ArticlePDF Available

The Internet of Things : a New Paradigm for Regulation

Authors:

Abstract and Figures

The forecast and estimates of the coming IoT as the “next Big Thing” have been made for almost a decade. After so many announcements, the first clear results have now started in the industries and services. IoT is highly diverse and open to different application field. These demands did not take place on the most publicized – and often less anticipated objects - (the connected toothbrush for example) but on applications that improve and directly transform business processes through automated capture of essential information such as volumes, time, movement, temperature, incidents ... These developments are already structuring sectors as diverse as energy, transport, automotive, agriculture, insurance, health, etc. On the consumer side too, demand will grow stronger on house and everyday life facilities, from shoes to cars, through heating, cooking, safety… but the pace will probably be slower as shown by the humble initial stages made by connected watches or glasses. The IoT cannot be reduced to one specific technology but rather a system of systems that give space and call for flexibility. It encompasses various technical solutions which enable to identify objects and pick up, store, process and transfer data not only in physical environments but also between physical contexts and virtual worlds. The interoperability between the integration systems of all the components induces strong complexity. As a consequence, IoT can be characterized by some main dimensions. On the one hand, its strength is rooted in the pervasiveness and overall connectivity (very strong interrelations between connected devices and mobility features, geolocation (e.g. health and safety.), social networks, cloud, big data, nanotechnologies). On the other hand, its take-off benefited from the diffusion of smartphones and tablets since they have a key role as shared standard interface (cf. self-quantified and wearable devices). The current forms of innovation and their related strategies are helping to radically redefine the traditional configurations of the very firms and markets on which the principles and practices of regulations are based. These generic features naturally weigh on the characteristics to be expected from the regulation of IoT. They include, firstly, the identification of the major guidelines requested by the IoT. They call, secondly, to be articulated with other specific decisions depending on more general technological regulation (spectrum management or FttH architecture for instance). It assumes, more generally, to shift from a "reactive" regulation (whether it be ex ante or ex post, symmetric or asymmetric) to a “proactive” one, which is less about defining the architecture of roll out of settled technologies and the corresponding competitive issues between incumbents than anticipating a deep-emerging sector already knowing the significant impact it will have on the economy of electronic communications. It could be said, therefore, that regulating the sector, far from impeding the development of innovations, actually served as something of a neutral arbitrator for technological developments, if not actually a breeding ground for them. In this context of rapid technological progress, opening markets to competition acted as a clear driving force.
Content may be subject to copyright.
1
The Internet of Things: a new paradigm for regulation?1
Pierre-Jean Benghozi (Ecole Polytechnique, ARCEP)2
Guillaume Mellier (ARCEP)
Journal of Law and Economic Regulation, Vol. 9, No 1, (2016, 5)
1 A preliminary version of this paper was presented during the 12nd Annual International Conference, The Internet
of Things: Legal Issues and Challenges towards a Hyperconnected World, Organized by the Center for Law & Public
Utilities - College of Law/School of Law, Seoul National University, Hawaii, November 2015
2 Corresponding author: pierre-jean.benghozi@arcep.fr
2
Table of contents
The Internet of Things: a new paradigm for regulation? .........................................................................1
Introduction ................................................................................................................................2
Economy .....................................................................................................................................5
The IoT and Data: two inseparable outlooks ..................................................................................7
Public action and public policy ......................................................................................................9
Standardisation and interoperability at stake ................................................................................. 15
Spectrum management ............................................................................................................... 18
Connectivity: switching, roaming, addressing, numbering and portability ....................................... 21
Security...................................................................................................................................... 23
Conclusion ................................................................................................................................ 25
References................................................................................................................................ ......... 28
Introduction
The announced figures for the development of the Internet of Things (IoT) are impressive: some
believe that more than 15% of objects – up to 50 billion devices – will be connected to the
Internet within 5 years. They are expected to generate a quarter of all global data for these
solutions, in a market valued at $7,000 billion. Westerlund et al. (2014), and Gershenfeld and
Vasseur (2014) assume that the internet’s impressive growth over the last decades is about to be
overshadowed as the ‘things’ that surround us start going online.
We have been hearing predictions and estimates for IoT as the ‘next Big Thing’ for almost a
decade. After so many announcements, the first clear results are now starting to be seen in
industries and services. The strongest demand has not been for the most publicised and often
less anticipated – objects (the connected toothbrush for example) but for applications that
improve and directly transform business processes through the automated capture of essential
information such as volumes, time, movement, temperature, incidents …These developments are
already structuring sectors as diverse as energy, transport, automotive, agriculture, insurance,
health, etc. On the consumer side too, demand will grow for household and everyday facilities,
from shoes to cars, by way of heating, cooking, security systems …but the pace will probably be
slower as the humble beginnings of smart watches and glasses has shown. Thus, IoT objects are
highly diverse and open to different applications:
- industrial applications: Intelligent manufacturing and supply enabled by machine-to-
machine (M2M) applications in the ‘industrial internet’
- retail, logistics and product management, e.g. Radio Frequency Identification (RFID)
tagging of goods, monitoring for conservation of perishables, sensors and actuators to
track and control the use of products
- monitoring for safety and security, e.g., cameras and biometric readers
3
- smart cities, smart homes and smart buildings, e.g. lighting control, EV charging,
emergency services, joining up ‘smart buildings’, home automation and ambient assisted
living (AAL)
- smart transportation, e.g. unmanned and self-driving vehicles
- smart health and public sector services, e.g. telemedicine
- smart grid infrastructure: energy saving, electricity and water management, network
management and metering, renewable energies for the network load balancing
environmental monitoring, e.g. monitoring of air quality.
Such a rapid growth has already been proven by the evolution of France’s M2M SIM card base
Fig 1. Number of M2M SIM cards in France (Source: ARCEP)
Fig 2. M2M SIM cards number and net annual growth (Source: ARCEP)
Atzori et al. (2010) point out that three different visions of the Internet of Things paradigm are
being proffered by the different scientific communities. The first vision is internet-oriented: it
takes into consideration that current perceptions of the IoT are greatly influenced by available
4
infrastructures (networks and Internet protocols), existing follow-up processes and the main
players. A second vision is more things-oriented: according to Ngai et al. (2008) and Presser
(2009), RFID in particular stands to be the driving paradigm for the Internet of Things, with
specific attention being dedicated to item traceability, addressability technologies and sensor
networks. This is mainly due to its maturity and low cost, and consequently its strong support
from the business community. But its development is clearly not limited solely to technical
aspects. The stakes are economic and social, as well as political, philosophical, cognitive, legal and
ethical – thus demanding we tackle these questions simultaneously in a semantically-oriented
perspective. How the public and authorities view these stakes is not entirely free from confusion.
Consequently, various authors propose a vision of the IoT as a global comprehensive
infrastructure which connects both virtual and physical generic objects, including existing and
evolving internet and network development. This has both technological and regulatory
consequences; reducing the complexity of the layers and IP stack need to achieve a protocol
designed to route protocols and address over anything (Gershenfeldt et al., 2004).
The concept has changed over the years, as has its name: Internet of the Future3, Internet of
Things, Connected things …almost everyone agrees that the IoT is a fundamental property of
tomorrow’s Internet, but no standard, unified and shared definition of the IoT has yet been
devised.
The term ‘Internet of Things’ was not, originally, an academic or scientific concept. Neither was
it a technological concept proposed by suppliers and telcos. It was actually coined in 1998 by a
practitioner at an industrial company (namely Procter & Gamble): Kevin Ashton. It has now
become the new paradigm of the internet, gaining more and more attention in academia and
industry (Santucci, 2009). Technically speaking, the IoT is an extension of the naming system in
the sense that it is possible to associate digital identification (e.g., IP address or RFID code) and
physical elements (like a pallet in a warehouse, or a sheep in a flock) in a standardised way. Yet
the very nature of the technological ecosystem of the IoT remains undefined. This explains why
the boundaries of the IoT and its markets are blurred. Likewise, no unique definition is accepted
and shared by its community of users. Madakam (2015) underlines that many different groups
including academics, practitioners, innovators, developers, consulting firms, the public and
professional bodies have proposed their own definition of the term. All these definitions have in
common the idea that the first version of the internet was about connectivity of locations and
offices, the second version about the connectivity of people and therefore use in mobility, while
the next version is about data created by things.
Consequently, the IoT cannot be reduced to one specific technology. Rather, it encompasses
various technical solutions which enable the identification of objects and which collect, store,
process and transfer data not only in physical environments but also between physical contexts
and virtual worlds. Interoperability between the all the components’ systems creates a great deal
of complexity. The major concern is thus how to improve and better connect and integrate
existing technologies. According to Preuverners et al. (2008), the aim of ubiquitous solutions is
actually to help detect and find answers to changing contexts: they must be able to collect, store
3 The term was used in the 7th European Framework Programme for Research on information and communication
technologies, the first European milestone fully devoted to the networks and services of the future.
5
and manipulate a given context to adapt a service to a specific situation and to a specific user.
Consequently, the IoT is not a technology but rather a system of systems that demand flexibility.
Despite which, it is possible to characterise the Internet of Things by some of its main
dimensions. On the one hand, its strength is rooted in its pervasiveness and overall connectivity
(very strong interrelation between connected devices and mobility features, geolocation, e.g. for
health and safety, social networks, cloud, Big Data, nanotechnologies). On the other hand, its
rapid rise benefited from the widespread adoption of smartphones and tablets since they have
had a key role as a shared standard interface (cf. quantified-self and wearable devices).
