Digital Policy, Regulation and Governance

Regulation and governance of the Internet of Things in India

Sheshadri Chatterjee, Arpan Kumar Kar,
Article information:
To cite this document:
Sheshadri Chatterjee, Arpan Kumar Kar, (2018) "Regulation and governance of the Internet of Things in India", Digital Policy,
Regulation and Governance, Vol. 20 Issue: 5, pp.399-412, https://doi.org/10.1108/DPRG-04-2018-0017
Permanent link to this document:
https://doi.org/10.1108/DPRG-04-2018-0017
Downloaded on: 03 November 2018, At: 02:07 (PT)
References: this document contains references to 48 other documents.
To copy this document: permissions@emeraldinsight.com
The fulltext of this document has been downloaded 32 times since 2018*
Downloaded by University of Sunderland At 02:07 03 November 2018 (PT)

Access to this document was granted through an Emerald subscription provided by emerald-srm:380143 []
For Authors
If you would like to write for this, or any other Emerald publication, then please use our Emerald for Authors service
information about how to choose which publication to write for and submission guidelines are available for all. Please visit
www.emeraldinsight.com/authors for more information.
About Emerald www.emeraldinsight.com
Emerald is a global publisher linking research and practice to the benefit of society. The company manages a portfolio of
more than 290 journals and over 2,350 books and book series volumes, as well as providing an extensive range of online
products and additional customer resources and services.
Emerald is both COUNTER 4 and TRANSFER compliant. The organization is a partner of the Committee on Publication
Ethics (COPE) and also works with Portico and the LOCKSS initiative for digital archive preservation.

*Related content and download information correct at time of download.

 Regulation and governance
of the Internet of Things in India
Sheshadri Chatterjee and Arpan Kumar Kar

Abstract Sheshadri Chatterjee is

Purpose – The purpose of this study is to highlight the importance of Internet of Things (IoT) in India. The Research Scholar at
purpose also includes providing insights regarding policy framing for IoTs with a focus on regulation and Department of
governance. Management Studies,
Downloaded by University of Sunderland At 02:07 03 November 2018 (PT)

Design/methodology/approach – A qualitative approach has been taken here for understanding the Indian Institute of
issues of IoT policy for India so far as regulations and governance are concerned. Technology Delhi,
Findings – This study highlights that the draft IoT policy of India, 2015 is to be improved. Attention is to New Delhi, India.
be focused on regulation and governance for addressing security and privacy issues among other Arpan Kumar Kar is
issues. For proper enablement of IoT technology, arrangements of funds are essential. Assistant Professor at
Research limitations/implications – IoT-related technologies in India have immense potential for the Department of Information
industries. This study implies the importance of security and privacy issues. If these issues are properly Systems, Indian Institute of
addressed, the industries will flourish further. Technology Delhi,
Practical implications – The study provides insights covering how usage of IoT technology would help New Delhi, India.
the industry to grow up, how research and development organizations would be able to strengthen IoT
technology for further development and to what extent it will improve the human daily activities.
Social implications – IoT would influence lives of millions of people of India. IoT-related policies would
have huge social implication in terms of human–device interactions and communications. This research
is a contemporary study on the implication of IoT policy toward the future growth of IoT-enabled devices
in India.
Originality/value – The Government of India is expected to frame a comprehensive IoT policy with the
help of draft IoT policy of 2015. This paper has taken a unique attempt to provide effective inputs to
develop a comprehensive IoT policy for India.
Keywords India, Government, Policy, IoT, Regulation
Paper type Research paper

1. Introduction
Technology in the digital space in India has undergone massive transformation during the
past few years. Industry experts (Uckelmann et al., 2011, pp. 1-24) believe that such
transformation in India will continue. In this context, the technology in the digital space is the
Internet of Things (IoT). This may be defined as the technological connection among
telecommunication, software and industries connected with electronic hardware. This
innovative technology, IoT, is expected to bring many new opportunities that will be
beneficial to the industry (Gubbi et al., 2013, pp. 1,645-1,660). IoT technology is associated
with sensors whose numbers are forecast to increase to trillions in the near future with
involvement of various IoT applications numbering as high as the millions (Draft IoT Policy of
Internet of Things, 2015). With such progress in the field of technology, the IoT will be able
to reach new consumer sectors. It would be able to create a completely different type of
business behavior demanding an increased industry solution. This would immensely Received 24 April 2018
Revised 18 May 2018
improve the information technology (IT) industry sector by trillions of dollars, especially in 4 June 2018
those industrial sectors that would benefit from the IoT. Accepted 13 June 2018

DOI 10.1108/DPRG-04-2018-0017 VOL. 20 NO. 5 2018, pp. 399-412, © Emerald Publishing Limited, ISSN 2398-5038 j DIGITAL POLICY, REGULATION AND GOVERNANCE j PAGE 399
 The use of IoT is increasing exponentially across the world (Acquity Group, 2014, pp. 8-9).
In 2011, it was noted that IoT devices numbered about 12.5 billion, surpassing the global
population of 7 billion. Experts believe that by 2020, IoT-related devices would number
between 26 billion and 50 billion globally (ABI Research, 2013). India will also be able to
enjoy the advantages of this innovative technology. The Government of India (GOI) has
proposed the creation of 100 smart cities in India in the first phase. In its 2015 budget, a
sum of Rs 7,000 crore (about US$1.5bn) has been allocated for this purpose. It is expected
that this would encourage use of IoT and that use would rapidly increase. Again, in this
scenario, the Digital India Program of GOI, which has an aim to make the Indian society
digitally empowered, would help the IoT to flourish in India in the near future. In this regard,
the IoT policy of GOI would play a crucial role for realization of the enormous potential of the
IoT.
Application of the IoT technology is an innovative idea. It should be controlled and
structured with appropriate policy. This policy should be implementable and effective to
yield successful results. This will derive benefits to the users of the IoT technology (Oh et al.,
2003, pp. 267-280). The policy for IoT should be framed in such a way that the users feel
secured to use this IoT technology. From earlier days, number of studies has been
conducted to analyze how to frame a successful policy on different innovative issues
Downloaded by University of Sunderland At 02:07 03 November 2018 (PT)

(Pigou, 1938).
Regulation and governance are essential ingredients to frame IoT policy in India. But, the
IoT technology is a new entrant in India. So, scope of studies to frame IoT policy in Indian
context covering regulation and governance is limited. The policymakers face issues for
framing policy involving rules and regulations concerning to introduction of an innovative
technology. In this regard, there are several studies (Greenstone, 2002, pp. 1,175-1,219). In
this background, this study has taken an attempt to analyze how IoT technology was
developed from olden days, what is the IoT policy for India under different contexts and
what are the security and privacy issues concerning to IoT in Indian context. This study
ends with a comprehensive conclusion.

