Regulating the IoT: Discrimination, Privacy, and Cybersecurity in the Artificial Intelligence Age

75 Pages Posted: 6 Mar 2018 Last revised: 20 Aug 2018

Date Written: February 24, 2018


The field of consumer Internet of Things (IoT) has exploded, as business and researchers have sought to not only develop Internet-connected products but also define the common structure in which IoT devices will operate, including technological standards and responsive architectures. Yet, consumer IoT continues to present a host of potential risks to consumers, cascading from the multidimensional nature of IoT devices: IoT combines well-known consumer products with cutting-edge infrastructures including big data solutions, distributed data storage or “cloud,” and artificial intelligence (AI) utilities. The consumer device is no longer only the product, it is the product, the data, the algorithms, and the infrastructure. Consumer products have shifted from analog to connected technologies, introducing new risks for consumers related to personal privacy, safety issues, and potential for discriminatory data. Broad, ubiquitous data collection, Internet connectivity, predictive algorithms, and overall device functionality opacity threaten to undermine IoT market benefits by causing potential consumer injury: broad unfairness and disparate impact, data breaches, physical safety issues, and property damage. Existing regulatory regimes have not anticipated these damages to effectively avoid injury, and it is yet unknown how existing products liability, common law civil recovery under contracts or torts schemes, and due process procedures, will apply to these products and the data they process. This paper explores the technology and market of IoT, potential consumer impacts resulting from a lack of consistent and complete legal framework, whether IoT regulation is appropriate, and how the U.S. can balance market needs for innovation with consistent oversight for IoT manufacturers and distributors.

Keywords: Artificial intelligence, machine learning, Internet of Things, Federal Trade Commission, algorithm, big data, cloud, innovation, product safety

Suggested Citation

Tschider, Charlotte, Regulating the IoT: Discrimination, Privacy, and Cybersecurity in the Artificial Intelligence Age (February 24, 2018). Denver University Law Review, Forthcoming; TPRC 46: The 46th Research Conference on Communication, Information and Internet Policy 2018. Available at SSRN: or

Charlotte Tschider (Contact Author)

DePaul University College of Law ( email )

Chicago, MN
United States

Register to save articles to
your library


Paper statistics

Abstract Views
PlumX Metrics