The current forms of innovation and their related strategies are helping to radically redefine the
traditional configurations of the very firms and markets on which regulatory principles and
practices are based. These generic features naturally weigh on the characteristics to be expected
from regulation of the IoT. They include, first, the identification of the major guidelines
requested by the IoT. Secondly, they need to be addressed in relation to other specific decisions
depending on more general technological regulation (spectrum management or FttH architecture,
for instance). From a more general perspective, the process assumes a shift from ‘reactive’
regulation (whether ex ante or ex post, symmetric or asymmetric) to ‘proactive’, which is less
about defining the architecture of the rollout of settled technologies and the corresponding
competitive issues between incumbents, than anticipating the emergence of a massive sector
already aware of the significant impact it will have on the economy of electronic communications.
As noted by Benghozi et al. (2009), it could therefore be said that, far from impeding innovation
development, regulating the sector actually served as something of a neutral arbitrator for
technological developments, if not actually a breeding ground for them. In this context of rapid
technological progress, opening markets to competition acted as a clear driving force.
Economy
The development of the IoT is part of the ongoing evolving framework of the digital economy.
The IoT is a robust environment for the development of innovative new products and services.
Nevertheless, and paradoxically, despite its importance being widely recognised in all the
economic foresights, various authors (Atzori et al. (2010), Benghozi et al. (2009) Westerlund et al.
(2014), noted that very weak, rare and infrequent economic research on the IoT had been made.
The latter underlined that the scarce studies on the IoT have focused on the technological
platform and a single firm’s business models (Uckelmann et al., 2011; Leminen et al. 2012, Oliver
Wyman, 2015). These innovations give a key role to the start-ups and young companies (Basiliere,
2014).
New generations of infrastructure incentivise operators to find new value drivers. This was, in
recent years, the case with the development of 4G or fibre or, similarly, with the growing
technical convergence between services and infrastructure, as well as fixed and mobile networks,
therefore related to mobility and connection locations. The economy of connected objects is a
natural part of these dynamics… but raises specific concerns related to its radical features and the
different technical solutions. The variety of IoT business models is due to the variety of technical
systems: Bluetooth Low Energy technology can be integrated into an object for €2, including the
battery, or passive RFID tags for pennies.
6
The dynamics of IoT economics force a rethink of the digital industry’s economic framework for
several reasons. Beyond the basic definition of the IoT as connected things, various authors and
practitioners assume that the IoT is also strictly related to additional dimensions of information
system applications and architecture such as Big Data (Institut Montaigne, 2015) or Cloud
computing (Gubbia et al., 2013).
On the one hand, the infrastructure and network economy is different from the data economy.
The first is a fixed cost industry, where network effects are significant. And even if data flows are
extremely labile with low marginal costs, they rely on the construction of infrastructures that
enable them to migrate, to be collected and shared. Moreover, According Hagel et al. (2009), a
big shift in information management is underway that requires less emphasis on getting economic
value from knowledge ‘stocks’ (that which we already know) and instead prompts us to get value
from ‘flows’ (the dynamic structure of data).
On the other hand, users and objects are not simple consumers, as is usually the case. It is indeed
their very activity that leads them to provide information and produce the constituent traces of
data to be operated on. The World Economic Forum (2015) underlines that new value creation is
made possible by massive volumes of data from connected products, and an increased ability to
make automated decisions and take action in real time. It will support the emergence of an
outcome economy, fuelled by new connected ecosystems, software-driven services; innovations
in hardware; the increased visibility into products, processes, customers and partners…
collaboration between humans and machines. One of the conclusions of the World Economic
Forum is that global companies need clear legal guidelines over data ownership, transfer and
usage.
The success of connected objects is not only related to the services they provide but also to their
forms of value creation: extension and simplification of uses (gestural control or wireless
speakers, for example), enriched information and customer relations, enhanced functionality
(multi-screen TV, automated driving). Consequently, all forward-looking assumptions emphasise
the great value that will be created by the IoT. In contrast, it is important to note that unlike
other electronic communications services, the bulk of this value is mostly internalised by users
and the value of service is high compared to the cost of connectivity. Indeed, the IoT is mainly
addressed to industrial actors and B2B markets; as a result, IoT applications essentially bring
about productivity gains and not necessarily formal economic transactions between actors.
Conversely, IoT-supported communications have a rather low intrinsic value because they bear
little traffic by themselves, without great demands for bandwidth or QoS.
Thus, IoT networks are structurally different, economically speaking, from other telecom
infrastructures. Mazhelis et al. (2012) sought to reflect the business model of the IoT from the
notion of platforms, now used increasingly often in the digital economy, both through its ability
to provide the technological support of modular continuous innovations (Gawer, 2009) and as
the basis of income as part of externalities and two-sided markets (Rochet and Tirole, 2003). It
seems however that such a perspective covers only very weakly observable current strategies of
IoT actors. In the current phase of the ecosystem’s emergence, rather we discern a strong
breaking up of the technical solutions and applications corresponding to players’ exploration of
successful effective solutions.
7
Several strategies are currently deployed in IoT networks. They are marked by several important
features that warrant highlighting. The first involves the creation of competitor alliances and
consortia which have formed in every technical layer. Another characteristic is the alternatives
emerging between different initiatives. Some are ‘legacy’ (see Sigfox) and aim to develop
internationally autonomous infrastructure from end to end, allowing one-stop shopping.
Conversely, other networks are trying to build themselves up based on interoperable standards,
taking a more conventional approach in the telecom world, leaving the possibility of a much
more open ecosystem.
The IoT and Data: two inseparable outlooks
After years of difficult rollouts, the IoT’s potential importance is now largely recognised. Its
benefits are indeed multifaceted. It provides a new outlook for the telecommunication sector, it
supports growth and innovative services in every industrial sector: and it gives space to radical
new applications in terms of ‘Big Data’. It is thus necessary to take into account the fact that
there is both an ecosystem built around data and an ecosystem built around the technology. The
two overlap and are inter-related… as a result of which the most effective data protection is
based on the so-called ‘privacy by design’ protocols where protection mechanisms are directly
integrated into the design of objects and communication protocols. But both perspectives of data
and technology can also call of regulatory perspectives - and therefore objectives and regulatory
bodies - very different. In one case as in the other, it calls for more coordination and ex ante
regulation.
The principle of the IoT relies on the ability to collect status or environmental information on
every object or device in order to develop unfamiliar knowledge through the extensive processing
of these data. The IoT will thus structurally bring about the creation, transmission and relay of a
considerable volume of data, generating their continuous analysis, and, as a result, triggering new
communications and controls. While that might appear surprising, the great strength of the IoT –
essentially a technology system – is its ability to react nimbly to data capture and data processing
flows and to use it to rethink the services and features of related objects. Thus, the usage data
collected by a connected car (for example on fuel consumption, speed, temperature) not only
serves to improve driving but may, by aggregating other similar data, provide more ‘macro’ data
on traffic, weather, accidents…
As such, the IoT puts protection of privacy at stake. It means, for example, formulating simple
conditions and shared frameworks for the collection and sharing of data. This, however, is not
at least not directly – the heart of the problem for technical and economic regulation such as that
defined by ARCEP. Additionally, the quite legitimate focus on the issue of privacy must not
overshadow another essential dimension of the data protection, involving not only data on
individuals, but also companies’ sensitive data. Indeed, new problems have arisen concerning the
integration of information on production processes or the circulation of objects. Access to such
information – even when it is partial – often has strategic value for rival industrial partners or for
those involved in trade relations. One can therefore wonder if the protection of industrial data
will not require dedicated rules and regulations from organisations.
8
Beyond personal protection issues, data processing also raises specific technical issues. The
efficiency and performance of IoT systems are based on the long-term access to and preservation
of the data collected. These data are often – continuously captured by sensors in order to
enrich local user applications and services. But such local storage and processing might reduce
interoperability and data portability, making such data unavailable to other applications and to
specific combinations of services.
Data collected by the IoT are manifold. On the one hand, they can be related to private (personal
or industrial) data, in the sense that these sensitive data are strictly correlated to a specific user:
this might be the case for health or quantified-self things designed to record personal information
on individuals. On the other hand, these data can also be a priori anonymous and very
rudimentary. This might be the case for wearables or smart objects such as connected
thermostats or light bulbs: they are switched on or off but will be constantly connected to
transmit data back to the manufacturer. In this case, the combination of simple, abstract and
basic data can be made available to characterise a specific user. Consequently, privacy is not only
a matter of sensitive data embedded in connected objects but also the very result of the
generation of data flows created by the constant interactions between individuals and objects.
The difficulty here lies in balancing the nature and volume of the data collected with the expected
use in relation to the object: think, for example, of the ability to use the size and weight of an
individual to automatically program the setting of the car seat. IoT capabilities cancel, to some
extent, the possibility of retaining anonymity in the use of any day-to-day service or activity:
television, smartphone, smart meter, credit cards, transportation…
Note that a large number of economic actors are involved in the data flowing between associated
objects (including in various countries): telecom operators, device and sensor manufacturers,
application developers and service providers, control interfaces, data aggregators, third party
users. The wide variety of technical solutions and applications developed around the IoT can run
into the requirements of every section of economic and social life, on a very broad scale. This
contributes to the proliferation of services and players involved in the ecosystem’s development:
whether incumbents or new entrants.
Ofcom (2015) notes that this calls for particular difficulties in order to control such a wide range
of different stakeholders including the important international dimension: data captured in one
country may be processed, stored and shared in different countries with different data privacy
regimes, and calling for unusual roaming concerns (permanent roaming e.g., cf. BEREC, 20154).
The success of IoT applications rests on their simultaneous dissemination in all sectors and
among all partners involved – from suppliers and ISPs to industry and final users. The economic
issue at stake is therefore: who is creating value, who is capturing value, who is investing in
technology and applications? The corresponding actors are very different. The economics of the
IoT and data are not simple to analyse because the valuation of data can be based on several
different business models: selling user profiles, selling visibility or SEO (e.g. Google.), selling
predictable behaviour, (e.g. Criteo), selling performance (data-supported efficiency), selling goods
4 This is, for instance, the case for products built in a specific country then used and stored permanently in another
one.