2. The evolution of Internet of Things

IoT is associated with a technological concept to connect things with the help of internet.
Long before the technological world used IoT, the things connected through internet found
its use. In 1980s, students of Carnegie Melon University fitted internet-connected photo
sensors to a soft drink vending machine. The technique gave the concerned stakeholders
to accurately count the number of bottles or cans. It could count how many bottles or cans
have been dispatched and how many were remaining. The entire operation was done in an
automated manner. This automated procedure helped anyone to easily count how many
bottles or cans have been dispatched and how many are remaining undisposed (Vetter,
1995, pp. 66-67). In 1990, John Romkey and Simon Heckett introduced a device where a
toaster was connected to internet. It was presented by John Romkey in a conference. In that
conference, he presented a Sun Beam Deluxe Automatic Radiant Control toaster, which
was connected through internet. The main function of the device was to make it
automatically “on” or to make it automatically “off.” Ashton of MIT (USA) formally first
introduced the idea of IoT in 1999 (Ashton, 1999). In this way, the conception of IoT started
growing rapidly and steadily in the healthy technological atmosphere. Dave Evans of
CISCO and Hans Vestburge of Erickson predicted that by 2020, almost 50 billion internet
connected devices would be available. However, prediction of number of internet
connected devices was not easy. Dave Evans of CISCO predicted again that 30 billion
internet-fitted devices would be available by 2020. On the contrary, Hans Vestburge
predicted the number as 28 billion. Different interpretations of IoT are considered
responsible for such variation of prediction of number of internet-connected devices.
Kechiche (2015) opined that difference of prediction of number was due to not

PAGE 400 j DIGITAL POLICY, REGULATION AND GOVERNANCE j VOL. 20 NO. 5 2018
 distinguishing machine to machine (M2M) devices from IoT devices. Research studies by
Machina Research (2015) highlighted that by 2024, M2M connections would be 27 billion.
Gartner estimated that in 2014, the number of IoT devices was 6.4 billion. This estimation
did not consider devices such as computers, smart phones and tablets (Nordrum, 2016).
The rapid growth of IoT technology made the experts perhaps over optimistic. It might be
another reason for variation of predicted estimate. However, the growth of IoT technology is
rapid regardless of the difference of predicted estimation. Table I shows the evolution of
IoT.

3. Definitions of Internet of Things

There are many definitions of IoT (Atzori et al., 2010; Bandyopadhyay and Sen, 2011;
Malina et al., 2016). It is interesting to note that experts defined IoT in various ways. IoT is
defined as “a network of items – each embedded with sensors – which are connected to the
internet” (IEEE, 2014). Again, Internet Engineering Task Force defined IoT as “in the vision
of IoT, ‘things’ are very various such as computers, sensors, actuators, people,
refrigerators, TVs, vehicles, phones, cloths, food, medicines, books, etc” (Minerva et al.,
2015). Again, Information Society and Media Directorate-General of European Commission
Downloaded by University of Sunderland At 02:07 03 November 2018 (PT)

(DGINFSO) and the European technology Platform on Smart Systems integration observed
that “thing” is “an abjected not precisely identifiable” (INFSO DG, 2008). Also, Strategic
Research Agenda of the Cluster of European Research Project defined IoT with its own

Table I Historical development of IoT

Year Historical development

1832 Baron Schill, Carl Friedrichguess and Wihelm weber were able to communicate on wireless
platform covering a distance of 1,200 meter with Electro Magnetic telegraph
1989 Wireless communication technology developed much and Tim Berness proposed World
Wide Web
1990 John Romkey was able to place an internet-connected devices (toaster)
1999 Kevin Ashton of MIT, USA gave vivid idea of IoT for the first time. With the help of RFID, this
conception of IoT developed more. Kevin also developed Electronic Product Code.
Gershenfend authored a book, “When things start to think.” It revolutionized the new
concept of IoT
2000 LG gave the idea of refrigerator fitted with internet
2002 With the help of MIT media laboratory, New York Time voiced focusing IoT as an idea of the
year
2003- Defence department of USA and Wal-Mart used RFID for defence and commercial
2004 purposes, respectively, enhancing the developmental idea of IoT
2008 Idea of “smart objects” was brought when IPSO Alliance was launched. In the same year,
European Union held a conference covering IoT. FCC approved use of “White Space”
spectrum having a vote in its favor
2008- IoT has been listed as one of the disruptive Civil Technologies by USNIC. Chinese Premier
2010 in 2010 announced massive investment in IoT sector to explore its business opportunities in
China
2011 IPv6 was launched
2012 In April 2012 and in May 2012, two conferences on IoT took place in Paris and in London,
respectively
2013 In April 2013, M2M World Congress on IoT was held. In June 2013, workshop on IoT took
place in Las Vegas
2014 In February 2014 at Geneva, Switzerland an event on IoT standardization was organized
2015 In November 2005, IoT World Forum took place in London. In December 2015 at Milano,
Italy, IEEE World Forum on IoT was organized
2016 During October 2016, event surrounding IoT was held in London. In November 2016, IoT
World Forum took place in London
2017 In January 2017, IoT Tech Expo was held in London. In June 2017, the global congress on
IoT was held in London

VOL. 20 NO. 5 2018 j DIGITAL POLICY, REGULATION AND GOVERNANCE j PAGE 401
 thinking (Vermesan et al., 2011). However, this definition faced sharp criticism because the
definition used components which were basically related to other visions (Uckelmann et al.,
2011). IoT is related to many technologies, visions and various types of research works.
Definitions of IoT given by experts overlap principles of five different entities, such as IoT,
mobile computing, pervasive computing, cycle–physical systems and wireless sensor
networks (Stankovic, 2014). Other experts opined that IoT is a blending of three visions
such as radio frequency identification (RFID), wireless sensors and actuators with near-field
communication (NFC) (Atzori et al., 2010). IoT is also defined as “IoT is seamless connected
network of embedded objects/devices with identifiers, in which M2M communication
without any human intervention is possible using standard and inter-operable
communication protocol.” Here phones, tablets and PCs have not been included in the
definition (Draft IoT Policy of Internet of Things, 2015).

