It has been over 50 years since the first Consumer Electronics Show (CES) took place in New York, with some of the most iconic technology products being first introduced to the general public such as the video cassette recorder (1970), Blu-ray DVD (2003) and 3D printers. Now firmly located in Las Vegas, the 2019 CES took place last week and proved to be equally as exciting.
Much of the hype this year was on further improving and developing smart domestic connected devices, an increasing focal point in the home over recent years. For example, this year saw the introduction by French company CareOS of the smart mirror, which lets you 'try on' different hairstyles, and a new webcam known as "Wellcam", developed by alarm.com, which can extend into the home of a 'loved one' in need of additional monitoring and assistance.
While these developments are exciting for retailers and consumers alike, developers of innovative technology products are facing an increasingly challenging legal and regulatory environment – particularly when servicing the UK and European markets, due to recent changes to data protection law and the UK's impending exit from the European Union.
The introduction of the General Data Protection Regulation (GDPR) last year means that companies, irrespective of whether or not they are actually based or have an office in the EU, are at risk of potential fines of up to the greater of €20 million or 4% of their global annual turnover for breaching laws that are designed to protect any data that can identify an individual (including IP addresses and other online identifiers). Whilst the UK Information Commissioner has indicated that it will prefer the 'carrot, not the stick' approach in relation to imposing penalties for a breach of GDPR, it has also said that it will not shy away from using the full extent of its fining powers if necessary.
As one example of the continuing development of connected devices, electronic pets featured widely at this year's show. Lovot (by Groove X) and Kiki (by Zoetic), in particular, were two products that made headlines. These smart pets have been designed to boost emotional health and well-being by alleviating loneliness. Both devices have cameras, become familiar with humans they see regularly, and learn human behaviour over time. However, the wider adoption of the products may raise concerns from a privacy perspective. In particular, how much personal data do these products collect and how is such data shared? Given the use of cameras and tracking of individuals, the developers of these and similar products may find it tricky to ensure that they remain compliant with the new data protection rules – particularly, if seeking to further commercialise the data generated.
Many companies at the event, clearly recognising that consumers are becoming more focussed on the privacy implications of these products, showcased privacy conscious technology, such as Snips, a French start-up, that recently launched an 'alternative voice assistant' - an 'alternative' to those provided by the big tech giants. Snips includes software that runs 'on-device', and therefore 'offline' – ensuring that the data cannot be accessed by third parties.
Is this the start of technology companies recognising that customers are becoming more cautious about sharing data with outsiders, and that they may prefer products with limited privacy risks? Apple clearly sees this as an opportunity for a growing point of difference between itself and the other big technology companies. While not formally showcasing any products at the event, it instead took out billboard advertising in view of the main Las Vegas Convention Centre focussing on its commitment to privacy; using a play on the well-known Las Vegas slogan 'What happens in Vegas stays in Vegas' by declaring 'What happens on your iPhone stays on your iPhone'.
With over 100 UK businesses at the event, and the Department for International Trade flying the flag for the UK technology sector, it has been suggested that millions of pounds worth of deals involving UK companies and consumers were concluded last week. However, one issue at large for those with UK and European operations at the event were the potential consequences arising from the UK's departure from the EU without a formal 'deal' being agreed, and the uncertainty presented by the current political climate.
As things stand, tariffs are not levied when goods are sold and transferred between countries within the EU. However, in the event of a 'no deal', this is likely to change. Depending on the commercial terms entered into between businesses, some may face additional costs if import tariffs are levied once the UK leaves. In addition, in the event that delays to importing and exporting goods occurs, businesses may incur additional unforeseen costs that will either need to be absorbed or passed on – depending on what (if anything) has been agreed between them and their contracting parties. Currency fluctuations may also have an impact on the viability of being able to perform as previously expected.
The challenges faced by technology companies in respect of GDPR and Brexit will often be surmountable; however, they do require careful thought. In particular, in respect of ensuring compliance with the data protection regime, businesses processing large volumes of personal data may have to conduct a thorough data protection impact assessment, and should put in place appropriate policies to guarantee that all personal data is processed securely and lawfully. As for the impact of Brexit, there may already be appropriate provisions in the relevant agreement to deal with changes in legislation and currency volatility. If not, then it would be sensible to put such arrangements in place as swiftly as possible.