9
(e.g. connected objects using data processing as Withings does), selling aggregation or data
processing.
We observe both a multiplicity of uses and valuations of this data and, conversely, the absence of
an actual understanding of the economic value of given data and how to monetise it. In
particular, the economics of data is not an information economy: data does not have a given
value per se but it takes its value from the flow of data. Data does not have clear recognised
value, and economic mechanisms. For instance, what is the price of an electrocardiogram as
usable data? What is the price of my geographic position?
Public action and public policy
From a national policies viewpoint, the IoT is therefore a noteworthy potential key driver for
innovation, modernisation and competitiveness in the whole economy, as well as a more specific
opportunity to develop new offerings and to address new markets in the field of sensors and
embedded intelligence, connectivity services, cloud or Big Data. The IoT will support a variety of
new services with quite specific characteristics (health, cars, building, devices . . .). Consequently,
this creates an opportunity for governments to develop a national industry in a developing area
while economic games are still being played worldwide.
An industrial policy strategy
After losing the battle of the Internet 2.0 and platforms (the ”GAFA”), it is possible to get back
into the game thanks to new technological challenges. This is clearly the strategy for France and
Europe. French companies are thus well positioned in areas such as open wireless sensor
network infrastructure with the low-speed technologies LoRa and Sigfox. Firms are also
demonstrating a remarkable dynamism in product innovation, and dozens of French companies
attended the last Consumer Electronics Show in Las Vegas, resulting in a clearly proactive
strategy that aimed to highlight the scale and inventiveness of the French industry in this
emerging field.
At the State level, connected objects represent a reindustrialisation lever to create new sectors to
produce these new objects, but also to support more efficient markets and competitive
production tools, and to stimulate the digitisation of the economy. Today, France and Europe are
home to none of the major Internet firms and platforms.
Consequently, as the Institut Montaigne (2015) reminds us, since the early days of the internet, all
French governments have gradually been equipped with instruments to meet the challenges of
the digital revolution (though not always to avoid a dispersion of initiatives and a chronic
weakness of the administrations in charge of those actions). Examples include:
- the creation of an inter-ministerial Department of information systems to help the
dissemination of digital culture and break down barriers between information and
communication systems used by Government departments and agencies;
- the establishment of a National Council for Digital Affairs (CNNum);
- the establishment of industrial action plans including Big Data and connected objects as
part of strategic areas;
10
- the establishment of a chief data officer, for the first time at the national level in Europe;
- very proactive development of superfast access via FttH;
- support for entrepreneurship (French Tech label and clusters).
In recent years, the French telecom market has provided fertile ground for the expansion of the
connected objects ecosystem. France actually created the first connected objects and
technological platforms very early on thanks to the Freebox and Livebox that provided a local
Wi-Fi node, making it possible to connect various objects including a TV. Consequently, a first
generation of successful digital entrepreneurs emerged, such as Withings and Netatmo. In
addition to service providers and device manufacturers, technological specialists in components,
infrastructure networks, software and big data emerged such as Sigfox, Oledcomm, Gemalto,
STMicroelectronics, Criteo…
An evolving context for public action
A unique trait of the innovation process in the digital – and therefore the IoT – economy is that
it is particularly radical in the way it overturns, or at least circumvents, the system of regulations
and rule-setting. Rapidly changing innovation contexts challenge the phases of regulation, as
such. Regulation is required to grapple with a context in which intense competition to win
markets is alternately routinely followed by situations in which there is cooperation and non-
competition in the market. Stiglitz in 2002 noted that regulatory frameworks regulate – with
varying degrees of success – the restoration of competition between permitted monopolies.
This issue arises naturally, especially with the IoT. The important – and alternative question is
what balance needs to be struck between proactive and centralised monitoring, helping to quickly
establish a development framework in which companies can project themselves, and light-handed
regulation that allows innovations and technological rivalry to unfold before setting limits.
The expansion and growing attention given to IoT systems is the result of their potential impact
on individuals and businesses. Their development raises various public and regulatory issues, and
regulators clearly have a role as enablers of the IoT. Atzori et al. (2010) summarise existing IoT
approaches and researches from available literature. Their conclusions highlight that key relevant
issues are to be faced and dug up by the research community: namely networking, security and
privacy. Considering the very high number of items involved in the future internet, they suggest,
in particular, that issues related to how to represent, store, interconnect, search, and organise
information generated by the IoT will become very challenging.
From the perspective of a telecom regulator such as ARCEP, the issues at stake are, at first view,
a continuation of the subjects being treated today, and which we have already mastered through a
clear legal role: spectrum management, infrastructure design, numbering and portability, licensing,
consumer protection, competition investment and innovation for instance. In this respect, the
IoT is no different from electronic communications regulation. Yet, the IoT also raises some
concerns that are closely connected to previous ones but handled by other regulators and
therefore demanding, some fresh forms of interaction and coordination between the various
authorities: this is particularly true for standardisation, privacy and data protection, network
resilience and security.
11
Moreover, Westerlund et al. (2015) consider as well that the evolution of businesses’ perspective
on the IoT is partly driven by the change of focus from viewing the IoT primarily as a technology
platform to viewing it as a business ecosystem. They underline three major challenges of
designing an ecosystem business models for the IoT: the diversity of objects, the immaturity of
innovation and unstructured ecosystems. According Yang et al. (2010), learning from past and
current attempts to regulate the Internet, the concept of ‘multi-stakeholder in governance’ should
be perceived as the new way forward in favour of the inclusion of the whole society (Weber,
2009).
At a time when the level of telecommunications equipment and traditional connections have
probably reached saturation in developed countries, the IoT requires heavy investments to
improve chips, sensors and readers, and to create and disseminate new services. These
investments and developments are supported at the State level, by industrial firms and individuals
as well, and they should go a long way to boosting the internet’s growth. In this respect, they
represent a strategic angle for telecommunications operators. The expansion of applications
associated with the IoT could contribute to the increased promotion of high bandwidth
architectures. A situation of wide-scale use throughout the world could also raise serious
bandwidth issues caused by the flow of connections and their redundancy.
The issues at stake for regulatory bodies
Faced with the twin challenges of regulation (aimed at stimulating innovation and
competitiveness levers on the one hand, to define coherent and sustainable framework for
connectivity on the other hand), several questions appear to be the subject of attention for
NRAs: understanding the ecosystem and the balance of the value chain, to set and control the
relevance and quality of connectivity (functional requirements, coverage, frequency, access,
interconnection...), to ascertain interoperability (needs, standardisation, platforms), to monitor the
use and protection of personal data, to ensure the security and resilience of infrastructure and
applications.
The IoT holds significant prospects of growth for almost every company, whether big or small,
presently operating or not in digital markets. Smart connected products induce a new range of
strategic choices as to the way in which value is created and captured, to the manner in which
companies work with their old and new partners, and the way in which they provide a
competitive advantage, while new opportunities are redefining the perimeter areas.
The IoT is a growing field of operation for public actors, regulators and private sector. Which is
why it has become the focus of a growing number of actions devoted to defining the institutional
framework and financing significant investments in IoT research and development. Both are
aiming to support modularity, reliability, flexibility, robustness and scalability.
When grappling with IoT policies, all public authorities pay strong attention to the need to
promote economic growth thanks to technology development and innovation. But they consider
such an objective in two different ways: some are taking a relatively hands-off approach to
regulation whereas others (notably Europeans) are considering taking a more pro-active approach
(especially for privacy and data). (Benghozi et al., 2009).
12
IoT regulation is partly associated with various existing regulatory tools: economic control of
competition and vertical integration, spectrum management and net neutrality. More precisely, it
calls for the consideration and implementation – of public authorities’ intervention and multi-
level action. This is made difficult for several reasons. Regulating the IoT does not fall under a
single regulatory body, which requires a rethink of the interplay between the different regulatory
and legal systems: privacy, competition, cyber security; the protection of public freedoms falls
under the purview of the CNIL, Hadopi, CSA; legal, technical and economic regulation falls
under the purview of ARCEP, the Competition Authority and other IAA such as ARJEL for
online gaming.
Given the blurred boundaries and the convergence between various technological sectors and
fields of application, policymakers are tempted to align and federate regulatory authorities to keep
pace with the segmentation of the objects of regulation. The question is whether the overlapping
of sectorial and territorial spaces calls for wider responsibilities for and increased coordination of
regulatory authorities, at the national or international level. Such coordination between the local
and the international levels is particularly important for the IoT. The specificity of connected
objects and related data is to migrate and be exchanged at national, cross-border and cross-sector
levels. However, network regulation and practices are mostly implemented at the national level.
Consequently, we must consider soft regulation in order to achieve effective coordination at a
local and international level. While this problem is not specific to the IoT, the IoT does give it a
certain magnitude.
Some players assert that the only way to balance the growing power of dominant players when it
comes to data would be a principle of separation to avoid vertical integration attempts, OTT
seeking to control the value chain (from content and services and on through network
infrastructure) and several layers that were otherwise separated by the IP protocol: in order that
applications developed for some object/devices should not be, for example, discriminated against
by other object/devices. This perspective is very close to the spirit of net neutrality but is more
difficult to implement in IoT for heavyweight business applications (B2B, logistics, private
networks), specific critical services (security or e-health) or for open distributed infrastructures
(e.g. Wi-Fi): for various reasons, all of them might call for differential treatment of the associated
flows.
