope is that these types of bans on facial recognition used by law enforcement becomes a nationwide standard.
My data is MY data
Crossing the coast to California, voters there passed Proposition 24. This new measure takes the 2018 California Consumer Protection Act further by establishing a state agency to enforce consumer privacy directives while tripling fines to $7,500 for violating child privacy laws. Companies that collect consumer data won’t be able to keep that data longer than necessary, although that timeframe is rather vague. Consumers can also prevent businesses from sharing their data and can correct collected information that’s deemed inaccurate. Lastly, businesses are limited by the amount of data they can collect “sensitive personal information” such as religion, race, or sexual orientation.
If you provide an IoT device or service in California, you’re surely already aware of the 2018 law. But you’ll need to follow the newer, stronger one as well. There is an exemption for companies that collect data from 100,000 or fewer consumers or households, so start-ups and the like aren’t required to comply. I would anyway since it’s just a best practice and trust is becoming a “feature” that can make an IoT device attractive or not.
I own it so I want the data from it
Finally, we’re heading to Massachusetts, where a new “right to repair” law could impact the entire U.S.
Voters overwhelmingly passed this measure which requires automakers that collect and upload telemetry data from cars and trucks to make that data available to the owner of the vehicle.
This allows consumers to see the data collected, where they can perhaps use it for their own purposes, but more importantly, lets them share that data with third-parties such as auto-repair businesses.
This is a huge win for competition as the valuable vehicle data isn’t hoarded by the maker of the vehicle. Using the data, consumers can readily shop around for repairs. I love this aspect but also just having access to telemetry data myself: I use an electronic device to change the software in my own car, boosting performance beyond the stock experience.
Even though this is a new Massachusetts law, it will likely impact the entire country.
Why? Because starting with all 2022 model vehicles, any car or truck sold in the state must comply with the law and provide consumer access to telemetry data through a mobile app. Automakers won’t likely make specific models for this compliance in Massachusetts so there’s a good chance they’ll do so across several states in the northeast, if not nationwide at some point.
I’d call all three of these measures a win for consumers and IoT. We’re still trying to figure out national data privacy challenges but these are a good start; perhaps even a model for a national discussion.