FTC Says IoT Focus Should Be on Security, Privacy
In its report, the regulators say tech vendors and device makers must ensure that their systems and the data they collect are safe.Federal regulators say that while the growing Internet of things is already benefiting consumers in many ways, technology vendors and businesses building the connected devices must keep security and privacy at the forefront of their efforts. In a report issued Jan. 27, the Federal Trade Commission laid out steps that vendors and businesses should take to ensure that as the Internet of things (IoT) grows by tens of billions of devices over the next few years, and that end users can be sure that the devices and systems they're using and the data those systems are collecting are safe. "The only way for the Internet of things to reach its full potential for innovation is with the trust of American consumers," FTC Chairwoman Edith Ramirez said in a statement. "We believe that by adopting the best practices we've laid out, businesses will be better able to provide consumers the protections they want and allow the benefits of the Internet of things to be fully realized." The bulk of the FTC's report is based on input from attendees—including technology experts, consumer advocates and academics—at the commission's IoT workshop in November 2013, as well as public comments submitted to the agency. Security was a key topic during the workshop, according to FTC officials.
Among the FTC's recommendations are ensuring that security is built into the devices from the start, rather than tacking it on during the design process, and making sure that employees are trained about the importance of security. In addition, outside service providers also should be able to meet minimum security requirements, and companies should ensure that unauthorized people can't access consumers' devices or data that is stored on the network, and that they have a comprehensive strategy for responding to a security situation.