Under these circumstances, the development of the IoT raises a wide range of regulatory issues
to be anticipated in order to organise the upstream playing field. These include, among others:
- Support for a large volume of devices, connected things and information transfer is a key
challenge for network management and calibration, and to enhancing coverage. In both
cases, the specificities of IoT connectivity call for requirements that are different from
those expected in the traditional internet of individuals: B2B instead of B2C,
monetisation, location, deep in-building penetration, low power, latency, reliability….
Moreover, these requirements may be very different from one another depending on the
various services at stake (automotive, alarm systems and smart utility metering, high value
services (including smartphone apps). These specificities influence the choice between the
various solutions: devices a with very long battery life needs might require, for instance,
specific connectivity to optimise energy consumption.
13
- Interoperability, for instance, will be especially vital, and competition already exists over
strategic resources such as standards, software systems and API. The security and
integrity of the systems will also be a determining factor, as well as the protection of user
data and the latter’s ability to switch from one system to another.
- Different technologies support wide-area IoT connectivity: standardised solutions (2G,
3G, 4G, Wi-Fi…) as well as proprietary end-to-end solutions such as Lora or Sigfox. On
the one hand, these solutions are different in their technology and supported architecture,
and, on the other hand, in their business model and data management. Yet, these
technologies will coexist and give rise to hybridisation. As highlighted by Nokia in 2014,
LTE enhancements will eventually enable parts of these technologies to migrate to LTE
networks.
- The cost of connecting things and devices is another important dimension at stake.
Contrary to human users where connection represents significant value per user,
connected things require low cost connectivity and roaming since they bring lower global
value (except in some very specific cases such as health or safety): some connected things
have sporadic and irregular connection and are even dormant most of their life but
should still be able to access network resources if needed (cf. alert and security). As a
result, contrary to human users, connectivity accounts for a relatively low proportion of
overall revenue. But connecting devices in wide-area and remote locations is expensive.
Connecting costs are even higher when they correspond to particular convergent
architectures, e.g. combining fixed and mobile networks to provide coverage in basement
(meters) or in buildings (elevators).
- Given the (expected) growing number of connected things and devices, network
architecture, overload and congestion control will be a priority for the regulator, especially
when some part of the infrastructure will be shared with other users and applications
calling for different requirements, in terms of priority, bandwidth…
- The range of evolving technology options likely to be used to deploy IoT services
suggests that NRAs should monitor market developments and spectrum use/demand.
This could require making new bands available, liberalising the use of existing bands or
opening up bands for access on a shared basis.
The European perspective
At the European level, the Body of European Regulators of Electronic Communications
(BEREC) launched a working group in 2014, initially centred on M2M issues, later enlarged to
include IoT issues, in order to explore the fields where regulatory clarification/updates/reviews
may be needed. The initial findings were recently put to public consultation and submitted to
stakeholders for feedback. BEREC identifies several points to add to its regulatory roadmap of
M2M in the context of the EU Telecommunications Framework.
- At national level, stakeholders sought clarification from NRAs with regard to the
applicable EU regulatory framework for electronic communications services (e.g.
notification regime) in the IoT value chain. Under the present regulatory framework, the
connectivity service provider that provides connectivity over a public network for
14
remuneration is responsible for compliance with the obligations deriving from the EU
regulatory framework According to such an approach, M2M users would not be subject
to the rules of the EU regulatory framework. However, a service would be deemed an
electronic communication service if the M2M user wholly or mainly resells connectivity to
the end-user. BEREC concludes that such regulation should be assessed case-by-case
and, will need to consider to what extent existing rules, which were primarily construed
for voice telephony, also fit to M2M communications.
Fig.3. BEREC M2M value chain
- The M2M sector is a transnational market of services in which a significant part of the
devices supporting those services is conceived for global mobility, not only on the basis
of national location or temporary mobility. In this context, the possibility and the
economic terms under which such connections can be provided are those of international
roaming. M2M connectivity services might be a truly European-only market. Yet, the
Roaming III Regulation is unclear regarding the admissibility of permanent roaming as
such, as well as its applicability to these situations. Considering the legal uncertainty and
risk of a case-by-case approach, the European Parliament and the Council proposed
amendments to explicitly mention permanent roaming. It suggests that operators may
include conditions in the reference offers to prevent permanent roaming; however, these
provisions, mainly designed for person-to-person communications in the introduction of
‘Roam Like At Home’ at retail level, do not differentiate between person-to-person
communications and M2M communications. A review of the wholesale roaming market
has to be finalised by the European Commission in mid-2016, so it might be worthwhile
to consider an access right for permanent M2M roaming (albeit subject to no wholesale
cap control or certain wholesale cap levels).
- Today, if a customer intends to change connectivity service providers, they need to
physically replace their SIM card. The costs of doing so might prevent switching the
connectivity service provider (lock-in). Remote re-programming of SIM over the air (i.e.
OTA provisioning) in order to switch connectivity service provider remotely is likely the
key to mitigating the lock-in issue of the M2M value chain, by dropping the cost of
dispatching a technician to upgrade M2M devices. NRAs could have good reasons to
become active on this issue.
- There are no specific rules in EU privacy directives with regard to M2M services as such.
As yet, BEREC has not identified a need to deviate from the basic principles of data
protection law for M2M.
End
-
User
M2M
User
Connectivity
Service
Provider
M2M
Service
Provider
End
-
User
End
-
User
15
- The convergence of networks and services has exposed the sector’s regulation to a new
problem: how to ensure, in a context of rapid development of uses and explosion of data
traffic, that users continue to have access to a wide diversity of services while maintaining
balanced relations between all the actors along the Internet value chain?
Beyond these points that have been explicitly raised by the BEREC, other regulatory issues
also seem worth mentioning.
- Data interconnection and transmission are at the heart of the digital economy’s economic
and technical structure. By nature, they lie within ARCEP’s remit. As regards the nascent
IoT market, more than the mere authoritative setting of prices or regulations, the
Authority’s objective includes setting up market conditions that enable its self-
organisation and development.
- Regulators have to overcome the fragmentation of data processing, because it leads to a
low level of security and low transparency. Given the multiplicity of actors and sites that
collect the data, there is no way of knowing who does what. Conversely, regulators also
have to consider vertical integration to prevent a few major players from abusively
dominating control of personal and industrial data, which are critical to economic
competition.
- Regulatory actions must respond simultaneously to a double risk of abuse relating to the
capture and integration of data and data processing. As a matter of fact, the actors that
collect data are not necessarily the same as those who will process and use them. The case
– and the relative failure in France – of shared medical records demonstrates that
organising the management of information flows is more complex to master than merely
establishing shared technical solutions.
- No data can exist without infrastructure (servers, datacentres, backhaul networks) and
regulation requires effective infrastructures. It is therefore important to ensure
interoperability to support the development of IoT services: horizontally between services
and networks (access) and longitudinally: throughout the life of a product and its
associated information. Regulation should be designed to overcome fragmentation
leading to low security and integration, which leads to abuse of dominant position and
misuse of personal and industrial data.
Standardisation and interoperability at stake
The IoT raises major standardisation issues. Indeed, many standards are competing, including in
the different layers. In the case of connectivity, for instance, the range of applications begins with
the traditional Wi-Fi and Bluetooth, contactless and RFID technologies, and up to proprietary
and specific standards for the automation of communicating objects (Zigbee, Z-wave ...)
Atzori et al (2010) note that almost all authors dealing with the IoT underline the important role
played by standardisation. Yet no comprehensive framework emerges from the literature. Even
when considering a broad definition, the development of IoT still remains highly fragmented
which in turn limits it potential expansion. According Madakam et al. (2015), though the IoT has
16
abundant benefits, standardisation is a major flaw in IoT governance and implementation. His
key observations in the literature are that there is no standard worldwide definition, that universal
standardisation and interoperability are required at an architectural level and, consequently, that
building standard protocols is a central stake for better global governance.
With open standards and interacting protocols, the boundaries between sectors and industries
move and become porous. The problem arises for both technical interoperability and for the use
of data. The ability to capture and exploit new data consents players to grow beyond their
traditional positioning combining multiple sources of data.
The IoT supports new technology infrastructures consisting of many interconnected layers, each
associating different standardisation processes: devices, software applications, embedded
operating system, communication network, distributed servers and storage system, application
platform, aggregating and processing data platform. Each layer opens up the possibility of
specific dominating strategies. For example, in order to support an open IoT approach where
objects could transmit data and connect freely with each other, Google developed the Thread
alliance, integrating Zigbee communication layer with Nest and laying bridges with other
consortium such as Intel’s Open Interconnect Consortium. Similarly, the Allseen Alliance
promotes, with the Linux Foundation and Qualcomm, an open Source: platform and open
standard in order to support large equipment interoperability (Olivier Wyman, 2015).
Such heterogeneity and alliances have several consequences. Devising alternative competing
ecosystems, they might reduce the positive externalities of network economy and thus limit the
expansion of IoT services. This means negative externalities for the consumer, locking her into
legacy technological system, and reduces the ability to provide a satisfactory controlled security
environment.
The importance of standardisation issues in the emergence phase of the IoT creates serious
uncertainties over the ecosystem’s evolution and future market structure. The weight of network
externalities and how the Internet has developed indeed reveal a clear trend towards
concentration and monopolistic competition and dynamics (cf. Google in Search or Facebook in
social network). We can therefore expect rather unprecedented industrial structure, characterised
by several competing standards in each layer: between standards, between infrastructures
(Sigfox/Lora) between service providers, between actors using the IoT.
