When Toasters Attack

A Polycentric Approach to Enhancing the “Security of Things”

There is a great deal of buzz surrounding the Internet of Things, which is the notion, simply put, that nearly everything not currently connected to the Internet, from gym shorts to streetlights, soon will be. The rise of “smart products” such as Internet-enabled refrigerators and self-driving cars holds the promise to revolutionize business and society. From 2013 to 2020, Microsoft has estimated that the number of Internet-enabled devices is expected to increase from 11 to 50 billion. To substantiate the coming wave, Samsung recently announced that all of its products would be connected to the Internet by 2020. Yet, there has been relatively little attention paid to how we should go about regulating this explosion in connected devices and still less about how cybersecurity should be enhanced across them. This Article analyzes possible approaches to regulating the Internet of Things to enhance cybersecurity with a particular focus on the literature of polycentric governance as a vehicle to help marry together bottom-up and top-down regulatory modalities.

The full text of this Article is available to download as a PDF.