4. Policy background
In the past couple of years, the digital space experienced considerable and meaningful
transformations. It would continue evolving owing to the rapid development of information
and communication technology (ICT). The recent remarkable entry in the digital space
technology is IoT. This IoT technology may be interpreted as close relation among software,
Downloaded by University of Sunderland At 02:07 03 November 2018 (PT)

electronic hardware industry and telecommunications. It predicts to offer outstanding scope

and opportunities to many industries in India. The IoT is involved in millions of applications,
which are expected to work with billions of intelligent systems. It is expected that IoT will
produce new set of consumers with novel business behavior. This will generate huge
opportunities to the Indian industries working with information technology. It would help to
improve the business of industries. This may be achieved with the help of IoT. The use of
IoT and its applications in India will be enhanced due to creation of 100 smart cities in India.
In 2015, a sum of Rs 7,060 crore (US$1.2bn) have been allocated for smart cities. Besides,
the introduction of Digital India program has fueled the opportunities of the IoT industries.
This is because digital India conception has aimed to transform to the conception of
“Knowledge Economy.” This will provide substantial impetus toward rapid development of
IoT. Digital infrastructures are being set up for smart city development and for Digital India
implementation program. This would boost up IoT-based industry, as IoT will help to quickly
develop infrastructure of smart cities. It will also help in implementing Digital India program.
The GOI is optimistic regarding benefits of IoT. This is because in smart cities, there will be
a need of smart parking, smart urban lighting, integrated transport system, water
management, tele-care, smart city maintenance, women safety mechanisms, digital
signature issues, smart grid system and so on. Help of IoT is needed to achieve success in
smart city and in Digital India Program. GOI expects that help of IoT is needed in industries
relating to agriculture, health-science, disaster management, energy management and so
on. By the help of IoT, the telecommunication operating system would earn huge revenue
against spending less cost. This would motivate other industries working with IT to take help
of IoT. It is expected that IoT would work through three stages. The IoT would help the
sensors to collect data, to analyze those data and finally would help in decision-making
mechanisms. The GOI has become optimistic by observing the huge benefits derived by
the USA, South Korea, China and others by the help of IoT. The key stakeholders for use of
IoT will be the end users, that is, the citizens; the implementers, that is, government; and the
industries. For achieving success, GOI opines that there must be active participation of all
the stakeholders. For promotion of IoT in India, a comprehensive, effective, implementable
and simple policy for IoT is essential. IoT would strategize a unique target – “Value Up” and
“Cost Down” model. The GOI is contemplating to gather experience from developed
countries that have been benefited by IoT. For developing IoT applications in India, active
participation of the global partners is needed. Ease of use, low cost and building scalable
models are the salient ingredients of IoT. For this, an effective platform is necessary. Data
are required to be collected, and to be shared among appropriate stakeholders to fetch

PAGE 402 j DIGITAL POLICY, REGULATION AND GOVERNANCE j VOL. 20 NO. 5 2018
 maximum benefits. Start-ups would be able to devise innovative models with smart concept
by the help of IoT. They will put an example to others in coming days.

4.1 Internet of Things policy vision of India

The GOI has already published a draft IoT policy in 2015. In that draft IoT policy, the GOI
has formulated a vision, “To develop connected and smart IoT system for our country’s
Economy, Society, Environment and Global Needs.” Here, the GOI has proposed the vision
with a target to accelerate progress of the country in all fields.

4.2 Internet of Things policy objectives

The GOI has fixed the following objectives for IoT applications in India. These are:
䊏 IoT industry will have to be created in India worth US$15bn by 2020. The IoT devices to
be used should become around 2.7 billion by 2020. The number of IoT devices was 200
million in 2015. Globally, the total revenue to be generated using IoT will be US$300bn
along with IoT-connected devices around 27 billion by 2020. The objective of India is to
grab 5 per cent to 6 per cent of global IoT industry. It has been proposed in the draft
Downloaded by University of Sunderland At 02:07 03 November 2018 (PT)

policy for IoT in 2015 by India.

䊏 Human capacity and technology capacity developments are to be achieved with the
help of IoT-oriented skill sets. This will improve domestic and international market for
India.
䊏 Research and development works concerning to the rapid development of IoT in India
are to be undertaken in an effective manner. This will help boost-up all assisting
technologies.
䊏 Products relating to IoT are required to be developed in different fields. They are in the
domains of health, agriculture, natural disaster, quality of water, automobile, security
and privacy, transportation, smart cities, digital India program, automated metering
systems including waste management, oil and gas management and so on.

5. Regulation and governance related to Internet of Things in India

We have already used the two terms regulation and governance here. Explanations of the
meanings of regulation and governance are needed. The definition of regulation is based
on the context in which it is necessary. Having its contextual complexity, the definition of
regulation is still a subject matter of discussions on the table. The following three definitions
are to be understood and to make a compromising average of the three. They are:

1. “The promulgation of an authoritative set of rules accompanied by some mechanism

[. . .] for maintaining and promoting compliance with these rules.”
2. Regulation means “all the efforts of state agencies to steer the economy.”

3. Regulation means as “all mechanisms of social control – including uninternational and

non-state processes” (Baldwin et al., 1998, pp. 3-4).
We marked that there exists variation of definitions of regulation. However, it is stated that
the variation of definition is context-centric. Economists, lawyers, political scientists and
consumers rely on the first two definitions. Socio-legal scholars rely on third definition of
regulation. Again, many authors rely on another definition of regulation, like regulation is
“sustained and focused control exercised by a public agency over activities that are valued
by community” (Selznick, 1985, p. 365). Another more detailed definition of regulation is:
Sustained and focused attempt to alter the behavior of others according to defined standards
and purposes with the intension of producing a broadly identified outcome or outcomes which

VOL. 20 NO. 5 2018 j DIGITAL POLICY, REGULATION AND GOVERNANCE j PAGE 403
 may involve mechanism of standard setting, information-gathering and behavior modification
(Black, 2002, p. 26).