This makes it particularly important to establish very early a regulation by design. In order to face
much more structured commitments, informal ecosystems turn to transform themselves into
actual competing consortia. They are established so quickly that latecomers find it difficult to
dominate or design new system (Olivier Wyman, 2015). As a consequence, even the major actors
decide to join existing ecosystems rather than develop their own strategy: in 2015, Samsung,
Somfy, ARM, Pebble, Jawbone, Philips and LG joined Nest/Dropcam. It is interesting to note
that, confronted by such alliances, instead of supporting a legacy solution as it used to do, Apple
decided to open its ecosystem and home automation solution on Thread/Zigbee with the iPhone
as a control hub; consequently, Apple could launch the HealthKit health application and the
connected home management application HomeKit with robust partners such as Philips,
Honeywell, Haier, Netatmo, Withings (Olivier Wyman, 2015). Success in such alliance thus
requests the establishment of multi-vertical collaborations within worlds, finally closing in on a
17
platform economy. No company, however large it may be, is able to invest by itself in
tomorrow’s applications.
It is worthwhile to note that telecommunications operators have a privileged position here, and
possible strategic options because they can be the architects of IoT ecosystems combining the
vertical and technological building blocks they provide and integrate. The new IoT economy will
still require significant investment in technology infrastructure.
The IoT is not a single standardised technology such as LTE or TCP/IP for instance. Rather, it is
a cluster of technologies, sometimes heterogeneous and of different orders, each corresponding
to principles of operation, business models and value chains that can be specific unto themselves.
This of course raises very serious concerns over interoperability and standardisation. Various
international communications bodies (IEEE or IETF e.g.) have ongoing IoT-related activities.
For instance, in an effort to deal with interoperability concerns, the ITU-T has created a Global
Standards Initiative on the Internet of Things (IoT-GSI) to promote a unified approach and
recommendations for the development of technical standards enabling the Internet of Things on
a global scale, and to ‘act as an umbrella for IoT standards development worldwide’. This works
with specific ITU-T IoT groups (a Joint Coordination Activity, and Focus Group on a machine-
to-machine service layer), and the main ITU-T Study Groups.
The undetermined character of the IoT framework and ecosystems is currently driving a
technological race in standardisation to quickly impose a business model and a technological
ecosystem. This opens important economic windows of opportunity for actors who seek to
impose their solution in hopes of taking advantage of ‘first mover advantage’ and ‘winner takes
all effect’. This configuration also creates significant pressure on the regulatory bodies so that the
decisions needed to adapt the regulatory framework do not immediately freeze the market
(especially in the allocation of new spectrum).
The success of the IoT will also depend on the interoperability of systems. At the first stage, it is
essential that all the components of a solution be interoperable between themselves. For instance,
the RFID reader has to be compatible with the chips used. To solve this issue, it is necessary to
create an open system (or open layer?) in which the different stakeholders can operate. In this
case, solutions that adapt to heterogeneous contexts have to be developed so as to guarantee
reliable functioning throughout the period of use
This notion of interoperability is at the core of issues surrounding the Internet economy.
Beyond mere interconnection which ensures compatibility between hardware and software
components through the design of transportation interfaces and application formats
interoperability requires the definition of common standards that are open so that all market
players can reuse them in the technical solutions they develop. The idea that interoperability
should be a public policy priority, as well as a priority for private players, appeared very early on.
The complexity of technologies and of the knowledge mobilised in interconnected networks
limits integration strategies: the players that are specialised in one of the technical components
can become extremely powerful and impose the constraints of their specific architecture
(technical and economic) on the entire system.
18
The convergence of communication technologies and technological systems also makes the
standardisation process particularly complex, as the IoT falls within the province of several
standardisation bodies. First, there are the international organisations such as the International
Telecommunication Union (ITU), the International Organisation for Standardisation (ISO), and
the European Telecommunications Standards Institute (ETSI). These are non-specialised
organisations and their different standardisation committees cover the whole spectrum of IoT
technologies. At the same time, there are more specific organisations. They are often regional,
national or sector-specific, and focus on one technical aspect or a specific part of the process
(RFID standards, networks protocols, data encoding, frequency allocating, etc.). The
standardisation and dissemination of the IoT is being built on a combination of the different
forms of standardisation such as proprietary systems, voluntary sectoral standardisation, public
regulation, ‘multi-stakeholder’ committees, etc. The governance of technical systems is a major
component in the governance of modern societies.
The IoT systems architecture and design opens the way for alternative perspectives: centralised
infrastructure and control or more distributed-oriented based on cloud functionalities and
autonomous applications storing and processing data near to sensors.
The question of standards granularity is crucial. It consists in ensuring that each standard is
sustainable at international, national and regional levels, as well as at the level of each specific
industry. Granularity is just as important as interoperability to avoid fragmentation, in the case of
a lack of anticipation in the choice of interface associated with technical systems.
This issue affects standardisation infrastructure as well as applications. This is especially evident
in the case of Application Programming Interfaces (API). From the perspective of
standardisation and interoperability, APIs are especially important because their existence is
inextricably linked to the steadiness of the entire ecosystem.
The larger use of open data, platforms, and APIs is a way to encourage distributed applications
and a wide range of innovative services. Yet, APIs and middleware are characterised by excessive
heterogeneity. As underlined by ITU, IoT systems are built on communications standards… but
these standards are numerous and it is therefore difficult to connect together systems in different
industry sectors or reuse system components. It makes it difficult to write applications that will
run on different systems – therefore users often have to rely on a single set of applications for a
single set of IoT components. In such a context, competing strategies gives a key role to APIs as
a mean to support new interoperable IoT services and, therefore, new business opportunities.
Spectrum management
Among those aspects that regulatory authorities address most naturally, spectrum management
plays a special role because of the a priori nature of this scarce resource, and the economic
impact of potential license fees or having access to unlicensed frequencies. This also remains
particularly true for the IoT. Here, two specific dimensions deserve attention. A first dimension
corresponds to the characteristics of the expected network for IoT applications in terms of
coverage and quality of service. The second dimension relates to the way to organise, characterise
and license frequency usage rights and networks mobilised by the IoT.
19
In general, IoT applications use small data packets and require low data rates. For network
management, this has significant consequences: applications could be easily supported within
existing allocations and would not require specific spectrum availability in the short term.
However, as noted by Ofcom (2015), the situation is much more uncertain in the longer term. As
a matter of fact, the expected impressive growth of IoT devices, traffic and possible applications
(direct high data rate video, for instance) will create increased demand for spectrum. In the short
to medium term, spectrum availability does not appear to be creating limitations to the
development of the IoT (Ofcom, 2015). On the one hand, applications are still not numerous
and, on the other, they only need to send a limited amount of data on a very occasional basis. But
the situation might change in the longer term because a huge surge in services might require
additional spectrum: some applications (real time video, for instance) will generate greater
volumes of data.
One specific dimension of communications and applications availability and interoperability is
the licensing of spectrum management. As a matter of fact, as this is always the case in emerging
disruptive fields, innovations are supported by a wide range of alternative competing
technological solutions: interconnection protocols, data formats and, more specifically, fixed and
mobile infrastructures. Let us think, for instance of short-range radio protocols such as Zigbee,
Bluetooth and Wi-Fi, mobile phone data networks and, in more specialised applications such as
traffic infrastructure, longer-range radio protocols such as Ultra-Narrow Band (UNB). (ITU,
2015)
IoT development calls, first, for the use of white space and shared spectrum technology, second,
for the rollout of LTE-A and 5G networks and, third, for dedicated IoT spectrum. Low
bandwidth IoT applications can typically be accommodated within existing spectrum allocations:
smart metering networks, rollout of a wide area, general purpose IoT network such as smart city.
(Ofcom, 2015)
These alternative technological solutions for the development of the IoT give a very important
role (and potential impact) to telecoms regulators. Depending on the case, they can support the
development of high-speed cellular networks, keeping under review the need for IoT-specific
spectrum (ITU, 2015), or they can favour the rollout of open shared solutions competing with
mobile network.
The current success of Sigfox came about by being a step ahead of telcos who were increasingly
faced with rising bandwidth, and who did not take on the development of connected objects of
lower individual added value. Existing networks have thus gradually adapted to data transmission.
Supporting small data packets caused different difficulties related, first, to expensive and
unsuitable charging systems, and, second, to very different energy consumption considerations.
Sigfox has therefore sought to respond to both the first hurdle, through the choice of a network
based on an open radio band and second, the adoption of chips that awaken only to
communicate and can thus last several years on the same battery.
It is interesting that, faced with this disruptive vision of an open ecosystem supported by a new
entrant, operators have sought to develop alternative technological solutions that enable them to
defend their position in the value chain, gaining a key role in the IoT ecosystem. Confronted by
Sigfox, many of these telcos (Bouygues, KPN, Swisscom, SK Telecom) in fact support the
20
competing Lora system, under which operators develop their network as they see fit, on the basis
of a protocol and a shared standard technology.
In terms of technological solutions and spectrum availability, one should take into consideration
various states of affairs. When wide-area or deep in-building coverage suggest the need for lower
frequency spectrums, service availability and quality suggests licensed spectrum, long life devices
suggest simple networks and IoT-optimised technologies benefiting from their own spectrum
allocation. These various solutions should not be considered as competing but rather
complementary alternatives.
In order to provide solutions for a wider range of applications and growing needs, the access to
general purpose technology and free shared spectrum will become increasingly important for the
IoT. Wi-Fi and Bluetooth, for instance, are sufficient (on the condition that interference is not
caused to other spectrum users) for some wearable or smart home devices, for instance, that do
not require instant real time communications and operate indoors over a short range.
Ofcom (2015) lists a number of ongoing activities which are seeking to enhance mobile network
technologies to efficiently support IoT services. They include:
- An enhancement to technology used in 4G networks to support lower data rates and less
complex user devices (so-called LTE category 0 and LTE category M);
- An enhancement to the technology used in 2G mobile networks to support very low data
rates and device complexity while using the same spectrum allocations as mobile
networks (so-called EC-GSM); and
- In the longer term, 5G mobile networks may be designed to efficiently support a range of
services, including IoT traffic.
