FTC Tells IoT Players: Shore Up Data Security, Consumer Privacy Protection

Federal agencies are increasingly focusing their attention on network-connected devices proliferating from the home to the car to the average business, issuing stronger guidance on the need to protect user data and user privacy.

The Federal Trade Commission, noting 25 billion devices are connected to the Internet and a prediction that figure will double by 2019, is working on recommendations to guide Internet of Things (IoT) vendors.

The FTC recently held a workshop (PDF), "The Internet of Things: Privacy and Security in a Connected World," to spur education about security and privacy concerns.

The FTC action comes on the heels of the Federal Drug Administration's focus and that agency's warnings a few months earlier.

The American consumer will have to trust in IoT for the burgeoning sector to live up to its full potential, says FTC Chairwoman Edith Ramirez.

"We believe that by adopting the best practices we've laid out, businesses will be better able to provide consumers the protections they want and allow the benefits of the Internet of Things to be fully realized," says Ramirez.

The FTC recommends hardware manufacturers and software developers build security into IoT devices at the planning stage instead of bolting security tools on after product development. The commission also recommends IoT businesses train employees about security and make sure that third-party contractors and partners involved in an IoT product or service will maintain a high level of security.

Businesses need to employ a "defense-in-depth" strategy, comprised of multiple layers of protection, whenever a security risk has been pinpointed, states the FTC. Businesses need to monitor IoT devices throughout their life cycle and the vendors must support products with security patches as necessary, adds the agency.

In October 2014, the FDA made similar recommendations to hardware developers building IoT devices for the health-care industry. While the FDA wasn't aware of any particular threat to the industry's connected devices and software, it is concerned about "device-related" security issues and the impact on public health-care efforts.

"As medical devices become more interconnected and interoperable, they can improve the care patients receive and create efficiencies in the health care system," stated the FDA, urging care with cybersecurity issues. "Some medical devices, like computer systems, can be vulnerable to security breaches, potentially impacting the safety and effectiveness of the device."

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics