During a keynote speech Tuesday at the Consumer Electronics Show, Federal Trade Commission (FTC) Chairwoman Edith Ramirez highlighted the benefits and security risks of the rapidlyexpanding universe of smart appliances and other devices that make up the Internet of Things (IoT).
Among the many electronic items on display at this year’s CES, webconnected health meters, smart thermostats, remote parking assistants and a wide variety of other IoTenabled devices are dominating the spotlight. Recent statistics issued by the FTC anticipate the existence of 25 billion IoT devices worldwide by the end of this year. While Ramirez emphasized that IoT “has the potential to transform our daily lives” for the better, she voiced concern with privacy and security risks associated with online collection and distribution of personal data by IoT devices. Warning, “any device that is connected to the Internet is at risk of being hijacked,” Ramirez advised her audience that “inadequate security on IoT devices could enable intruders to access and misuse personal information collected and transmitted to or from the device.” Ramirez further cautioned that the presence of IoT devices in consumer homes “[increases] the number of access points an intruder could exploit to launch attacks on our home networks” and noted that risks of unauthorized access “intensify as we adopt more and more devices that link to our physical safety, such as our cars [and] our medical care.”
Ramirez thus called for balance between the health, public infrastructure, and economic growth benefits of IoT and the associated privacy and security risks of collecting, transmitting, storing and sharing “vast amounts of consumer data, some of it highly personal.” To that end, Ramirez recommended several steps IoT device manufacturers could take to protect the security and privacy of personal data, such as (1) minimizing the amount of data collected and destroying data that is no longer needed, (2) encrypting health data and other sensitive information, and (3) notifying consumers of how their data will be used and when that data will be shared or sold to outside parties. Arguing, “steps like the ones I’ve described are critical to fostering consumer trust,” Ramirez declared “they are also good business.”