Various solutions are thus to be explored in the realm of licensed spectrum. Additional
bandwidth could be found, for instance, by identifying and clearing bands for IoT use. Thus, in
the recent ARCEP review on allocating spectrum at 700 MHz, some operators note (consistent
with CEPT) that they expect to use the band for the IoT. Another solution to extending the
available spectrum would be to relax technical conditions on the use of bands: Ofcom is
exploring options with mobile network operators for modifying the terms of their licenses to
allow the deployment of IoT-optimised technologies within their existing spectrum allocations.
As yet unknown forms of hybridisation between networks could take place and will probably call
for regulatory guidelines. As an example, Sigfox and Eutelsat recently created a partnership in
order to use satellite TV broadcasting to support Sigfox-based IoT communication.
Ofcom recently opened a public consultation with a view to encouraging the use of VHF
spectrum by the IoT. It enables wireless M2M operation over long distances, therefore allowing
firms to connect distant locations (in, e.g., rural areas) that can be hard to reach using the higher
frequency bands already opened for the IoT, but typically conceived for voice-only applications.
21
Fig. 4. Framework for considering spectrum requirements for the IoT (Source: Ofcom)
In France, ARCEP launched a public consultation in July 2014 on the use of open spectrum to
obtain feedback from stakeholders. The particular aim of the consultation was to deepen
ARCEP’s forward planning on the future use of and need for open spectrum, particular in view
of the upcoming development of the IoT. A summary of the feedback from market players was
published in December 20145. It helped to enrich ARCEP’s forward-looking analysis of all of the
topics addressed as part of the consultation. The number and diversity of the contributions
served to underscore the importance and multiplicity of the issues that are bound up with the
IoT. Frequencies, and particularly the use of unlicensed spectrums, are key to the development of
innovative applications, and several of the contributors shared their analysis of how several
specific bands will evolve. ARCEP takes these elements into account when contributing to
international spectrum harmonisation efforts.
Connectivity: switching, roaming, addressing, numbering and portability
The most significant configurations correspond to those which are directly connecting objects to
mobile communication networks (via SIM card), those that need to access and be connected to
the wide internet only occasionally (and requiring an IP address, but this is not the case for all
IoT applications), and those corresponding to private or local networks. Depending on the
network infrastructure, type of application and device technology, a wide range of solutions exist
for creating and assigning addresses to IoT devices.
5 ARCEP (2014). For an abstract in English:
http://www.arcep.fr/index.php?id=8571&tx_gsactualite_pi1[uid]=1714&tx_gsactualite_pi1[annee]=&tx_gsactualite_pi1[theme]
=&tx_gsactualite_pi1[motscle]=&tx_gsactualite_pi1[backID]=26&cHash=8b845639e10d5f0863eb0ae1ecb4aa44&L=1
22
Given the expected high number of connected objects, the issue of addressing and numbering
naturally appeared very early on in regulators’ roadmap. Deepening the analysis and the resulting
decisions, however, leads to the adoption of a balanced and nuanced approach. As a matter of
fact, the quantity of addresses and numbers the IoT will require remains a very open issue. The
model of M2M connected to a wireless network (or a computer connected to the internet) is only
one of the existing configurations of the IoT, but this does not provide the reference model:
therefore, every IoT-connected device will not require a unique telephone number or an IP
address.
Consequently, according to Ofcom (2015), the anticipated large volume of IoT devices will not
put much pressure on the limited supply of available mobile numbers and IP address. The
availability of network addresses should not be a barrier to the development of the IoT. This
point is a very important one since numbering as well as other scarce resources – is of course
an important field for sectoral regulation.
Considering the huge volume of objects to be connected, in the medium term classic
telecommunications numbers might continue to be one solution to identify M2M entities, but in
the longer term, IPv6 addresses might become the preferred solution. Actually, the main
numbering issues NRAs currently have to tackle concern M2M services based on mobile
connectivity: possible scarcity of numbering resources, extra-territorial use of national numbers.
In some countries, the national regulatory authority has sought to manage this by allocating a
range of telephone numbers specifically for IoT applications. In France, an ARCEP decision
from 2012 prevented the use of scarce 10-digit mobile numbers for M2M services, mandating
instead the use of 14-digit numbers starting from 1 January 2016.
The question differs depending on the technological context: RFID and local connection,
addressed items on networks, terminals connected via radio. IoT systems based on mobile
communication networks in particular raise an important issue: that of SIM cards. It involves
both the issue of network management and competition between actors within the same value
chain.
The issue is primarily an economic one. The provision of mobile network codes to IoT service
providers might be necessary. But, whether it is appropriate for M2M applications, the unit cost
of SIM cards could make them ill-suited for lighter objects and applications.
The question is, however, also a regulatory one relating to competition over fixed SIM cards
attached to objects and devices that can lead to locking the user in to a technical system and a
specific provider. Contracts and data protocols might make it difficult to switch networks.
The same applies to the allocation and pricing of FttH. French guidelines support co-investments
based on individual end user subscriptions models (costing around €40/month) but not on
subscription models for objects (streetlights, video surveillance, billboards) with smaller
individual value.
In addition, unlike the case of individuals whose connection requirements are relatively stable, the
processing of all objects along their value chain calls for a very large number of players that can
embody a wide range of operators and nationalities. As a result, IoT raises growing concerns
about international mobile roaming. Moreover, since objects and devices are frequently used
23
indoors, they also call for specific interconnection between mobile networks and alternative
systems. With this in mind, in 2014, the Netherlands began allowing SIM cards to be issued by
organisations other than mobile network operators, such as utilities and car companies (cf. ITU,
2015).
Such requirements have consequences for the institutional frameworks and various
standardisation bodies proposing corresponding solutions. The European Conference of Postal
and Telecommunications Administrations (CEPT) Electronic Communications Committee has
recommended that SIM cards whose IMSI can be remotely updated should be implemented as
soon as possible, and that CEPT countries consider great flexibility in assigning Mobile Network
Codes (MNCs) to IoT service providers. Similarly, ITU suggested that IoT devices may have a
globally unique and routable communications address (requiring a very large protocol address
space, such as that of IPv6); an address assigned by a gateway that allows limited inter-network
connectivity; or make use of local networks only, to share data with and receive instructions from
a nearby controller, such as a personal computer, smartphone, or specialised management device
– in which case a globally-unique address would not be required.
Security
As pinpointed by several authors, the question of risk is a key feature of the IoT. Indeed,
interconnection and interdependent relations supported in the IoT value chain raise original
forms of risk structures (Van Eeten and Bauer, 2009; Hofmann and Ramaj, 2011). In particular,
privacy and security are two significant (and closely related) issues in IoT deployment.
The IoT encompasses more and more services. The importance of these applications is in their
number but also in the vital nature of some of them, literally vital to the integrity of individuals
(cf. cars or connected health applications) and to the resilience of companies (transportation or
payment system...). Consequently, networks must be sufficiently robust and resilient to be able to
ensure the provision of safe services and the sharing of reliable data. Conversely, many questions
arise around the vulnerability of connected devices, often deployed outside a traditional IT
structure and lacking sufficient security built into them.
Ofcom (2015) thus noted that it is necessary to ensure that certain networks and services meet
minimum standards of security and resilience. Some IoT services that have requirements for high
levels of security and resilience could be deployed over private networks, while security and
resilience obligations do not apply to private networks under current legislation. It underlines that
different applications will have different requirements for network security and resilience. For
example, a simple fitness-monitoring device that tracks an individual’s physical movement would
not require a highly resilient network connection.
Recent headline news has demonstrated, all over the world, that hackers and intruders can easily
break into IoT systems and networks to access potentially sensitive personal information or to
take control over devices: as was the case with unwanted distant control of a connected Jeep or,
in France, with abusive messages displayed on connected billboards in the city of Lille.
24
To meet these security and privacy challenges, regulators face the very same concerns as those in
their other field: diversity of institutions involved, limitation of the legal responsibility for
electronic communication authorities. As a matter of fact, a large portion of intervention could
only be light-handed regulation, incentivising IoT companies to follow a security-by-design
approach, building security and privacy features into the device from the outset of the
development process (ITU, 2015). Ofcom’s review reveals that there should be little evidence to
support new, IoT-specific regulation on security and resilience, recommending instead the further
development and application of existing regulations. The traditional security approaches used in
telecoms6 may not be applicable to the high volume, low cost devices likely to be used by many
IoT services.
In France, Institut Montaigne (2015) recalls that the protection of critical infrastructure is
governed by the Defence Code, which explicitly relates to public and private operators.
‘Electronic communication, audiovisual and information’ is one of the twelve sectors of vital
activity. A national security directive regulates and sets specific security obligations to the digital
infrastructure sector for its protection and for that of each of its sub-sectors. Any operator of
digital networks or services must comply with a sufficient level of safety, and not contribute to
weakening others: some security-related provisions should therefore concern all operators and
not just those in charge of industry-critical infrastructure.
6 Despite the attempts made, in 2014 in particular when the European Parliament adopted a new directive (Network
and Information Security) on cybersecurity (EC, 2015).
25
Conclusion
An FTC staff report (2013) suggested that IoT-specific legislation would be ‘premature’. It
instead encouraged self-regulatory programmes for IoT industry sectors to improve privacy and
security practices.
