The Federal Trade Commission is voicing its concerns about the Internet of Things (IoT), suggesting several steps businesses should take to protect consumer privacy and security.
The FTC acknowledged that IoT, which connects devices to the Internet so they can send and receive data, is already making an impact on millions of American consumers via health and fitness monitors, connected cars, home security devices and household appliances. The agency is concerned that privacy and security concerns could undermine consumer confidence in this booming industry.
“The only way for the Internet of Things to reach its full potential for innovation is with the trust of American consumers,” said FTC Chairwoman Edith Ramirez. “We believe that by adopting the best practices we’ve laid out, businesses will be better able to provide consumers the protections they want and allow the benefits of the Internet of Things to be fully realized.”
Six Key IoT Guidelines
According to FTC research, there are more than 25 billion connected devices in use worldwide — and that number is set to rise rapidly as consumer goods companies, auto manufacturers, healthcare providers, and other businesses continue to invest in connected devices.
The FTC report offers six key security recommendations for companies developing IoT devices:
- Build security into devices at the outset, rather than as an afterthought in the design process.
- Train employees how important security is, and make sure security is managed at an appropriate level in the organization.
- Make sure that when outside service providers are hired, those providers are able to maintain reasonable security, and provide reasonable oversight of the providers.
- When a security risk is identified, consider a “defense-in-depth” strategy whereby multiple layers of security may be used to defend against a particular risk.
- Consider measures to keep unauthorized users from accessing a consumer’s device, data, or personal information stored on the network.
- Monitor connected devices throughout their expected life cycle, and where feasible, provide security patches to cover known risks.
The FTC didn’t stop there. It also recommended companies consider limiting the collection of consumer data, and limiting the time that information is retained. The FTC also wants companies to ask consumers how their information can be used.
Transforming Power
“The IoT will transform the world as we know it, creating a giant, global network of devices and machines that are connected, communicating, and exchanging data,” Mark Barrenechea, president and CEO of OpenText, told us. “This market will see 50 billion devices connected by 2020 and a value of $ 14.4 trillion. Its potential impact is huge.”
While the IoT is viewed by many as a nebulous, futuristic concept, Barrenechea said it already exists. As examples, he pointed to pedometers, smart watches, cameras, micro-chipped pets, and cars with built-in sensors. Thanks to the IoT, he said, many of our everyday appliances will soon have the ability to self-monitor and communicate with a network — think Marge’s fully automated “Ultrahouse 3000” in the Simpsons.
“Organizations in both the public and private sector are already using sensor-based technologies to improve inventory control and manage energy through smart grids,” he said. “As we progress through 2015, more and more people will come to realize the IoT is simply the next evolution of the Internet.”