To search any agreement among these definitions is not the subject matter of this article.
This has been done by other researchers (Christel and Martin, 2017, pp. 95-108). Now
comes another term, governance. Governance means matters relating to rules, processes
and behavior. This is related with control of powers containing five principles. They are
participation, openness, effectiveness, accountability and coherence. Subsidiarity and
proportionality are reinforced for good governance through these five principles (Florent,
2011). Our works are confined on matters concerning to IoT in India. We are interested to
understand the policy for IoT. We need to realize the meaning of IoT governance. We
should realize how regulations affecting usage of IoT by citizens of India would be enforced
and so on. Our goal is to improve the quality and standard of life of citizens of India with the
help of IoT. This idea is applicable to all sectors of new disciplines. Whatever policy is
framed and whatever regulations and governance are structured for IoT, the goal is to do
good for the people. The term “IoT governance,” refers to the development by governments
and by private sectors including civil society. These agencies are to frame principles and
policies, regulations, norms, rules and affairs of decision-making mechanisms. This would
Downloaded by University of Sunderland At 02:07 03 November 2018 (PT)

help shape for development of IoT to derive maximum benefits for the betterment of the
society. It would enhance the quality and standard of life of the users. Good governance is
needed for deriving maximum benefits to the society. Activities of any innovative discipline
are to be controlled with strict regulations. To ensure this, good governance is needed. By
applications of appropriate regulations and good governance, the citizens may be
motivated to use IoT for fetching maximum benefit.

5.1 Proposed Internet of Things governance structure in India

The GOI has taken a sincere policy to form the following structure for appropriate
governance of IoT activities and its implementations. They are stated below.
5.1.1 To set up advisory committee. With appropriate representations from government,
industries and academia, a high-level advisory committee (HLAC) is to be formed. This
committee is to provide meaningful and effective guidelines concerning to the emerging
areas of IoT. This HLAC will have the representation, as is given in Figure 1.
5.1.2 Governance committee. High-power governance committee for implementing
effective governance is to be formed with secretory, Department of Electronic and
Information Technology (DeitY), GOI at its chair. It will be represented by government
stakeholders responsible for all IoT initiatives. Government officials looking after IoT projects
responsible for the progress of the projects with planned time-frame are to be included.

Figure 1 HILC structure

HLAC

Government Domain Ministry Industry Experts

i. ITU, IEEE, IETF (Standardization) Members i. Nano-electronics
ii. Technology Organization ii. Communication &
iii. Bureau of Indian Standards (BIS) Integration Software
iv. Academicians covering R&D iii. Sensors Technologies
v. Network Organization iv. Networking
v. Application Security
vi. Cloud Security

PAGE 404 j DIGITAL POLICY, REGULATION AND GOVERNANCE j VOL. 20 NO. 5 2018
 5.1.3 Program management unit. A high-level committee in the name of “Program
Management Unit” will be formed chaired by the Director of IoT operation with smart city
support. The role of this committee will be:
䊏 to give appropriate supports to the detection of multifarious initiatives to operationalize
IoT policy effectively;
䊏 to provide implementational supports on the on-going IoT process and to monitor the
progress;
䊏 to aptly identify the weaknesses of the IoT initiatives and to prescribe remedies to
improve; and
䊏 to review periodically the on-going IoT projects for their successful completion on time.

6. Pillars of Internet of Things policy in India

To implement the IoT policy in India, a calibrated approach is essential. To achieve this, a
pragmatic framework should be structured. Basing on this framework, the GOI is to
proceed to materialize the goal with contribution of IoT in all relevant fields. The framework
should have five salient vertical pillars with two horizontal intersections like standard and
Downloaded by University of Sunderland At 02:07 03 November 2018 (PT)

governance. The framework is shown in Figure 2 and in Table II.

The five pillars are demonstration center, capacity building and incubation, R&D innovation,
incentive and engagement and human resource development.

Figure 2 Pillars of IoT as per Government of India IoT draft policy

Internet of Things Policy

(Government)

1 2 3 4 5

Demo Standards
Capacity Building

R&D Innovation

Human Resource

ion
Demonstration

and Incubation

Incentives and
Engagements

Development

Cente
Centers

rs

Governance Structure

Table II IoT policy supported by five pillars

Pillar no. Pillar name

1 Demonstration centers
2 Capacity building and incubation
3 Research and development (R&D) innovation
4 Incentives and engagements
5 Human resource development
Source: Draft IoT Policy of Internet of Things (2015)

VOL. 20 NO. 5 2018 j DIGITAL POLICY, REGULATION AND GOVERNANCE j PAGE 405
 6.1 Demonstration centers
Strategies for each domain are to be developed appropriately. The domains are green
building, smart grid, smart cities, agriculture, health care, connected homes, telematics,
supply chain management, forest affairs, natural disaster, wild life preservations and so on.
Applications of IoT relating to each above noted area are to be identified. Proper budgetary
allotment is to be made. The progress in each area is to be periodically monitored and
appropriately reviewed. This is explained below:
䊏 Smart city model is to be set up. For this, concept of IoT is to be explored. This concept
is to be properly applied. The model is required to use the IoT technology in some
sectors. They are smart traffic, smart lighting, smart building, smart parks, smart traffic
management techniques, smart metering, smart solid waste management, quality
maintenance of water, smart surveillance and so on.
䊏 For maintenance of quality of supply water, appropriate tools are to be used with the
help of IoT. This is to be done for those places such as government-owned educational
institutes, public places where government water supply exists. Leakage of water is to
be detected by the help of modern technology like IoT. Wastage of water is to be
detected and protected. Sharp vigilance is to be scientifically ensured to check factory
Downloaded by University of Sunderland At 02:07 03 November 2018 (PT)

waste thrown in river. This is needed for avoiding contamination of river water.
䊏 To maintain smart environment, the carbon dioxide emission is to be detected and
controlled by the help of IoT technology. This will mitigate pollution which is harmful for
health. To keep the inhabitants aware regarding tremors, National Advance Seismic
System is to be established. Alarm system should be there to keep the stakeholders
aware in case of emergencies.
䊏 Arrangements are to be made to support the patients having dementia and other
unhealthy ailments. Projects are to be set up for maintaining different parameters of
patients such as subtle alteration concerning to pulse, respiration, temperature and
heart condition. Precautionary warnings are to be made on early onset of critical
diseases such as pneumonia or other serious diseases.
䊏 For ensuring appropriately SWACHH BHARAT (clean India) initiatives, appropriate
projects are required to be set up with the help of IoT.
䊏 Toward Smart Agricultural issues, appropriate projects are to be set up. These might
include assessing moisture of soils, issues relating to earth density and so on. This
might be done through online mechanisms with the help of IoT. Appropriate projects
are to be set up for the farmers to inform them to monitor appropriate storage system.
䊏 Toward smart safety, appropriate automatic projects with the help of IoT may be set up.
This will ensure safety of women, old-aged people and children.
Other smart measures are to be taken with the help of IoT as and when required.

