Experts to IoT makers: Bake in security

"As sensors – a common category of IoT devices – become embedded in larger systems, such as cars, liability of the manufacturers looms larger, says Andrea Matwyshyn, a professor of law at Northeastern University. If software in IoT devices in cars is exploited to create catastrophic accidents, the liability disclaimers that software developers have been asserting for years may lose their bite, she says.

At the same time, liability laws for physical devices have been carefully thought out over years of case law. Shifting software liability into the realm of physical objects needs to be done conscientiously because it could disrupt the legal balance.

She cited an Oklahoma case where a jury found reckless disregard against Toyota for its electronic acceleration system that jammed and resulted in a fatal accident. As more and more software and computers are added to cars, this type of case and hence potential liability for the quality of the software will become more common. “Software is written by humans,” she says. “Mistakes will happen.”"