During a keynote speech Tuesday at the Consumer Electronics Show, Federal Trade Commission (FTC) Chairwoman Edith Ramirez highlighted the benefits and security risks of the rapidly­expanding  universe of smart appliances and other devices that make up the Internet of Things (IoT).

Among the many electronic items on display at this year’s CES, web­connected health meters, smart  thermostats, remote parking assistants and a wide variety of other IoT­enabled devices are  dominating the spotlight. Recent statistics issued by the FTC anticipate the existence of 25  billion IoT devices worldwide by the end of this year. While Ramirez emphasized that IoT “has the potential to  transform our daily lives” for the better, she voiced concern with privacy and security risks  associated with online collection and distribution of personal data by IoT devices. Warning, “any  device that is connected to the Internet is at risk of being hijacked,” Ramirez advised her  audience that “inadequate security on IoT devices could enable intruders to access and misuse  personal information collected and transmitted to or from the device.” Ramirez further cautioned  that the presence of IoT devices in consumer homes “[increases] the number of access points an  intruder could exploit to launch attacks on our home networks” and noted that risks of unauthorized  access “intensify as we adopt more and more devices that link to our physical safety, such as our  cars [and] our medical care.”

Ramirez thus called for balance between the health, public infrastructure, and economic growth  benefits of IoT and the associated privacy and security risks of collecting, transmitting, storing  and sharing “vast amounts of consumer data, some of it highly personal.” To that end, Ramirez recommended several  steps IoT device manufacturers could take to protect the security and privacy of personal data, such as  (1) minimizing the amount of data collected and destroying data that is no longer needed, (2)  encrypting health data and other sensitive information, and (3) notifying consumers of how their  data will be used and when that data will be shared or sold to outside parties. Arguing, “steps  like the ones I’ve described are critical to fostering consumer trust,” Ramirez declared “they are also good business.”