Jump to content
  • Legal considerations for IoT

       (0 reviews)

    Tim Kannegieter


    Internet of Things (IoT) projects are a complex multiparty undertaking, requiring the cooperation of asset owners, technology providers, consultants, communication service providers, and a range of other stakeholders. IoT projects have a range of technologies that have legal implications such as copyright ownership of circuit board designs and firmware. Adding to this, the securing of legal rights for the use and maintenance of the ICT systems is critical to the ongoing operation of these projects.

    Successful delivery and operation of these assets requires effective communication, a sound understanding of the legal landscape, and practical systems and procedures to secure the strength of your legal position if things escalate. A key thing that leads to legal disputes is that often the rights people think they have were never put down in writing or that rights arise or are broken by the common practice arising from conduct of the parties in dispute. 

    Many of the legal considerations on this page are the same for other ICT and engineering projects. This page summarises these and provides some IoT specific context. 

    Impacts arising from legal issues

    There are a range of considerations in any IoT project as follows:

    Continuity: A project owner or contractor supporting an IoT project must be able to ensure continuity of parts and services required to keep the system running. 

    Practical approaches to mitigating legal risks:

    Consider legal rights as components of: the IoT system (IP licenses) and the business model (exclusivity & duration).

    Vulnerability of software element of system considerations mitigated through: Ongoing control & access; consideration of IP issues – developers, libraries, employee/contractor (e.g. IPC Global v Pavetest [2017] FCA 82).

    Avoid relying on verbal assurances: Through keeping written logs of discussions with other parties and confirming meetings in writing.

    Effective (alternate) dispute resolution

    • Balance of leverage and vulnerabilities
    • Strength of legal position and cost of options
    • Game Theory – BATNA
    • EQ – long term strategy, reputation capital
    • Heads of agreement

    Statutory requirements:

    • ACL – addressing: unfair terms; unconscionable, misleading & deceptive conduct
    • Security of payment – deadlines, legal assistance with payment schedules (e.g. Ampcontrol SWG Pty Limited -v- Gujarat NRE Wonga [2013] NSWSC 707)

    Fields of law to be considered

    Following are the major fields of law that need to be considered in IoT projects.


    Considerations: Privacy policy; Mandatory reporting of data breaches.


    Including the Telecommunications Act 1997 and the Radiocommunications (Low Interference Potential Devices) Class Licence 2015.

    Australian Consumer Law (ACL)

    Covering (Unfair terms: consumers and small business); Safety defect; Warranties (extended by representations); Industry standards; Misleading & deceptive conduct.

    Common law

    Incorporating: Negligence; Contract Breaches – liquidated damages, indemnities including: payment, warranties, unfair terms, misleading consumers about their ACL rights; Limiting liability through understanding the scope for claims including time for bringing claims

    Supporting legal documentation

    Use of form contracts

    This may include AS4000 (General conditions of contract), however, be sure to use only relevant terms adapted for an IOTproject; Use correct reference documentation revisions; Clearly define intellectual ownership to avoid later detrimental outcomes.

    Legally acceptable documentation

    Approaches include: Email minutes of the discussion and what has been agreed to the other party; Encourage the other party to write back confirming receipt and agreement;  Lawyers regularly merge files to keep a running log on each file or project; Alternately, encourage the other party to initial printed or otherwise hard copy documentation.

    Liability clauses

    • Be scared and in turn cautious of the potential cost of lack of focus on liability (e.g. a project in TMA case ran overtime resulting  in a horrific penalty of about $30,000 a day).
    • Potential cost to client of time overrun includes: deprivation of use and profitability.
    • Potential cost to IOT Developer
    • Mismanagement

    Dependencies for consideration


    • Security of payment
    • Home Building Act

    Intellectual Property

    • Patenting
    • Confidential information
    • Copyright

    consider the legal rights that you're going to need to ensure that you continue to operate that system and retain control over it

    • reusing third-party code without permission (e.g. IPC Global v Pavetest)

    What if a software supplier ceases to be able operate due to a failure for them to correctly protect intellectual property.  So, in turn you should consider what indemnities and guarantees are you going to need?

    Include legal rights in as deliverables in your project.  IOT projects are going to have software and firmware involved. An example given for which Jeff Sizer was a professional witness involved damages being sought on the basis of an intellectual property breach through reuse of a relatively small amount of code resulting in breached copyright.

    • Designs
    • Circuit boards
    • Independent contractors considerations (Written assignment of IP; Protecting trade secrets; Confidential information; Non-disclosure agreements)
    • Restraint of trade for key employees

    Managing Legal Risk through Clear Contracts

    • Common Practise is to have standard terms and conditions, and to use this approach effectively, show the client and have them initial and date at the bottom of each page.
    • The intention is to encourage the parties to turn their mind to things that might go wrong.  It is certainly best to consider and fix such issues as early as possible in the engagement.


    This term is used to refer to how you are able to backup a claim that varies from the initial agreement.  To say, "I recall somebody told this to me a number of years ago" and no one else was around to witness what was being said can be hard to prove if it contradicts a previously signed agreement.

    This may be mitigated by standard terms implied at law, such as warranties.

    • There can be terms implied but not written down. Such terms need to be consistent with the parent intentions.

    Terms need to capable of clear expression.  The more convoluted and complicated the term is, the less likely it will be entertained by a court.

    Verbal assurances tend not to get a lot of weight from the courts.

    If you consider you may suffer detriment if the other party doesn't stick to the terms, then this needs to be documented in writing if you can.

    Australian Consumer Law is broader than general law. There may be consideration around whether you were impaired in your ability to make decisions to protect your own interests, and the other person exploited that.  Consideration may be given as to whether you were given the opportunity to negotiate terms.Did you have any notice before this person took action.


    Good faith Alternate Dispute Resolution

    Easy to use record keeping systems

    Technically literate legal support


    Sources: The information on this page was primarily from the following: 

    User Feedback

    Create an account or sign in to leave a review

    You need to be a member in order to leave a review

    Create an account

    Sign up for a new account in our community. It's easy!

    Register a new account

    Sign in

    Already have an account? Sign in here.

    Sign In Now

    There are no reviews to display.