enter or La, Silicon Flatirons Roundtable Series: Tenoloy, and THE FUTURE OF THE INTERNET OF THINGS ntrereneurs at te nersty IN MISSION CRITICAL APPLICATIONS Silicon o olorado Flatirons Wednesday, June 22, 2016, 3:00 PM - 6:00 PM Hosted by Kelley Drye & Warren LLP The Internet of Things (IoT), as the ecosystem of IP networked applications, services, and devices is called, promises both to benefit consumers and to raise challenging issues for policymakers. One under-appreciated issue of major significance is that mission critical applications—e.g., public safety, health care, and transportation— sometimes do not take particular care to ensure that they are developed with an eye towards secure, sustainable, and reliable functioning. In the health care environment, for example, new devices and applications may be built for efficiency, not security, and may use unlicensed wireless networks or devices that are vulnerable to interference or jamming. Media reports have also highlighted potential risks in the transportation space, including remote hacking of unmanned aerial systems and connected cars. The governance challenge for IoT systems is that there is often a lack of trust among actors in the ecosystem; limited incentives for developers to build sustainable, secure, privacy-protective, and maintainable systems; a lack of technical expertise in addressing the unique oversight challenges posed by software and Internet technology; and a coordination challenge among the range of actors in this space. Government policy can help the industry address these concerns, but the relevant expertise and authority to address these issues is dispersed broadly across the government, and the new institutional models for oversight in this area are only being developed. At this roundtable, we will bring together a group of leading researchers, government policymakers, industry leaders, and consumer advocates to discuss the security and performance challenges related to the use of Internet of Things technologies in mission critical environments. AGENDA 3:00 – 3:15 Agenda overview and introductions Phil Weiser 3:15 – 4:00 What are the security concerns involved with mission critical IoT devices and how can we minimize the risk? Firestarter: Aneesh Chopra 4:00 – 4:45 How can government and industry increase the likelihood that mission critical IoT devices operate reliably? Firestarter: Dale Hatfield 4:45 – 5:30 What institutional tools can governmental agencies use to engage in adaptive regulatory oversight in this area? How can governmental agencies best collaborate across sectors as Internet of Things technologies touch on a range of areas from health care to transportation? Firestarter: Ellen Goodman 5:30 – 6:00 Wrap Up enter or La, Silicon Flatirons Roundtable Series: Tenoloy, and THE FUTURE OF THE INTERNET OF THINGS ntrereneurs at te nersty IN MISSION CRITICAL APPLICATIONS Silicon o olorado Flatirons Wednesday, June 22, 2016, 3:00 PM - 6:00 PM Hosted by Kelley Drye & Warren LLP BACKGROUND SOURCES The following readings include material not intended for distribution. Gary Matuszak et.al., Security and the IoT Ecosystem (KPMG International, 2015), available at https://www.kpmg.com/CO/es/ IssuesAndInsights/ArticlesPublications/Documents/Security%20and%20the%20IoT%20Ecosystem.pdf. Bruce Schneier, The Internet of Things is Wildly Insecure – And Often Unpatchable, Wired (Jan. 6, 2014), available at http://www. wired.com/2014/01/theres-no-good-way-to-patch-the-internet-of-things-and-thats-a-huge-problem/. FTC Staff Report, Internet of Things, Privacy and Security in a Connected World (Jan. 2015), available at https://www.ftc. gov/system/files/documents/reports/federal-trade-commission-staff-report-november-2013-workshop-entitled-internet-things- privacy/150127iotrpt.pdf. Mingyi Zhao et al., An Empirical Study of Web Vulnerability Discovery Ecosystems, 15 CSS 1105 (2015), available at https://www.ftc. gov/system/files/documents/public_comments/2015/10/00079-98131.pdf. Kenneth Corbin, The Internet of Things Brings Far-Reaching Security Threats, CIO (Aug. 8, 2014), available at http://www.cio.com/ article/2462407/mobile-security/the-internet-of-things-brings-far-reaching-security-threats.html. IoT Devices Easily Hacked to be Backdoors: Experiment, SecurityWeek News (Jan. 13, 2016), available at http://www.securityweek. com/iot,devices4easily-hacked-be-backdoors-experiment. Jordan Gass-Poore, Researchers Hope This Invention Could Wave Away Medical Data Hacks, NPR (May 10, 2016), available at http://www.npr.org/sections/alltechconsidered/2016/05/10/476941159/researchers-hope-this-invention-could-wave-away-medical- data-hacks. Scott Peppet, Regulating the Internet of Things: First Steps Toward Managing Discrimination, Privacy, Security, and