Online Trust Alliance Recommends a Shared Model to Limit IoT Risk | eWeek

Online Trust Alliance Advocates for a Shared Model to Secure IoT

Online Trust Alliance
Mar 8, 2017
3 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

No one individual company or government entity alone will be able to secure the potential security threats that internet of things (IoT) connected devices represent, according to the Online Trust Alliance (OTA). Rather, the OTA suggests in a new report that IoT security is a collaborative and shared responsibility.

The OTA report draws a comparison with global warming and connected device security. With global warming, no one individual or government alone can act to improve the entire situation, rather there is a need for shared responsibility and collaboration across multiple stakeholders around the world.

With the global warming crisis, there is a growing trend around the world for different types of ‘carbon taxes’ as a way to offset the costs of helping to improve the environment. However, there currently isn’t any such item in IoT security.

“In certain cities if you do not recycle you are charged more for your garbage,” OTA President and Executive Director, Craig Spiezle, told eWEEK. “If you spam someone your email might get blocked, but with IoT devices the user does not bear any responsibility for a device which might be impacting others.”

The OTA report recommends that multiple groups, including retailers, developers, car dealers, internet service providers, policy makers and consumers all have active roles to play to promote and protect IoT device security and privacy.

In particular, the OTA suggests that retailers can choose to only sell products that take user privacy and security into account, much the same way that some retailers have chosen not to sell products that use materials from unsustainable forests. Spiezle even sees profit potential for retailers in embracing more secure IoT devices.

“Devices which are more secure might add to the bottom line of reduced returns and better online reviews,” Spiezle said.

In terms of how retailers and other groups could determine the relative privacy and security of IoT devices, there are several different things that can be done. The OTA has an approach called the IoT Trust Framework that was updated on Jan. 5, providing guidance on how to develop secure IoT devices and assess risk. Spiezle said that retailers could make use of the IoT Trust Framework and have their vendors self-assert (via a legal signatory) their adoption and adherence to principles.

Consumer Reports recently announced that it will be taking security into account as part of its review process. Spiezle noted that Consumer Reports has had discussions with the OTA and they also provided input into the IoT Trust Framework.

“Anything that increases consumer awareness and demand for more secure devices and respect for privacy, is a good thing,” Spiezle said.

Spiezle doesn’t see the IoT Trust Framework as being something that can or should be legally enforced. However, he noted that it could become a so-called ‘safe harbor’ from regulatory action and class action suits if one can show they have adopted commercially reasonable best practices.

Ultimately, consumers have a great deal of power in helping to improve IoT security. The OTA recommends that consumers can and should keep devices fully patched and updated. Additionally, the OTA suggests that consumers review device vendors security and privacy policies before buying any new technology. If the policies aren’t there or aren’t adequate, the OTA advocates for consumers to simply look at another device or vendor.

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.