AEM.org (Nov. 12, 2018)
by David Knight, founder and CEO of Terbine
With Internet of Things (IoT) technology becoming critical to equipment manufacturers, questions about data ownership are coming with increased frequency. And the answers aren’t obvious.
Many organizations are beginning to send their machine-generated IoT data to third parties. Often this is motivated by a desire to monetize the data, and sometimes by regulatory reporting reasons. These initiatives are bringing the issues of data ownership and licensing to the foreground.
Interestingly, there are few established standards for determining how ownership is assigned, much less how IoT data can be licensed properly. Here’s an overview:
Data ownership in the western world
Generally, the owner of machine-generated data (MGD) is the entity that holds title to the device that recorded the data. In other words, the entity that owns the IoT device also owns the data produced by that device. However, when real-world constructs such as lease holdings come into play, the issue of ownership gets more complex and murky. Furthermore, data may be owned by one party and controlled by another. Possession of data does not necessarily equate to title. Possession is control. Title is ownership.
Referred to as usage rights, each time data sets are copied, recopied and transmitted, control of the data follows it. Conversely, transfer of ownership requires a legal mechanism to convey title.
Clinically speaking, data is owned by the titleholder. In this regard, data title is like a deed to real property. MGD may also contain metadata, which is akin to mineral and water rights.
One way for non-attorneys to
think about data ownership
It turns out that data by itself is not protectable under the American intellectual property framework; however, data title rights are similar to the rights afforded by a copyright. Data title includes a bundle of usage rights that allow the titleholder to copy, distribute and create derivative works. Data within a database is like the words and images that make up a copyrighted book. The usage rights and title to the book are separable. This is similar to how the author of a novel retains title to the words and pictures that comprise the novel, and also owns the ability to authorize a publisher to publish and distribute books. However, he or she does not control each reader’s usage rights once the content is accessed by readers. Similarly, an entity that holds title to a database holds the associated data ownership rights. If the data set is copied and transmitted elsewhere, the entity relinquishes the usage rights.
The parties to a data contract play a role, too
There are two major classes of parties in this space. The first includes corporations, data brokers and marketplaces, which have been exchanging data amongst themselves long before the concept of MGD came along. These activities are not typically exposed to tight government regulation. This model translates well into the purely machine-generated data world. There are legal constructs that convey rights, often with payment involved. But the second category is composed of consumers who share data with a vendor in exchange for a product or service. These agreements in the consumer space may be subject to government oversight, and certain industries like healthcare must comply with a network of statutes and agency rules. The second category is on the other end of the spectrum — essentially a “give-and-take” approach. However, instead of applying personal usage data as with consumer applications, the vendor may collect in-depth data from a sensor platform to optimize the user’s experience.
Here, the contract allows machine-generated data to be exchanged in return for incentives such as a curated service or discount. This approach conveys the requisite data usage rights and data title once the end user opts in. As we move into the future, with artificial intelligence programs increasingly becoming the end users of data, it’s likely that a hybrid of these two approaches will emerge to provide a standardized legal construct that also offers the flexibility to tune the results based on analysis of machine data.
The Ag equipment industry is providing an example of how to handle data rights
The agriculture industry has embraced the use of sensors and machine-generated data to maximize production, and is also sophisticated in the way it handles data ownership interests. The bottom line is that the farmer owns the data produced by his or her sensor platforms. Nevertheless, some farm equipment manufacturers have developed a system of agreements with a high level of transparency to enable agricultural MGD to flow freely.
The difference between machine data and personal data
The automotive industry offers another important distinction that must be made in determining data ownership rights. Regulators and industry groups primarily agree that a car owner owns the MGD generated by that car. Like an insurance policy, the MGD ownership interests follow the car. However, that non-personal machine-generated data is treated differently than personal data, which is generated by the automobile’s operators and occupants. This opens up an entirely separate class of data and ownership. And it turns out that the ownership rights to personal data follow the people who generate it. There is also the growing importance of consumer trust and sentiment. Consumers perceive all the data flowing from their car to be theirs, and they expect to receive something in return. In response to data-conscious users, automobile manufacturers craft data exchange provisions that use a give-and-take approach. Similar to agribusiness data exchanges, there is an underlying presumption that the MGD captured after purchase is owned by the entity who bought the car, and the onus is on manufacturers to use that data to provide a service to the purchaser.
Other uses for data from moving vehicles
The increasing use of connected technologies and sensors in on-road and off-road machines will create an unprecedented explosion in vehicle-generated data. And with this, data users across sectors that have no direct association with those machines are poised to integrate these new data streams into their business models. These users could range from insurance to telecommunications, to high-tech and beyond. And the value for them is that, as a machine moves, it can capture and transmit all kinds of data that’s only tangentially pertinent to the operation of the machine. But these other users could find value in, for example, on-the-spot barometric air pressure and ambient temperature, or other factors that can be utilized for applications not possible until the advent of connected vehicles.
There’s no universal answer to data ownership
As evidenced in this piece, IoT data ownership is, and will likely continue to be, a complex issue.
As a rule of thumb, whoever holds title to the data producing platform likely owns the data. But different industries and companies take different approaches to regulating the transfer of data control and title. Add in international and intranational regulatory issues, and it gets even more complicated. The common denominator in successful utilization of machine data is well-crafted contractual language that both protects consumer interests and feeds a growing data ecosystem. We’ll keep updating you as this brave new world of machine-generated data exchanging, compliance and monetization evolves.
David Knight is the Founder/CEO of Terbine, the first commercial exchange for Internet of Things data. A serial entrepreneur, his background is in core technologies including multi-spectral sensing and communications, digital audio, messaging, enterprise software and distributed systems. On August 23, he was one of the speakers at AEM’s Thinking Forward event in San Francisco.