Age of IoT? (2nd draft)

-- By RyoichInoue - 24 Dec 2020

What are users' rights in a system of sensor-based data gathering and how should those rights be protected?

OSS and GPLv3

In relation to IoT? , the devices used by users are the surveillance devices pointed at the users. The way by which such user’s rights are protected will be enabling the users to modify the software that is embedded in the device. This is because the one who controls power over the software is regarded to have the power over the users. Of course, the user has the right to control himself, therefore the users should be vested with such power. Then, how can we enable the users to have the power to modify the software installed in the device? If the manufacturer of the device has the copyright over the software, it is impossible for the users to modify the software, as it would be the violation of the copyright held by the manufacture. The best way to enable the user to modify software would be to make the software installed in the devise to be Open Source Software (“OSS”). OSS generally refers to the software with source code that anyone can inspect, modify, and enhance. But what makes software OSS is not the nature of software itself, but the nature of license for such software. The institution which has crucial role in developing such OSS license is Free Software Foundation, Inc. Free Software Foundation Inc. has developed version 3 of the GNU General Public License (GPLv3). GPLv3 is the template for the license document for OSS. GPLv3 has four essential factors, which are (1) the freedom to use the software for any purpose, (2) the freedom to share the software with your friends and neighbors, (3) the freedom to change the software to suit your needs and (4) the freedom to share the changes you make. The third element is essential for securing the user’s right to modify the software embedded in the IoT? devise. By using GPLv3 for the software installed in the IoT? device, the user is given the right to modify the software.

MIC and MITI in Japan

However, it seems that the use of GPLv3 or OSS in general is not so prevalent in Japan. One of the reasons are the political context. There are 2 ministries in Japan which have interest in OSS, which are Ministry of Internal Affairs and Communications (MIC) and Ministry of Economy, Trade and Industry (METI). The views of MIC and METI over OSS and GPLv3 are different. MIC had long been reluctant for the introduction of OSS. The reason of this is the security and intellectual property risk. MIC is concerned that the use of OSS and GPLv3 would make it mandatory to disclose the source code of modified portion, and also concerned that the responsibility relating to the use of OSS would lie on the user, so in case OSS violates intellectual property of the third party, the user would be liable for such infringement. On the other hand, METI had been proponent of OSS and GPLv3 and promoting the introduction of OSS and GPLv3, from the perspective that OSS and GPLv3 would promote the open innovation. However, given its relatively weak position in the ministries, it was unsuccessful for make them prevalent.

The absolute power of manufacture

Another reason why OSS is not so prevalent in Japan is the absolute power of manufacture in determining the software to be installed in the device. The large manufactures in Japan had traditionally developed software by themselves without the reliance on the OSS, which gives it absolute power to control the software in the device in the supply chain, because it is the holder of the copyright over the device, and they can impose whatever conditions over the use of software in the device. In Japan, the presence of the platform companies are relatively weak, so the manufactures does not face the pressure from them.

Comparison with China

The uniqueness of this would become clearer when we compare the situation in Japan with that in China. Unlike MIC in Japan, Chinese government had been strongly supporting the introduction of OSS. One of the reasons is because Chinese government is concerned about Microsoft from the national security perspective, because source code of Microsoft cannot be seen. In China, privacy against the government is considered to be non-existence, given Cyber Security Law and other regulations with the primarily purpose of conferring the surveillance power to the government. However, the government backed OSS had enabled the users to modify software embedded in IoT? device, resulting in securing the user's right against the one who operates the IoT? system. Also, in China, powerful platform company, Baidu, had big influence in the promotion of OSS.

Conclusion

The introduction of OSS based on GPLv3 is recommended to secure the user’s right to modify software installed in IoT? device.