FTC: IoT Security, Privacy Concerns Need To Be Addressed By Businesses, Consumers And Government

Refrigerators that let you know when you’re out of milk, dolls your children can talk to when the play with them and cars that will autonomously drive you around all seem like lifestyle and technological advancements for the future that should be celebrated, but there are inherent risks to this increasingly connected life. These, and so many other IoT devices, are reliant on collecting your data and personal information.

Those privacy and data security concerns were at the forefront of a discussion at CES 2017 with Federal Trade Commission Chairwoman Edith Ramirez.

“... IoT brings a lot of benefits to consumers; smart homes, smart thermostat, fitness devices but in addition to all of the benefits … they also raise privacy and data security challenges,” Ramirez said Thursday at CES. “... It’s very typical of us to see headlines about data breaches and that’s an issue that we need to be playing really close attention to.”

One of the more recent and prominent breaches was the recent reveal by Yahoo! that millions of it users’ passwords and personal information were compromised, twice! Other recent incidents include the Jeep Cheroke being able to be access remote (including the brakes) and that a smart Barbie doll’s voice records could be accessed.

Combatting this problems requires multiple entities coming together, Ramirez said. She said it will take FTC and government entities to set up rules to make sure consumers are protected, businesses have to treat security and privacy as things just as crucial as the products themselves and consumers have to do their part by updating software and changing default security and password setting.

“ The industry needs to be thinking about privacy and data security. That has to be top of mind,” she said. “It needs to be a part of a company’s culture. At the same time, consumers need to also know the role that they play”

Fellow FTC member Terrell McSweeny said while business and consumers must play a part, legislation must follow.

“I believe that we still need security legislation that would be helpful in making sure we set out security standards, especially for IoT products,” McSweeny said Thursday.

Ramirez said the amount of technology on the CES showroom floor was amazing and it’s up to all parties involved to make sure these innovations are safe for consumers to use. The need to protect and plan now, she said, is only increasing as more and more of our devices become connected.

“ All of the innovation that we see is amazing, but at the same time… all of these advance depend on the use and gathering of data and that’s only going to accelerate,” Ramirez said. “A.I., for instance, relies on machine learning that will depend on large amount of data collected. These technological development raise privacy risks and data security risks.”

“ The IoT continues to grow, all around us on the floor but is also raises challenge,” said FTC member Maureen Ohlhausen. “(We are) an enforcement agency, but there’s only so much we can do there. We encourage others to act in this space, self-regulation is also a terrific opportunity.”