Privacy regulators in Canada and the UK recently contacted 10 manufacturers of internet-connected webcams, urging them to implement a privacy-by-design approach to ensure their webcams cannot be used to invade users’ privacy. Specifically, regulators asked the manufactures to implement changes to the default manufacturer passwords on the webcams, suggesting that the webcams be issued with unique passwords or that consumers be required to change the default password prior to first using the webcams.

According to the regulators, many webcams are sold with default manufacturer passwords. The regulators determined that the default passwords have been used to unknowingly record consumers after it was discovered that a website was streaming live video footage from thousands of webcams without consumers’ knowledge. In addition to streaming video, the website disclosed each webcam’s approximate geographic location. These issues prompted UK and Canadian regulators to contact webcam manufacturers about addressing the privacy concerns stemming from the default passwords and providing consumers with expanded guidance on changing their passwords and why doing so is important.

TIP: These warnings are a reminder for companies manufacturing products that have the ability to record, monitor, or track consumer activities to keep in mind regulator concerns about privacy and security protections.