On October 16, 2016, an Internet denial of service attack from Mirai malware disabled Dyn, the domain system name provider for hundreds of major websites, including Netflix, Twitter, and PayPal. Mirai malware infected and spread through systems with the help of hacker-compromised web-connected cameras and digital recorders in consumer households.
This Internet of Things (IoT) attack was ultimately traced to home DVRs and cameras, with a majority of these devices manufactured by Hangzhou Xiongmai Technology, a Chinese electronics manufacturer. Hangzhou Xiongmai promptly issued a massive recall recall for the faulty devices. However, it didn't take long for the company to reverse course with threats of its own awsuits against western accusers.
The ultimate issue is legal liability, and who is most responsible—and the moral of the story is that no matter who presides in the courts, nobody wins. Business reputations get destroyed, business itself is impeded because of the effort and the expense needed to engage in lawsuits, and business relationships built over years are broken and difficult, if not impossible, to rebuild.
For these reasons alone, managers and decision makers in the electronics industry must to proactively look at the areas of legal liability that are likely to be major focal points in 2017. Just what are these “hot spot” legal liability issues, and what steps can you take to avoid them?
#1 Internet of Things security compromises and malware attacks
The most visible legal liability issue, and one that can immediately impact revenues and brand worth, is an Internet of Things attack that goes through devices that your company designed and/or manufactured. Research firm Gartner projects that26 billion IoT devices will be installed by 2020. These are a lot of device end points to control, and they provide a rich source of entry for malicious attacks. As an example, just last year, gasoline level monitoring devices (i.e., ATGs, or automated tank gauges) at refueling stations across the United States were identified as vulnerability points that could be remotely accessed by online attackers, manipulated to cause alerts, and even set to shut down the flow of fuel.
#2 Risky suppliers
Electronic companies outsource significant component and assembly work. Often, suppliers are in different countries with different regulatory standards. In some cases, they are very small suppliers that skip or gloss over security and regulatory compliance steps. Nevertheless, if these companies are in your chain of manufacturing and one of these suppliers creates security risks and compromises, you and your end product are still held liable by your end customers and by regulatory agencies.
#3 Outsourcing practices
The Apple-Foxconn manufacturing partnership in China, where impossible working conditions and even child labor were uncovered, have now retired into archived news. Nevertheless, the incident should have etched an indelible imprint on the minds of electronics industry decision makers who choose to outsource. Unfair labor practices and poor management by third party suppliers can impact revenues, damage brands, and create legal liabilities. From an ethical standpoint, no organization should knowingly endorse these practices.
#4 Safety & sustainability
Electronics manufacturing consumes huge amounts of energy and exposes workers to many different chemicals during the course of manufacture. Some chemicals and chemical by-products of manufacturing are hazardous and create disposal difficulties. When a consumer buys and uses the products, a new set of consumer energy usage, safety, compliance, and recycling issues are created. Electronics companies are monitored for compliance and there is a plethora of government regulations that define sustainability and safety standards. It is imperative to stay current and in compliance with these regulations to avoid legal liability.
What to do
One of the largest risks to electronics companies is the internal ability to keep up with constantly changing regulations. In the face of fierce competition, the emphasis is constantly on innovating and manufacturing new products and getting them to market first. However, in today’s regulatory environment, it is equally important to ensure that the more staid disciplines within the company (such as regulatory staff) are tooled up with the resources that they need to do their jobs.
A second, proactive step that companies should take is to actively and continuously vet their suppliers for conformance to work practice, safety practice, manufacturing quality practice, and sustainability practice guidelines. Ideally, suppliers should be evaluated annually. If there are shortcomings, suppliers should be given an appropriate amount of time to correct them. Wherever possible, your company should assist them.
Finally, work with your liability insurers. They are the ones who determine if your premiums for annual liability coverage go up, and you likely negotiate these figures with them annually—but you should also ask them about best practices in legal liability that they are aware of that might allow you to reduce the liability coverage premiums that your company pays.