Fig. 5 Overview of policy and regulatory measures taken (Source: ITU)
As a matter of example, it is all the more vital to consider the future internet’s governance in light
of increased uncertainties linked to standards, i.e. generic RFID standards, standards applying to
infrastructure networks, standards applying to identifiers, and also sector-based firm standards,
legal standards, socio-cultural standards, sanitary standards, etc. As far as the allocation of
frequencies is concerned, it is necessary to arbitrate between stakeholders in the
26
telecommunications sector, the media and the Internet, not so much for technical reasons as for
the sake of economic and political interests. The review of the new European Telecom Single
Market should contribute to establishing new guidelines. As already mentioned above, as regards
communication infrastructure, the IoT populates an ever-increasing number of personal and local
networks, whether regulated or not. This expansion will generate a wide variety of networks, with
different types of architecture, interconnections and security levels, such as Wide Area Networks
or Personal Area Networks, Body Area Networks, Ad Hoc Objects Networks all of which
support a dedicated application.
It is important, therefore, to continue to monitor the development of the IoT to predict any
significant changes in spectrum demand.
International harmonisation of spectrum and standards is also likely to be vital for delivering
economies of scale and lower cost consumer equipment; given the need for very low cost
equipment for some applications (Ofcom, 2015).
In a different field, as regards data usage and data privacy, in order to provide individuals with
control over the use of their personal data, France’s Conseil d’Etat went so far as to consider a
‘right to digital self-determination’ in order to balance the relationship between individuals and
economic actors. This notion is based on the right to ‘informational self-determination’
advocated by the German Constitutional Court in 1983, and tends to ‘guarantee in principle the
individual’s ability to decide the communication and use of his personal data’. It should thus not
be a formal right but rather a new principle that can give meaning to the regulation of uses.
In France, in order to deepen its knowledge and understanding of the dynamics at play, ARCEP
recently initiated a wide-reaching and open review of the IoT market. Through an extensive series
of interview, its prime objective is to gain insight into the developments taking place in the
market, in order to further qualify the possible need for updates, fine tuning or reviewing specific
electronic communications regulations in the context of the IoT. In light of the various fields
involved, the overlaps with different regulations and mandates assigned to different regulators,
the review is being carried out in concert with other public institutions such as the Directorate
General for Enterprise and Industry, CNIL (personal data regulator), ANSSI (agency for IT
systems security), ANFR (spectrum agency) and France Strategy. It should lead to a white paper
being published right after the summer 2016.
Its first outputs, as well as the conclusions of the strategic review conducted by ARCEP in the
meantime, feed its first orientations as regards the Internet of Things, in the domains of its own
competencies.
To encourage innovation, the regulator should first have the role to enable and facilitate. The
regulator must indeed minimize the impact of its actions on the choice of technologies, which
must first be arbitrated by the market. The action of the regulator should be as neutral as
possible, and consist primarily at protecting innovators. The anticipation and the exchange with
the entire industry value chain (start-ups, cluster, manufacturers, operators, but also users) are
thus essential to know and understand the ecosystem emerging, which is the one of the objectives
of the IoT review being performed, and which will be continued afterwards. The objective is to
ensure that there is no obstacle to effective self-organization, or even to identify potential
structural actions that may be required to allow for innovation to develop. Such action must be
27
promoted at a European level at minimum, the digital ecosystem and its players being by nature
largely globalized.
A second important lever of the regulator to encourage innovation is the rules of access to scarce
resources (frequencies, phone numbers, etc.). This is to avoid pre-emption of the value chain by
some stakeholders, and keep enough flexibility to liberate innovation, so that new uses and new
technologies are conceived, designed, tested and deployed in France. Access to spectrum
resources is essential to provide effective and innovative communications services. Enough
spectrum should be available for market players to meet the stakes. The use of “free” spectrum
can be an important catalyst. New services can also be developed on frequencies assigned for
exclusive or shared use.
ARCEP is set to work in connection with the Government and National Frequencies Agency7 to
ensure the availability, for a diverse ecosystem, of wireless communications for the IoT, of both
licensed and free bands. Work will be conducted in particular to enlarge the availability of free
spectrum in the UHF bands8. More broadly, a reflection on how to allocate several frequency
bands aspiring to be used with LTE will be opened in 2016. This reflection will determine how
these frequencies are intended to be used by mobile operators or in other systems.
Regarding the availability of mobile numbering resources for the Internet of Things, ARCEP will
ensure the effective implementation of 14-digit dialling for M2M, which will significantly enlarge
the resources available, and will conduct a review of the conditions to facilitate a rapid and
massive migration from IPv4 to IPv6.
In the meantime, ARCEP will also bring, when appropriate, its active contribution to the works
of other relevant regulators, in particular in the fields of the protection of personal data and the
security and resilience of networks and systems. This is specifically needed, at a time when two
new European regulations are about to be adopted and setup an updated framework, under the
scope of which guidance and best practices will be helpful for all stakeholders.
7 Since radio frequencies are public property, the State has given the National Frequencies Agency (ANFR) the
mission of planning and management of the implementation of the transmitters, control and finally issuing certain
permits and certificates radio.
8 Namely : 863-870, 870-876 and 915-921 MHz bands
28
References
ARCEP (2014), Utilisation de fréquences sur des « bandes libres » et projet de décision de l’ARCEP relatif aux
dispositifs à courte portée, Synthèse de la consultation publique, Décembre.
ARCEP (2015), Réguler pour connecter, Annual Report
http://www.arcep.fr/uploads/tx_gspublication/ARCEP_REGULER_CONNECTER_FR-
juin2015.pdf
ARCEP (2016), Revue Stratégique, Janvier
http://www.arcep.fr/uploads/tx_gspublication/rapport-final-revue-strategique-janv2016.pdf
Atzori, L., Iera, A., and Morabito, G. (2010). The Internet of Things: A survey. Computer Networks,
54(15), 2787–2805.
Basiliere, P. (2014): Big Business Fail: Makers and Startups are The Ones Shaping the Internet of Things
http://blogs.gartner.com/pete-basiliere/2014/11/20/big-businessfail-makers-and-startups-are-the-
ones-shaping-the-internet-of-things/
Benghozi P.J., S. Bureau and F. Massit-Follea (2009) The Internet of Things: What challenges for Europe?,
Ed. MSH-collection praTICs http://books.openedition.org/editionsmsh/97
BEREC (2015), Project Advanced connectivity of devices, systems and services (M2M), Draft Report on
Enabling the Internet of Things BoR (15) 141
Butler (2014), Ubiquitous, secure internet-of-things with location and context-awareness, Project Report
Dunkels A. and J.P. Vasseur (2008), IP for Smart Objects, Internet Protocol for Smart Objects
(IPSO) Alliance, White Paper #1, September http://www.ipso-alliance.org
Eeten, M. Van and J.M. Bauer (2009): Emerging Threats to Internet Security: Incentives,
Externalities and Policy Implications, Journal of Contingencies and Crisis Management. 17(4):221-232
European Commission (2014), Recent Developments on the Internet of Things, Opinion 8/2014, Art. 29
Data Protection Working Party Adopted on 16 September 2014, 14/EN WP 223
http://ec.europa.eu/justice/data-protection/index_en.htm
European Commission (2015), Network and Information Security (NIS) Directive
http://ec.europa.eu/digital-agenda/en/news/network-and-information-security-nis-directive
Federal Trade Commission (2015), Internet of Things, Privacy & Security in a Connected World, Staff
Report https://www.ftc.gov/system/files/documents/reports/federal-trade-commission-staff-
report-november-2013-workshop-entitled-internet-things-privacy/150127iotrpt.pdf
Gawer A., (2009), Platforms, Markets, and Innovation, Edward Elgar Publishing, 416 p.
Gershenfeld N., R. Krikorian and D. Cohen (2004), The internet of things, Scientific American 291 (4)
(2004) 76–81.
Gershenfeld, N., and Vasseur, J.P. (2014). As Objects Go Online: The Promise (and pitfalls) of the
Internet of Things. Foreign Affairs, 93(2): 60–67.
Gomez, J., Huete, J.F., Hoyos, O., Erez, L., and Grigori, D. (2013). Interaction System Based on
Internet of Things as Support for Education. Procedia Computer Science, 21: 132–139.
Gubbia, J., R. Buyyab, S. Marusic and M. Palaniswami (2013): Internet of Things (IoT): A vision,
architectural elements, and future directions. Future Generation Computer Systems. 29:1645–1660
Haas A., Haas M and M. Weinert (2015), The Internet of Things is already here, but who bears the risks? A
model to explain coverage disputes in a world of interconnected, autonomous devices. Working paper, World Risk
and Insurance Economics Congress (WRIEC), Munich
Hagel J., J. Seely Brown and L. Davison (2009) The Power of Pull: How Small Moves, Smartly
Made, Can Set Big Things in Motion, Basic ooks, 288p.
Hofmann, A. et H. Ramaj (2011): Interdependent risk networks: the threat of cyber-attack.
International Journal of Management and Decision Making. 11 (5/6): 312-323
Institut Montaigne (2015), Big data et objets connectés : Faire de la France un champion de la révolution
numérique Report
29
http://www.institutmontaigne.org/res/files/orderfile/resume_Objets_connectes_Anglais.pdf
ITU (2015), Regulation and the Internet of Things, GSR discussion paper
lansiti M. et K R. Lakhani (2014), Digital Ubiquity: How Connections, Sensors, and Data Are
Revolutionizing Business Harvard Business Review, November
Leminen, S., Westerlund, M., Rajahonka, M., & Siuruainen, R. (2012). Towards IoT Ecosystems
and Business Models. In S. Andreev, S. Balandin, & Y. Koucheryavy (Eds.). Internet of Things,
Smart Spaces, and Next Generation Networking – Lecture Notes in Computer Science, Volume 7469:
15-26. Berlin: Springer.
Madakam, S., Ramaswamy, R. and Tripathi, S. (2015) Internet of Things (IoT): A Literature Review.
Journal of Computer and Communications, 3, 164-173. http://dx.doi.org/10.4236/jcc.2015.35021
Mazhelis, O., Luoma, E., and Warma, H. (2012). Defining an Internet-of- Things Ecosystem. In S.