6.2 Capacity building and incubation

GOI would allot fund to establish effective capacity building for enhancement of
technological knowledge among the stakeholders with the help of IoT. Research centers are
to be established with modern experimental facilities covering different applicability of IoT.
The GOI will allot fund periodically to facilitate experimental works covering IoT
applications. The main objectives of capacity building and incubation are given below:

1. To explore the possibilities of creation of new type of IoT devices beneficial for the
human beings.
2. To help ontological activities for developing benefits to the IoT community.

PAGE 406 j DIGITAL POLICY, REGULATION AND GOVERNANCE j VOL. 20 NO. 5 2018
 3. To give impetus to the research and academic communities for improving the
knowledge relating to IoT hardware and IoT software.

4. To take appropriate steps for defining required standards for IoT devices and to help to
boost up studies covering IoT innovations.

5. To arrange to enhance awareness regarding use and benefit of IoT. The students
should be involved for research works covering IoT. It would help development of IoT
technologies. For this, regular workshops are to be conducted.
6. Under Public Private Partnership model, incubation centers known as National Center
of Excellence are to be set up with the help from NASSCOM to support IoT
developmental works. The incubation centers will produce effective innovative culture
also. The operation will include the following issues.

䊏 These incubation centers will be set up with the help of Center of Excellence on
Internet of Things (COE-IoT) in major cities to develop IoT innovation. Close
relation will be established with the help of NASSCOM between academia and
industries for best utilization of IoT in industries.
Downloaded by University of Sunderland At 02:07 03 November 2018 (PT)

䊏 A steering committee will be set up for appropriately evaluating the incubation.

The committee will be represented by government officials, industry partners and
academia.
䊏 There will be creation of eco-system for transferring knowledge to the startups to
utilize IoT effectively.
䊏 Each incubation center will consist of laboratories with latest equipment, office
infrastructure and other relevant essentialities. GOI would allot fund appropriately
to facilitate research works.
䊏 The funding for incubation centers will be managed by the Government and by the
industries.

6.3 Research and development innovation

To meet the funds for R&D works for innovation, GOI would set up a project named
“International IoT Research Collaboration Scheme” (IIRC). It would be instituted by DeitY,
GOI. It would simulate private sector involvements in IoT-related R&D works. Attempts will
be taken to get international partners involved in R&D works covering IoT. This IIRC will help
to frame treaties with other countries for generation of joint projects covering IoT-related
R&D activities. Here, India and other involved countries would fund 50 per cent each. In the
form of loan, equity and grant, this parent body (IIRC) will help for funding to the IoT
industry. The funding will be made by IIRC to the new IoT-related projects in industries after
analyzing the viabilities. An organization will also be set up under IIRC to handle the whole
project from its initial stage to the completion.

6.4 Incentives and engagements

In terms of “make in India” program, the overseas enterprises would be encouraged to set
up IoT industries everywhere in India. The GOI would provide many facilities for this. It
includes duty benefits on the raw materials, required to be imported. The GOI will sell raw
materials to these overseas enterprises in this context with a facility of reimbursement of
excise duty. Space and internet facilities will be given to them in a reduced rate for
establishment of IoT development centers. Formalities to be maintained would be simple
and hazardless.

VOL. 20 NO. 5 2018 j DIGITAL POLICY, REGULATION AND GOVERNANCE j PAGE 407
 The GOI will extend all facilities to those IoT-based Indian industries for joining International
Trade Fair concerning IoT activities. Capabilities to use IoT technologies in India will be
exhibited in those fairs. Participant Indian industries would enrich them with the latest use
and style of IoT technologies. This will help to establish close relation with the foreign
industry experts on IoT- specific works. This would be beneficial for the Indian industries
participating there. The GOI would give fund for hiring space in those fairs for these small
and medium enterprises (SMEs). The selection of SMEs in this respect will be done by
National Small Industries Corporation. SMEs will enjoy their international exposures to
promote their IoT-related products in the international markets. An appropriate sum will be
earmarked for each enterprise per year. For this, appropriate budgetary allocation will be
there. This will boost up SMEs to develop their IoT-related activities. It would enrich the IoT
environment in India. Besides, SMEs would undertake specific study tours to develop
expertise covering applications of IoT in keeping with the global standard. GOI has already
taken appropriate policies to materialize to develop the IoT products. Those will be sold at
subsidized rate with Government help. GOI would select domestic industries using IoT-
related devices to become mentors of Steering Committee of IEEE. This will help for
standardization, as well as for identification of standard security parameters. The industry
people will take part in high-level advisory committee related to IoT. It would help the
Downloaded by University of Sunderland At 02:07 03 November 2018 (PT)

industries to keep in close touch with latest IoT developmental activities in the country. GOI
would arrange some IoT-related domestic industries to take part in International forum. This
has been done to keep them constantly aware regarding latest developments of IoT
capabilities. It would help those industries to commercialize them in the International IoT
business environment.

