The Internet of Things is a nebulous buzzword that refers to anything that connects to the internet. In an attempt to better define the government’s approach to the Internet of Things the Federal Trade Commission has released a report [PDF], which examines the pros and cons of Internet of Things adoption for consumers.
The FTC hosted an in-house workshop to discuss some of the primary concerns regarding theInternet of Things, one of which was security. Participants noted that the Internet of Things could harm consumers in several ways:
- Enabling unauthorized access and misuse of personal information
- Facilitating attacks on other systems
- Creating risks to personal safety
Another major primary concern, according to the report, is the amount of data being exposed to the public space that is the internet. Gizmodo contributor Kate Knibbs singled out sections of the report that show just how much data could be collected on users by their devices.
Indeed, the report indicates that smartphone sensors could be used to infer:
[U]ser’s mood; stress levels; personality type; bipolar disorder; demographics (e.g., gender, marital status, job status, age); smoking habits; overall well-being; progression of Parkinson’s disease; sleep patterns; happiness; levels of exercise; and types of physical activity or movement.
All that data is way beyond the scope of what users would permit through a simple user agreement.
The participants recommended companies take proactive measures to address these concerns, including:
- Considering security from the outset instead of applying it as an afterthought.
- Minimizing the amount of data collected.
- Testing products before launch to identify significant risks before those risks expose user data.
When it came to legislative recommendations, the opinions of workshop participants diverged. However FTC staff “emphasize that general technology-neutral data security legislation should protect against unauthorized access to both personal information and device functionality itself.” The agency also called for congress to enact general privacy and security legislation that will protect consumers on the internet as a whole.
Workshop participants and FTC staff did, agreed though about the need to avoid stifling the Internet of Things during its formative years by developing self-regulatory programs for particular industries to encourage the adoption of privacy- and security-sensitive practices.
Top image courtesy of Shutterstock.