Andreev, S. Balandin, & Y. Koucheryavy (Eds.). Internet of Things, Smart Spaces, and Next
Generation Networking – Lecture Notes in Computer Science, Volume 7469: 1-14. Berlin: Springer.
Ngai E., K. Moon, F. Riggins et C. Yi (2008), RFID research: An academic literature review (1995-
2005) and future research directions, International Journal of Production Economics, 112:510–520.
Nokia (2015), Optimizing LTE for the Internet of Things, Nokia LTE M2M White paper
OFCOM (2015), More Radio Spectrum for the Internet of Things, Consultation
OFCOM (2015), Promoting investment and innovation in the Internet of Things, Summary of responses and
next steps Statement
Olivier Wyman (2015), The Internet of Things : Disrupting Traditional Business Models,
http://www.oliverwyman.com/content/dam/oliver-wyman/global/en/2015/jun/PAR-
MKT18301-002-Internet-of-Things_Report-ENG.pdf?
Pew Research Center (2014), The Internet of Things Will Thrive by 2025,
http://www.pewinternet.org/2014/05/14/internet-of-things/
Porter M.E. and J. E. Heppelmann (2014), How Smart, Connected Products Are Transforming
Competition, Harvard Business Review, November.
Presser M. and A. Gluhak (2009), The Internet of Things: Connecting the Real World with the
Digital World, The Magazine for Telecom Insiders, vol. 2
Preuverneers, D. and Berbers, Y. (2008). Internet of Things: A Context-Awareness Perspective. In
L. Yan, Y. Zhang, L. T. Yang & H. Ning (Eds.), The Internet of Things. From RFID to the Next-
Generation Pervasive Networked Systems: 287-307. New York: Auerbach Publications
Rochet J.C. and TIROLE J. (2003), Platform Competition in Two-Sided Markets, Journal of the
European Economic Association, Juin.
Santucci G. (2009), From Internet of Data to Internet of Things, International Conference on Future
Trends of the Internet.
Stiglitz, J. (2002). Competition and competitiveness in a new economy. Austrian Ministry for Economic
Affairs and Labour. Economic policy Center. Edited by Heinz Handler and Christina Burger.
Vienna. July
TCS (2015), Internet of Things: The Complete Reimaginative Force, Global Trend Study - July
Uckelmann, D., Harrison, M., and Michahelles, F. (2011). An Architectural Approach Towards the
Future Internet of Things. In D. Uckelmann, M. Harrison, & F. Michahelles (Eds.), Architecting the
Internet of Things, 1-24. Berlin: Springer
Weber R. (2009), Internet of things-Need for a new legal environment? Computer Law & Security
Review, 25:522–527.
Westerlund M., S. Leminen, and M. Rajahonka (2014), Designing Business Models for the Internet
of Things, Technology Innovation Management Review July 2014
World Economic Forum (2015), Industrial Internet of Things: Unleashing the Potential of Connected Products
and Services, January
Yang F-L, F. Liu, and Y-D Liang (2010), A Survey of the Internet of Things, Working paper
... [27]. According to a staff analysis from the Federal Trade Commission (FTC) [28], IoT-specific laws would be "premature." Instead, it supported IoT industry sectors' self-regulatory initiatives to enhance privacy and security standards. ...
Chapter
Full-text available
In the age of emerging technology, various automated systems, and remote-control system applications have been implemented to make human lives comfortable. The Internet of Things (IoT) is a cloud-based platform that provides tools for controlling and navigating numerous internet-connected sensors and smart devices. In smart technology, various countries are already implementing different applications that relate to IoT. For developing countries like the Philippines, smart technology will help to adapt to the transforming needs of the nation and its people. Integration to smart devices like smart cities, smart homes, and other smart applications will eradicate common daily challenges people experience. Digitally enabled technologies in the Philippines give a stepping stone for its development as it helps its business, agricultural, and other sectors apply advanced technology for better output to their products that can compete internationally. As IoT becomes more popular and accepted by society, the progression of modernization in the Philippines will be experienced in succeeding years.KeywordsInternet of thingsEmerging technologiesCloud-basedSensorsAutonomous system
Article
Full-text available
This article investigates challenges pertaining to business model design in the emerging context of the Internet of Things (IOT). The evolution of business perspectives to the IOT is driven by two underlying trends: i) the change of focus from viewing the IOT primarily as a technology platform to viewing it as a business ecosystem; and ii) the shift from focusing on the business model of a firm to designing ecosystem business models. An ecosystem business model is a business model composed of value pillars anchored in ecosystems and focuses on both the firm's method of creating and capturing value as well as any part of the ecosystem's method of creating and capturing value. The article highlights three major challenges of designing ecosystem business models for the IOT, including the diversity of objects, the immaturity of innovation, and the unstructured ecosystems. Diversity refers to the difficulty of designing business models for the IOT due to a multitude of different types of connected objects combined with only modest standardization of interfaces. Immaturity suggests that quintessential IOT technologies and innovations are not yet products and services but a "mess that runs deep". The unstructured ecosystems mean that it is too early to tell who the participants will be and which roles they will have in the evolving ecosystems. The study argues that managers can overcome these challenges by using a business model design tool that takes into account the ecosystemic nature of the IOT. The study concludes by proposing the grounds for a new design tool for ecosystem business models and suggesting that "value design" might be a more appropriate term when talking about business models in ecosystems.
Article
Full-text available
One of the buzzwords in the Information Technology is Internet of Things (IoT). The future is In-ternet of Things, which will transform the real world objects into intelligent virtual objects. The IoT aims to unify everything in our world under a common infrastructure, giving us not only control of things around us, but also keeping us informed of the state of the things. In Light of this, present study addresses IoT concepts through systematic review of scholarly research papers, corporate white papers, professional discussions with experts and online databases. Moreover this research article focuses on definitions, geneses, basic requirements, characteristics and aliases of Internet of Things. The main objective of this paper is to provide an overview of Internet of Things, architectures, and vital technologies and their usages in our daily life. However, this manuscript will give good comprehension for the new researchers, who want to do research in this field of Internet of Things (Technological GOD) and facilitate knowledge accumulation in efficiently .
Article
Full-text available
The Internet of Things is a new paradigm that is revolutionizing computing. It is intended that all objects around us are connected to the network, providing “anytime, anywhere” access to information. This concept is gaining ground, thanks to advances in nanotechnology which allows the creation of devices capable of connecting to the Internet efficiently. Nowdays a large number of devices are connected to the web, ranging from mobile devices to appliances. In this paper we focus on the education field, where Internet of Things can be used to create more significant learning spaces. In this sense, we propose a system that allows students to interact with physical surrounding objects which are virtualy associated with a subject of learning. We conduct an experimental validation of our approach, yielding evidence that our model improves the student's learning outcomes.
Article
This article presents an economic model that explicitly reflects the interdependent risk structure of a cyber network. We find that due to this interdependent risk structure, the level of cyber risk protection in the community is inefficient from the community's overall viewpoint. The analysis further suggests that decision processes should take into account the interdependent risk structure of the underlying internet-based network. Therefore, an organisation that invests in comprehensive cyber risk protection should be rewarded by other organisations for the benefits (in the form of lower exposure risk) that it has brought to the network. Another promising way to improve protection is to subsidise high-exposure organisations. It is also important that states implement laws to prevent cyber attacks and to protect organisations. Formal contractual agreements between different organisations specifying their data and information exchange and other interactions may also prove a promising strategy. A successful agreement may involve using rewards as coordinative mechanisms; for instance, in using non-monetary web certificates. Finally, the development of international standards for tracking and tracing technologies is essential in order to improve cyber safety.
Article
Ubiquitous sensing enabled by Wireless Sensor Network (WSN) technologies cuts across many areas of modern day living. This offers the ability to measure, infer and understand environmental indicators, from delicate ecologies and natural resources to urban environments. The proliferation of these devices in a communicating-actuating network creates the Internet of Things (IoT), wherein, sensors and actuators blend seamlessly with the environment around us, and the information is shared across platforms in order to develop a common operating picture (COP). Fuelled by the recent adaptation of a variety of enabling device technologies such as RFID tags and readers, near field communication (NFC) devices and embedded sensor and actuator nodes, the IoT has stepped out of its infancy and is the the next revolutionary technology in transforming the Internet into a fully integrated Future Internet. As we move from www (static pages web) to web2 (social networking web) to web3 (ubiquitous computing web), the need for data-on-demand using sophisticated intuitive queries increases significantly. This paper presents a cloud centric vision for worldwide implementation of Internet of Things. The key enabling technologies and application domains that are likely to drive IoT research in the near future are discussed. A cloud implementation using Aneka, which is based on interaction of private and public clouds is presented. We conclude our IoT vision by expanding on the need for convergence of WSN, the Internet and distributed computing directed at technological research community.
Article
Academic research into radio frequency identification (RFID) has proliferated significantly over the last few years, to the point where journals (Production and Operations Management, International Journal of Production Economics, IEEE Systems Journal, and IEEE Transactions on Automation Science and Engineering) are producing special issues on the topic. In this paper, we present a literature review of 85 academic journal papers that were published on the subject between 1995 and 2005. We organize these studies into four main categories: technological issues, applications areas, policy and security issues, and other issues. All of the papers in the review are allocated to the main and sub-categories based on their main focus. Our analysis of these papers provides useful insights on the anatomy of the RFID literature, and should aid the creation and accumulation of knowledge in this domain. A comprehensive list of references is also presented. It is hoped that the review will be a good resource for anyone who is interested in RFID research, and will help to stimulate further interest in this area. The implications for RFID researchers and practitioners and suggestions for future research areas are discussed.