6.5 Human resource development

The DeitY of GOI would take up holistic planned programs to create an IoT education
environment with progress of IoT awareness. This will help develop appropriate skill sets in
all levels. The salient objectives of this education and awareness programs are given below:
䊏 To introduce short training programs for IoT spanning for two to six weeks. Appropriate
norms for accreditation of all those short training programs will be set.
䊏 IoT curriculum will be introduced in BTech and MTech levels. It will boost up activities
for research works covering IoT in PhD level.
䊏 Information relating to utilization of IoT will be widely published in a methodical manner.
Articles covering IoT will be published in leading Journals. Audio materials, as well as
video materials, will be developed covering information for utilization of IoT. This will be
done through social media. Industrial personalities and academicians should attend
IoT-related conferences in India and in abroad. GOI would facilitate this. Industry
professionals, faculties and students would attend workshops on IoT regularly.
䊏 Education exchange programs covering cross-country activities with IoT issues would
be arranged to develop skills relating to IoT in all levels. For this, appropriate domestic
and foreign trainings covering IoT issues will be imparted. In these trainings, the
concerned government officials would also be involved.
䊏 Bilateral cooperation programs covering IoT should be launched between Indian
Institute of Technologies and premier institutes of other countries.
䊏 Faculty Exchange Programs will be regularly arranged involving domestic and foreign
faculties to enrich them with latest IoT-related developments.
䊏 Target is to be taken up to sponsor at least 150 students every year regarding IoT
related PhD programs.

PAGE 408 j DIGITAL POLICY, REGULATION AND GOVERNANCE j VOL. 20 NO. 5 2018
 䊏 To boost up IoT culture, GOI has contemplated to create young faculty chairs. These
posts will be created in premier Indian technical institutes. These fellows will act as a
bridge of connection between IoT-based industries and academia. These faculties will
be responsible to identify the specific areas where IoT applications would fetch effective
results. While doing so, these faculties would duly consult with related industry experts. It
has been contemplated that in each IIT, at least five such posts will be created. The GOI
would provide appropriate funds for their salaries and for their in-depth studies.
䊏 With the help of academia, industry and other concerned stakeholders, a committee will
be formed to arrange to develop, design and test IoT devices for their extent of
applications. This body would also help in developing research works covering IoT.

7. Security and privacy issues within the Internet of Things

IoT is expanding in the world rapidly. It is becoming more associated with the fabric of human
daily lives. IoT is gradually becoming vital component of human infrastructure. In this regard,
question of its security has become vital. Security of the IoT eco-system is based upon some
principles such as confidentiality, availability, integrity, possession, utility and authority (Parker,
1998). These ingredients were improved by adding some other ingredients such as reliability,
Downloaded by University of Sunderland At 02:07 03 November 2018 (PT)

robustness, safety, performability, resilience and survivability (Sterbenz et al., 2010, pp. 1245-
1265). Some of the issues covering IoT applications subjected to security challenges are
heterogeneity (Sicari et al., 2015, pp. 146-164), authentication and identity management
(Mahalle et al., 2010; Vermesan et al., 2011), authorization and access control (Abomhara and
Køien, 2014; Cerf, 2015), accountability (Maglaras et al., 2016, p. 3), health issues (Storm,
2015), logistics (Misra et al., 2016), smart grid issues (Liang et al., 2017) and so on.
Privacy issue appears to be a major concern so far as IoT is concerned (Roman et al., 2011,
pp. 51-58; Gessner et al., 2012; Ziegeldorf et al., 2014, pp. 2728-2742). Through IoT activities,
enormous quantities of data are exchanged. Concerned users’ confidence about the
preservation of their privacy is to be ensured. If the users are safeguarded and satisfied, they
would enhance their usage of IoT (Yan et al., 2014, pp. 120-134). Modern technologies such as
virtual private networks, transport layer security, private information retrieval (Weber, 2010,
pp. 23-30) have been developed to protect privacy. These are essential as IoT-related
technologies have already entered the homes. Data associated with a fridge (Smart fridge) in
home can be used to realize the food habits of the concerned residents. This is an essential
information for life insurance companies to detect health conditions of residents. Hence, these
vulnerabilities are to be regulated properly. In the UK, General Data Protection Regulation has
been framed to address these situations. The IoT-related technologies have advanced a lot.
Even, toys fitted with appropriate sensors can expose identifiable information of children. This
might be instrumental to locate the child (Dobbins, 2015). These toys may also be used to act a
surveillance device (Chaudron et al., 2017). It is otherwise vulnerable. Hence, strict regulations
should be framed to check this. Developing countries have already framed appropriate
regulations to control these affairs (Sun Chunling, 2012). In India, however, this type of measure
is found absent in the IoT draft policy. Authorities are to indulge attention to this.

8. Conclusion
In this article, we have discussed about regulations and governance covering IoT activities in
India. We have discussed the policy for IoT to be adopted in India to improve business
activities. This will eventually improve the economy of India. GOI has provided draft IoT policy
for India during 2015, but the actual policy has not been published yet. The draft policy has
proposed many new avenues to boost up IoT practices. But, the draft policy is found silent to
frame regulations for addressing security and privacy issues. Use of IoT will bring in huge flow
of data of several types including personal data. The concerned persons will not allow
exchanging their personal data without proper protection. Here is the need of structuring strict

VOL. 20 NO. 5 2018 j DIGITAL POLICY, REGULATION AND GOVERNANCE j PAGE 409
 regulations and ensuring good governance for developing trust in users’ mind. This is perhaps
the secret of success to enhance the usage of IoT in India. It is expected that GOI would frame
final policy on IoT soon basing on draft policy. The draft IoT policy is silent for development of
trust in the minds of potential users of IoT in India. The policy should cover this issue of trust to
improve IoT usage in India. Comprehensive regulations are to be framed to protect security
and privacy. This will bring confidence among the end users. The regulation is to be executed
with the help of good governance. It will be valueless if the regulation is not properly executed.
The draft policy has proposed many projects covering IoT activities. But, it is not clear
wherefrom appropriate funding will be available. Fund constraint may stand on the way. It may
interrupt progress of IoT-based projects in India. Besides, it is a fact that IoT would influence
the growth of industry. The IoT applications in Industry are more complex than ICT-based
traditional applications. This is because IoT is covered with large attack surface having
innumerable attack vectors (Sadeghi et al., 2015, pp. 1-6). The draft policy for IoT in India
published in 2015 has not made clear about the basic definition of privacy requirements for
industry. For this, proper implementable regulation is to be formulated (Da Xu et al., 2014,
pp. 2233-2243). With the help of IoT technology, there is a chance of leakage of industrial data
of an organization. This may occur by the espionage of other organizations undermining
competitive advantage. The GOI should be watchful to frame appropriate policy to address
this. It will be better if a standardization is framed to impose restriction. This formulation of
Downloaded by University of Sunderland At 02:07 03 November 2018 (PT)

standardization is to be developed in conformity with regulatory and legal compliance.

