It’s no secret the rise of the Internet of Things (IoT) has resulted in a tremendous amount of information being produced in what has become an increasingly interconnected world. However, one notable consequence of the ever-growing data deluge is it has forced those throughout the industry to confront a difficult question, one which is poised to shape the future of the industry for years to come:
Who owns equipment data?
While it's seemingly a straightforward question, it’s not one so easily answered. But according to Tom Valbak Aardestrup, vice president of business development at AEM member company TrackUnit, equipment manufacturers looking to gain clarity and insights into the issue of data ownership can start by trying to answer a different – and perhaps more important – question: Who can access it?
“As I see it, it doesn’t really doesn’t matter who owns equipment data,” said Aardestrup. “It’s a question of who has the right to use the data.”
Machine Data Ownership and Access
Aardestrup shared his insights on data ownership and privacy -- as well his opinion that it's becoming increasingly clear that data generated by a piece of equipment belongs to its owner.
“If that machine produces data, then it belongs to the owner of the title,” he said. “Now that doesn’t mean the OEMs can’t access it. They just have to make sure they have the legal framework in order to be allowed to access it.”
Aardestrup also stressed the importance of manufacturers understanding that those companies who fail to invest the time, effort and resources into managing information generated by machines will eventually face dire consequences. Why? The amount of data being produced is growing exponentially. By 2020, machines and things are poised to produce 40 zetabytes of data, and 90 percent of it will less than two years old.
“It’s a mind-boggling number, because it means more data than we could ever imagine was produced from 2017 up until today,” said Aardestrup.
“We’re going to need some help,” he added.
Shared Access to Standardized Data
Advancements in technology such as machine learning and artificial intelligence are poised to profoundly impact the equipment manufacturing industry in the coming years. However, said Aardestrup, a pre-condition to the widespread proliferation of these technologies is shared access to standardized data.
“It’s a key challenge,” he continued. “We’re seeing the beginning of standardization of data, but it's still not enough. Way too much is still unstructured, and if we want to get access to this data, it needs to be scrubbed and cleaned for any kind of machine learning function to make sense of it.”
Then comes the question of who owns the data and who can access it, and Aardestrup provided an example of why it's such a critical one for the equipment manufacturing industry.
“If the data controller is the one who has to ensure compliance – and that’s a rental company – how can they make sure the operator gives consent?” asked Aardestrup. “Because they don’t know who the operator is. So all of a sudden it’s unclear.”
Ultimately, he said, the data controller must be able to demonstrate the data subject – the user, or the operator – has given active consent. And, if the data subject wants to revoke a data controller’s access to his or her information, he or she can do so. Lastly, and perhaps most importantly, the controller must be able to delete the personal data associated with the subject.
All of this begs a key question: What is personal data? It can come in many forms, said Aardestrup. Names, addresses, specific locations at certain times, company identification numbers, email addresses, records and much, much more.
“It’s not just bits and bytes on a server,” he continued. “It’s becoming an incredibly significant amount of information to be taken into consideration. And the most important thing to remember is that the information should only be kept for the duration of its purpose.”
Compliance With GDPR and Future Regulations
The recently enacted GDPR serves to ensure enterprises – both private and public – only collect personal information they need for a clearly defined purpose. It is designed to protect personal data within the European Union and surrounding economic area, and it applies to any organization that offers solutions which process personal data within the region. More simply stated, if an equipment manufacturer accesses data coming from Europe (or is making solutions available to European data subjects) it will need to comply with GDPR.
Equipment manufacturers must be willing to take the necessary steps to ensure they can manage data effectively and be compliant with current and future regulations related to data privacy. According to Aardestrup, this means organizations need to be transparent with their actions and be able to put together a proper legal framework, one which includes a data processing agreement.
“A data processing agreement is the first thing you want to do,” he said. "It needs to spell out how you are going to process the data, who is going to have access, the whole description needs to be in place. And once it is set up, you want to make sure – if you are the data controller – that you get active consent from users and operators. And you have to make it very clear who has access to the data, why they have access to the data, and for how long they will have access to the data.”
What Manufacturers Must Do
The world is becoming increasingly connected, and technology is constantly changing. Certain innovations, products and services are becoming cheaper and more available with time, and equipment manufacturers are looking to find ways to leverage the most useful of these tools to provide better insights into their businesses.
However, the vast majority of the industry is ill-prepared to deal with the challenges associated with data access and management. That needs to change. And, according to Aardestrup, the task is clear.
“You want to make sure you have your legal framework in order," he said. “If you have that, there’s not that much to be afraid of.”
Subscribe to the AEM Industry Advisor for information related to product safety and compliance.