Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

FTC Urges Safeguards for ‘Internet of Things’

US Watchdog Urges Safeguards for ‘Internet of Things’

Washington – A US government consumer watchdog agency called Tuesday for better privacy and security to be built into the myriad of connected devices, for fitness, smart homes or other uses.

US Watchdog Urges Safeguards for ‘Internet of Things’

Washington – A US government consumer watchdog agency called Tuesday for better privacy and security to be built into the myriad of connected devices, for fitness, smart homes or other uses.

The “Internet of Things” guidelines released by the US Federal Trade Commission stop short of a new regulatory effort but nonetheless provoked critics who said the agency is overstepping its authority.

FTC Chairwoman Edith Ramirez, who announced the guidelines at a Washington conference, said the move is aimed at promoting “best practices” for these new devices but also noted that her agency has authority to crack down on violations of privacy or deceptive consumer practices.

“Not only is deeply personal information at stake but as you have more and more devices it means there is more potential for exposure,” Ramirez told the “State of the Net” conference.

“If you want these new technologies to flourish, you want to make sure consumers understand what is happening, understand what is being collected, with whom that information is being shared, how this information is being used.”

The FTC last year studied 12 mobile fitness apps and found they shared data with 76 separate entities.

Ramirez underscored the privacy concerns, saying that “if I’m wearing a fitness band that tracks how many calories I consume I wouldn’t want to share that data with an insurance company.”

The FTC report made no specific legislative recommendation for the Internet of Things but noted that in its workshops on the subject “there appeared to be widespread agreement that companies developing IoT products should implement reasonable security.”

The guidelines would apply to the billions of devices which connect to the Internet including automobiles, refrigerators, toothbrushes, fitness trackers and other gadgets.

The agency urged companies to “build security into their devices at the outset, rather than as an afterthought” and to conduct a privacy or security risk assessment.

But the technology think tank TechFreedom said the guidelines appeared to be an attempt to regulate the nascent sector.

“At best, this is just another exercise in workshop theater; at worst, the FTC is trying to regulate the Internet of Things by stealth,” said TechFreedom president Berin Szoka.

Within the agency, FTC Commissioner Joshua Wright issued a dissenting statement saying that the agency appeared to move away from its traditional role “not to make broad policy recommendations.”

“An economically sound and evidence-based approach to consumer protection, privacy, and regulation of the Internet of Things would require the commission to possess and present evidence that its policy recommendations are more likely to foster competition and innovation than to stifle it,” Wright said.

Gary Shapiro, president of the Consumer Electronics Association, welcomes the FTC report, saying the agency is taking the right track in promoting best practices without imposing new rules.

“We commend the FTC for recognizing the enormous personal, economic and societal benefits that IoT enables, and the agency’s efforts to engage and educate businesses on how to secure the IoT ecosystem,” Shapiro said. “However, it’s too early to rush out laws that may choke off innovation.”

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cybersecurity Funding

Forward Networks, a company that provides network security and reliability solutions, has raised $50 million from several investors.

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Cisco patched a high-severity SQL injection vulnerability in Unified Communications Manager (CM) and Unified Communications Manager Session Management Edition (CM SME).

Network Security

Our networks have become atomized which, for starters, means they’re highly dispersed. Not just in terms of the infrastructure – legacy, on-premises, hybrid, multi-cloud,...