Another issue is to be kept in mind by GOI while framing policy. We know, that IoT device
functions with low power and low area. Hence, attack-resistant solutions are to be formulated
appropriately to protect IoT devices from attack. The IoT technology has opened a lucrative
opportunity to revolutionize our modern lifestyles. But, challenges are there to address harmful
consequences. For this, best practices and guidelines provided for security of IoT-based
devices are to be followed in India. In this regard, the guidelines of US Department of Home-
Land Security (DHS, 2016) may be followed. Then it will fetch better results.

References
ABI Research (2013), “More than 30 billion devices will wirelessly connect to the internet of everything in
2020”, London, available at: www.abiresearch.com/press/more-than-30-billion-devices-will-wirelessly-
conne/
Abomhara, M. and Køien, G.M. (2014), “Security and privacy in the internet of things: current status and
open issues”, International Conference on Privacy and Security in Mobile Systems (PRISMS), Aalborg,
11-14 May, 1-8.
Acquity Group (2014), “The internet of thing: the continuation of internet”, pp. 8-9, available at: https://
thelbma.com/wp-content/uploads/files/561-acquitygroup-IOT.pdf
Atzori, L., Iera, A. and Morabito, G. (2010), “The internet of things: a survey”, Computer Networks, Vol. 54
No. 15, pp. 2787-2805, doi: 10.1016/j.comnet.2010.05.010.
Baldwin, R., Scott, C. and Hood, C. (1998), “Introduction”, in Baldwin, R., Scott, C., Hood, C. (Eds), A
Reader on Regulation, Oxford University Press, Oxford, pp. 1-55.
Bandyopadhyay, D. and Sen, J. (2011), “Internet of things: applications and challenges in technology
and standardization”, Wireless Personal Communications, Vol. 58 No. 1, pp. 49-69, doi: 10.1007/s11277-
011-0288-5.
Black, J. (2002), “Critical reflections on regulation”, Australian Journal of Legal Philosophy, Vol. 27, pp. 1-35.

Cerf, V.G. (2015), “Access control and the internet of things”, IEEE Internet Computing, Vol. 19 No. 5,
pp. 96-c3, doi: 10.1109/MIC.2015.108.
Chaudron, S., Di Gioia, R., Gemo, M., Holloway, D., Marsh, J., Mascheroni, G., Peter, J. and Yamada-
Rice, D. (2017), “Kaleidoscope on the internet of Toys – Safety, security, privacy and societal insights”,
EUR, Vol. 28397, doi: 10.2788/05383.
Christel, K. and Martin, L. (2017), “What is regulation? An interdisciplinary concept analysis”, Journal of
Regulation & Governance, Vol. 11 No. 1, pp. 95-108.

PAGE 410 j DIGITAL POLICY, REGULATION AND GOVERNANCE j VOL. 20 NO. 5 2018
 Da Xu, L., He, W. and Li, S. (2014), “Internet of things in industries: a survey”, IEEE Transactions on
Industrial Informatics, Vol. 10 No. 4, pp. 2233-2243.
DHS (2016), “US department of homeland security: strategic principles for securing the internet of things
(IoT)”, November, available at: www.dhs.gov/sites/default/ files/publications/Strategic_Principles_for_
Securing_the_Internet_of_Things-2016-1115-FINAL_v2-dg11.pdf (accessed 4 July 2017).
Dobbins, D.L. (2015), “Analysis of security concerns and privacy risks of children’s smart toys”, PhD
dissertation, Washington University St. Louis, St. Louis, MO.
Draft IoT Policy of Internet of Things (2015), pp. 1-15, available at: www.mygov.in/sites/default/files/
master_image/Revised-Draft-IoT-Policy-2.pdf
Florent, F. (2011), “IoT governance roadmap”, INFSO D4, European Commission, Brussels, 30 June.
Gessner, D., Alexis, O., Alexander Salinas, S. and Alexandru, S. (2012), “Trustworthy infrastructure services
for a secure and privacy-respecting internet of things”, IEEE 11th International Conference on Trust, Security
and Privacy in Computing and Communications (TrustCom), Liverpool, pp. 25-27, 998-1003.
Greenstone, M. (2002), “The impacts of environmental regulations on industrial activity: evidence from
the 1970 and 1977 clean air act amendments and the census of manufactures”, Journal of Political
Economy, Vol. 110 No. 6, pp. 1175-1219.
Gubbi, J., Buyya, R., Marusic, S. and Palaniswami, M. (2013), “Internet of things (IoT): a vision,
architectural elements, and future direction”, Future Generation Computers Systems, Vol. 29 No. 7,
Downloaded by University of Sunderland At 02:07 03 November 2018 (PT)

pp. 1645-1660.

IEEE (2014), “Special report: the internet of things”, available at: http://theinstitute.ieee.org/static/special-
report-the-internet-of-things (accessed 4 July 2017).
INFSO DG (2008), “Internet of things in 2020: a roadmap for the future”, INFSO D. 4 Networked
Enterprise & RFID, INFSO G. 2 Micro & Nano Systems in Co-operation with RFID Working Group of the
European Technology Platform on Smart Systems Integration (EPOSS), European Commission, Brussels,
Tech. Rep. (ver. 3).
Kechiche, S. (2015), “Cellular M2M forecasts: unlocking growth”, Technical Report, GSMA Intelligence,
February, available at: www.gsmaintelligence.com/research/?file=9c1e1fdff645386942d758185ceed
941&download (accessed 4 July 2017).
Liang, G., Steven, R., Weller, J., Zhao, Fengji, L. and Zhao Yang, D. (2017), “The 2015 Ukraine blackout:
implications for false data injection attacks”, IEEE Transactions on Power Systems, Vol. 32 No. 4,
pp. 3317-3318.
Machina Research (2015), “Global M2M market to grow to 27 billion devices, generating USD1.6 trillion
revenue in 2024”, available at: https://machinaresearch.com/news/globalm2m-market-to-grow-to-27-
billion-devices-generating-usd16-trillion-revenue-in-2024/ (accessed 4 July 2017).
Maglaras, L.A., Al-Bayatti, A.H., Ying, H., Wagner, I. and Janicke, H. (2016), “Social internet of vehicles
for smart cities”, Journal of Sensor and Actuator Networks, Vol. 5 No. 1, p. 3.
Mahalle, P., Babar, S., Neeli, R.P. and Prasad, R. (2010), “Identity management framework towards
internet of things (IoT): roadmap and key challenges”, in Meghanathan, N., Boumerdassi, S., Chaki,
N. and Nagamalai, D. (Eds), Recent Trends in Network Security and Applications, Springer, Berlin,
430-439.
Malina, L., Hajny, J., Fujdiak, R. and Hosek, J. (2016), “On perspective of security and Privacy-Preserving
solutions in the internet of things”, Computer Networks, Vol. 102, pp. 83-95, doi: 10.1016/j.
comnet.2016.03.011.

