When California enacted SB 327 last year, it became the first state to regulate Internet of Things (IoT) devices, which refer to physical devices that are connected to the internet. Beginning next January, the new law will require manufacturers of IoT devices sold in California to implement reasonable security features that protect the software, data, and information contained within them. While the law regulates only the minimum security standards for IoT devices, its definition of a “connected device” (i.e., an IoT device) may impact product liability claims because “connected devices” are physical objects and not technology. SB 327’s definition suggests that manufacturers of the software in IoT devices may not be held strictly liable for software defects, because the law aligns with and reinforces the view of most courts that software is not a product, but a service.
Continue Reading Product Liability in the Internet of Things