Tech@FTC

FTC.gov is now HTTPS by default

In another step to enhance the FTC’s website, I'm pleased to announce that our agency has enabled encryption by default (HTTPS) for ftc.gov, our primary public domain, and home of the Tech@FTC blog. Ironically, as I was preparing this post, the entire internet has been FREAKing out about another vulnerability in SSL.

What’s the security shelf-life of IoT?

The FTC released a staff report in late January that took a comprehensive look at the emerging “Internet of Things” and security, including secure APIs, authentication, and product updates, was a key theme.

I’d like to briefly explain why I believe IoT security is so important and why the IoT ecosystem presents a unique set of factors that give rise for special attention to security.

Hello world!

I’d like to introduce myself as the new Chief Technologist of the FTC, following in the footsteps of my predecessors, Latanya Sweeney, Steve Bellovin, and Ed Felten. As the Commission enters its 100th year, technological expertise will be more important than ever, and I’m excited to lead this charge.

In this regard, my agenda will include the following:

Online ads roll the dice

Online ads, exclusive online communities, and the potential for adverse impacts from big data analytics

Online advertising today is a big data analytic marvel, deciding in the time it takes to load a web page which ad, among billions, to deliver to which of billions of domains. Large and fast for sure, but what are the ramifications of some of the decisions ad networks are making?

Technology science

Does enjoying a camcorder, a new computer, or a football game mean you have to risk personal harms like loss of privacy? Sometimes we enjoy advances in technology with protections like privacy. How can we do so more often?

Before I go any further, let me advise you that I am solely responsible for this blog’s content, characterizations, ideas and choice of topic. This blog does not necessarily reflect the views of the Federal Trade Commission (FTC) or any of its Commissioners. The goal of this blog post is to spark discussion and debate.

Save the world

The Federal Trade Commission is launching a new program, Summer Research Fellowships in Technology and Data Governance. Spend your summer exploring ways to design, create, assess, and analyze technology at its intersection with business, society and policy. This 10-week program gives students hands on experience with work relevant to the FTC by assisting the FTC's Chief Technologist and others with real-work exploratory projects of interest to the FTC.

Transparency establishes trust

We are amidst an era of open data –a period in which we share details of our personal lives widely in exchange for all kinds of services, often trusting companies with our most intimate facts. Sharing information about our personal lives has fostered technological innovations and influenced more transparency in government (e.g., [1,2]) and in science (e.g., [3,4]). However, once personal data are acquired, it may be shared with others without consumer awareness. So how might we add transparency to data sharing? The goal of this blog is to spark discussion and debate.

Mobile design 2.0

Children can perform amazing feats using iPhones and iPads, but an Apple business practice may unfairly bill parents. In January, the Federal Trade Commission announced a settlement with Apple Inc, in which the company agreed to provide full refunds to consumers, paying a minimum of $32.5 million, to settle a FTC complaint that the company billed consumers for millions of dollars of charges incurred by children in mobile apps without consent [1]. The Complaint [2] and statements from FTC Commissioners [3,4,5] alone provide FTC's position on the case.

My phone at your service

Anyone can setup wireless sensors to record the appearance of your mobile phone’s Wi-Fi and Bluetooth probes to track where you are and where you have been –say, where you are when you're ambling through store or mall, or when you're walking or driving down a street. Some retail stores are experimenting with this technology to track your whereabouts, so FTC held a public hearing on the topic on February 19, 2014. Consumers and retailers already engage in loyalty programs. Should mobile phone tracking be part of loyalty programs?

Hello world!

Hello World!  I am the new Chief Technologist at the Federal Trade Commission, continuing the blog steps of my predecessors.  I am grateful for the service of Ed Felten and Steve Bellovin. With the office developments they have left behind, I am able to blaze a new trail forward.

Storing passwords, or the risk of a no-salt diet

A while back, I wrote about passwords and promised a later post on salting.  This is it: a deeper look at how servers should accept and store passwords.  This is a complement to the usual articles on passwords, which focus on the user (you know the ones: “pick strong passwords”); here, I’ll be looking at the server side, and in particular how to store passwords for web sites.

Shipping security

It’s a ritual we’ve all grown accustomed to: something needs a software update to repair security flaws.  Traditionally, it’s been our computer; increasingly, it’s our smartphones or their apps.  In the not very distant future (possibly now, for some of us), it will be our printers, our thermostats, our cars, our “anything that uses software”—and that will be more or less everything.  WiFi-controlled light bulbs are already on sale in some countries; if it’s WiFi-controlled, it m

Pages