Minerva, R. Biru, A. and Rotondi, D. (2015), “Towards a definition of the internet of things (IoT)”, IEEE
Internet Initiative, Torino, p. 1.

Misra, S., Kapadi, M., Gudi, R.D. and Srihari, R. (2016), “Production scheduling of an air separation
plant”, IFAC-PapersOnLine, Vol. 40 No. 7, pp. 675-680, doi: 10.1016/j.ifacol.2016.07.256.
Nordrum, A. (2016), “Popular internet of things forecast of 50 billion devices by 2020 is outdated”, IEEE
Spectrum, available at: http://spectrum.ieee.org/tech-talk/telecom/internet/popular-internet-of-things-
forecast-of-50-billion-devices-by-2020-is-outdated (accessed 4 July 2017).

Oh, S., Ahn, J. and Kim, B. (2003), “Adoption of broad band internet in Korea: the role of experience in
building attitude”, Journal of Information Technology, Vol. 18 No. 4, pp. 267-280.

VOL. 20 NO. 5 2018 j DIGITAL POLICY, REGULATION AND GOVERNANCE j PAGE 411
 Parker, D.B. (1998), Fighting Computer Crime: A New Framework for Protecting Information, Wiley,
New York, NY.

Pigou, A. (1938), The Economics of Welfare, Macmillan, London.

Roman, R., Najera, P. and Lopez, J. (2011), “Securing the internet of things (IoT)”, IEEE Computer, Vol. 44
No. 9, pp. 51-58, doi: 10.1109/MC.2011.291.
Sadeghi, A.R., Christian, W. and Michael, W. (2015), “Security and privacy challenges in industrial
internet of things”, 52nd ACM/EDAC/IEEE Design Automation Conference, San Francisco, CA, 8-10
June, ACM Press, New York, NY, 1-6.
Selznick, P. (1985), “Focusing organizational research on regulation”, in Noll, R. (Ed.), Regulatory Policy
and the Social Sciences, University of CA Press, Berkeley. 363-367.
Sicari, S., Alessandra, R., Luigi, A.G. and Alberto, C. (2015), “Security, privacy and trust in internet of
things: the road ahead”, Computer Networks, Vol. 76, pp. 146-164.

Stankovic, J.A. (2014), “Research directions for the internet of things”, IEEE Internet of Things Journal,
Vol. 1 No. 1, pp. 3-9.
Sterbenz, J.P.G., David, H., Egemen, K.Ç., Abdul, J., Justin, P.R., Marcus, S. and Paul, S. (2010),
“Resilience and survivability in communication networks: strategies, principles, and survey of
disciplines”, Computer Networks, Vol. 54 No. 8, pp. 1245-1265.
Downloaded by University of Sunderland At 02:07 03 November 2018 (PT)

Storm, D. (2015), “MEDJACK: hackers hijacking medical devices to create backdoors in hospital
networks”, Computer-world, 8 June.
Sun Chunling (2012), “Application of RFID technology for logistics on internet of things”, AASRI Procedia,
Vol. 1, pp. 106-111, doi: 10.1016/j.aasri.2012.06.019.
Uckelmann, D., Harrison, M. and Michahelles, F. (2011), An Architectural Approach towards the Future
Internet of Things, Springer, Berlin. 1-24.
Uckelmann, D., Mark, H. and Florian, M. (2011), “An architectural approach towards the future internet of
things”, in Uckelmann, D., Harrison, M. and Michahelles, F. (Eds), Architecting the Internet of Things,
Springer, Berlin, 1-24.
Vermesan, O. Peter, F. Patrick, G. Sergio, G. Harald, S. Alessandro, B. and Ignacio, S.J. (2011), “Internet of
things strategic research roadmap”, Internet of Things-Global Technological and Societal Trends, 1, 9-52,
available at: http://internet-ofthings-research.eu/pdf/IoT_Cluster_Strategic_Research_Agenda_2011.pdf
(accessed 4 July 2017).
Vetter, R.J. (1995), “Internet Kiosk-Computer-Controlled Devices reach the internet”, Computer, Vol. 28
No. 12, pp. 66-67.
Weber, R.H. (2010), “Internet of Things – New security and privacy challenges”, Computer Law &
Security Review, Vol. 26 No. 1, pp. 23-30.

Yan, Z., Peng, Z. and Athanasios, V.V. (2014), “A survey on trust management for internet of things”,
Journal of Network and Computer Applications, Vol. 42, pp. 120-134, doi: 10.1016/j.jnca.2014.01.014.
Ziegeldorf, J.H., Oscar, G.M. and Klaus, W. (2014), “Privacy in the internet of things: threats and
challenges”, Security and Communication Networks, Vol. 7 No. 12, pp. 2728-2742.

Further reading
Ashton, K. (2009), “That ‘internet of things’ thing”, RFiD Journal, Vol. 22, pp. 97-114.

Corresponding author
Sheshadri Chatterjee can be contacted at: sheshadri.academic@gmail.com

For instructions on how to order reprints of this article, please visit our website:
www.emeraldgrouppublishing.com/licensing/reprints.htm
Or contact us for further details: permissions@emeraldinsight.com

PAGE 412 j DIGITAL POLICY, REGULATION AND GOVERNANCE j VOL. 20 NO. 5 2018