The Internet of Things was the focus of a Federal Trade Commission workshop on November 20, featuring panels on the Smart Home, Connected Health and Fitness, Connected Cars, and Privacy and Security in a Connected World.
Defined by the agency as the increasing “ability of everyday devices to communicate with each other and with people,” the Internet of Things presents benefits and challenges, speakers acknowledged.
In her opening remarks, FTC Chairwoman Edith Ramirez noted that the increasing collection of data will require greater transparency, simplified choice, and the use of privacy by design by companies. “With really big data comes really big responsibility,” she said. “It is up to the companies that take part in this ecosystem to embrace their role as stewards of the consumer data they collect and use.”
Connected devices that track sensitive personal information – such as fitness data or personal health – particularly need to focus on security risks, she noted. “I know that we can find a way to reap the rewards from our connected future while mitigating the privacy and security challenges that it brings,” she said. “The purpose of today’s program is to figure out how.”
During the Smart Home panel, the privacy and security implications of connected appliances, such as an oven that allows users to remotely set the temperature, were discussed. Many consumers may not understand the potential security implications from the collection of data stored in such products or realize how their information is shared, panelists said.
While larger companies are better equipped to build security protections into their technology, speakers expressed concern that smaller companies may not utilize Privacy by Design to protect consumers. Or, as Craig Heffner of Tactical Network Solutions put it, “They’ll make rookie mistakes because they’re rookies.”
Connected Cars provide a multitude of benefits for consumers, panelists noted, particularly the ability to communicate with first responders in the event of an emergency. But technologically advanced cars present security issues if hackers gain access to the car’s control systems, such as the engine or brakes; and privacy issues are raised by the data stored in cars, which third parties such as insurers could be interested in.
The last panel, Privacy and Security in a Connected World, addressed the topic with hypotheticals about setting up connected devices in a home to be controlled by a smartphone and using a smart device to train for a marathon.
Why it matters: In her closing remarks at the workshop, Jessica Rich, Director of the FTC’s Bureau of Consumer Protection, said the agency does not intend to issue new regulations on the Internet of Things in the near future. However, the Commission will release a report on the subject in 2014 that includes recommended best practices for smart devices, and Rich encouraged comments to be submitted to the agency. Speakers from the FTC also noted that a lack of regulation does not mean the absence of enforcement actions, as the agency’s existing powers allow it to regulate deceptive conduct in the Internet of Things. Case in point: the complaint filed against TRENDnet, a company that claimed camera feeds for home security and baby monitoring were “secured viewing” but had faulty software that left the feeds vulnerable to hacking, resulting in users’ videos being posted online.