Consent, 93 Tex. L. Rev. 85 (2014), available at http://www.texaslrev.com/wp-content/uploads/2015/08/Peppet-93-1.pdf. Milan Goldas, Connectivity That Will Shape the Future of Mission Critical IoT Applications, IoTNow (July 06, 2015), available at http://www.iot-now.com/2015/07/06/34522-connectivity-that-will-shape-the-future-of-mission-critical-iot-applications/. Notice, Request for Public Comment, The Benefits, Challenges, and Potential Roles for Government in Fostering theAdvancement of the Internet of Things, 81 Fed. Reg. 19956 (published April 06, 2016), available at https://www.federalregister.gov/ articles/2016/04/06/2016-07892/the-benefits-challenges-and-potential-roles-for-the-government-in-fostering-the-advancement-of-the. Daniel Castro & Joshua New, 10 Policy Principles for Unlocking the Potential of the Internet of Things, (Center for Data Innovation, 2014), available at http://www2.datainnovation.org/2014-iot-policy-principles.pdf. Dana Blouin, Unique Public-Private Partnership Targets IoT Security, CMSWire.com (Aug. 31, 2015), available at http://www. cmswire.com/internet-of-things/unique-public-private-partnership-targets-iot-security/. Mari C. Domingo, An Overview of the Internet of Things for People with Disabilities, 35 J. of Network and Computer Applications 584 (2011), available at http://ac.els-cdn.com/S1084804511002025/1-s2.0-S1084804511002025-main.pdf?_tid=314be77c-2355-11e6- a077-00000aacb362&acdnat=1464276129_77d248e6a7d29c358ce014784520a528. Joshua New & Daniel Castro, Why Countries Need National Strategies for the Internet of Things (Center for Data Innovation, 2015), available at http://www2.datainnovation.org/2015-national-iot-strategies.pdf. enter or La, Silicon Flatirons Roundtable Series: Tenoloy, and THE FUTURE OF THE INTERNET OF THINGS ntrereneurs at te nersty IN MISSION CRITICAL APPLICATIONS Silicon o olorado Flatirons Wednesday, June 22, 2016, 3:00 PM - 6:00 PM Hosted by Kelley Drye & Warren LLP PARTICIpaNTS Rebecca Arbogast, Senior Vice President, Global Public Policy, Comcast Corporation Jon Banks, Senior Vice President, Law and Policy, USTelecom Association Jack Belcher, Chief Information Officer, Department of Technology Services, Arlington County, Virginia Jeff Blattner, President, Legal Policy Solutions, PLLC Len Cali, Senior Vice President, Global Public Policy, AT&T Aneesh Chopra, Co-Founder and Executive Vice President, Hunch Analytics Ryan Clough, General Counsel, Public Knowledge Hap Connors, Member, Commonwealth Transportation Board Christine DeLorme, Attorney Advisor, Office of Commissioner Terrell McSweeny, Federal Trade Commission Jameson Dempsey, Associate, Kelley Drye & Warren LLP Scott Deutchman, Deputy General Counsel and Vice President for Legal and External Affairs, NeuStar Inc. Donna Epps, Vice President Public Policy and Strategic Alliances, Verizon Michele Farquhar, Partner, Hogan Lovells US LLP Derik Goatson, Student, University of Colorado Law School Ellen Goodman, Professor, Rutgers Law School Joseph Lorenzo Hall, Chief Technologist, The Center for Democracy & Technology Dale Hatfield, Senior Fellow, Silicon Flatirons John Heitmann, Partner, Kelley Drye & Warren LLP Hank Kelly, Partner, Kelley Drye & Warren LLP Robert Kelly, Partner, Squire Patton Boggs Linda Kinney, Senior Advisor, Internet Policy, National Telecommunications and Information Administration Fernando Laguarda, Vice President, External Affairs and Policy Counselor, Time Warner Cable Jason Livingood, Vice President, Internet Services, Comcast Christin McMeley, Partner and Chair, Privacy & Security Practice, Davis Wright Tremaine LLP Blake Reid, Assistant Clinical Professor, University of Colorado Law School Alex Reynolds, Director, Regulator Affairs, Consumer Technology Association Glenn Reynolds, Chief of Staff, National Telecommunications and Information Administration Jonathan Sackner-Bernstein, Former Associate Center Director for Technology and Innovation, US Food and Drug Administration Jon Sallet, General Counsel, Federal Communications Commission Eric Schneider, Senior Vice President for Policy and Research, The Commonwealth Fund Sara Schnittgrund, Director of Student Programs, Silicon Flatirons Steve Sharkey, Vice President, Government Affairs, Engineering and Technology Policy, T-Mobile Roger Sherman, Principal, Waneta Strategies Phil Verveer, Senior Counsel to the Chairman, Federal Communications Commission Phil Weiser, Executive Director, Silicon Flatirons; Dean, University of Colorado Law School Jeffrey Westling, Student, University of Colorado Law School Security and the IoT ecosystem KPMG International kpmg.com Foreword When it comes to the Internet of Things (IoT), you can believe the hype. In fact, IoT will likely be even bigger than most people think. But success in