On January 5, the FTC announced that it was initiating and enforcement action against a Taiwanese computer networking equipment manufacturer and its U.S. subsidiary. In a complaint filed with the Northern District of California, the FTC charged that the device-manufacturer failed to take reasonable steps to secure its routers and Internet Protocol (IP) cameras, potentially compromising sensitive consumer information, including live video and audio feeds from D-Link IP cameras. Specifically, the FTC alleged that hackers could exploit these vulnerabilities using any of several “simple methods.”
According to its press release, the complaint filed today is part of broader FTC’s efforts to protect consumers’ privacy and security in the “Internet of Things” (IoT), which includes cases the agency has brought against a computer hardware manufacturer, and a marketer of video cameras. In a statement, Jessica Rich, director of the FTC’s Bureau of Consumer Protection, explained “[h]ackers are increasingly targeting consumer routers and IP cameras — and the consequences for consumers can include device compromise and exposure of their sensitive personal information.” Accordingly, Ms. Rich explained further, “[w]hen manufacturers tell consumers that their equipment is secure, it’s critical that they take the necessary steps to make sure that’s true.” The FTC has provided guidance to IoT companies on how to preserve privacy and security in their products while still innovating and growing IoT technology.