FTC goes to DEF CON

In order to protect consumers in our tech economy, we could use the help of some smart and creative technologists. That’s why I’m headed to Las Vegas this week with members of the Office of Technology Research and Investigation and other FTC folks to attend BSidesLV and DEF CON. We want to learn from security and privacy researchers and let them know about our research interests. We will be speaking at various events this week, including a session on Friday afternoon in which Commissioner McSweeny and I will talk about upcoming FTC tech events and ways researchers can help the FTC protect consumers.

Where to find us

FTC staff will be speaking at the following sessions:

Photo of two men and a computer-generated character representing the fictional 'Rachel' villain character of FTC's past Robocall challenges
Feel free to say hello to FTC staff at BSidesLV and DEF CON this week!
  • August 2, 10 am: BSidesLV - Opening keynote, Lorrie Cranor
  • August 2, 12 pm: BSidesLV - Hire Ground, Lorrie Cranor
  • August 5, 11 am: DEF CON -  Meet the Feds, Lorrie Cranor
  • August 5, 1 pm: DEF CON - Research on the Machines: Help the FTC Protect Privacy & Security, Commissioner Terrell McSweeny & Lorrie Cranor
  • August 5, 4 pm: DEF CON IoT Village - Is Your Internet Light On?  Protecting Consumers in the Age of Connected Everything, Commissioner Terrell McSweeny & Joe Calandrino

Other FTC staff will also be attending. We’ll be walking around in our FTC shirts—please come find us and say hello!

Upcoming FTC tech events

We have a great lineup of events our privacy and technology teams are hosting at the FTC in Washington, DC this fall. All events are free and open to the public, and they all will be webcast. Many of them have open opportunities to submit research. Agendas will be posted closer to the events:

Share your research with the FTC

At the FTC, we are interested in hearing from researchers whose work can help us protect consumers. You can get in touch via email to research@ftc.gov. For more information about how the FTC handles your personal information, please see our privacy policy.

Here are some topics we are interested in: What can be done to protect consumers from ransomware, malvartising, etc.? What are the best ways to assess the risks posed by breaches and vulnerabilities? How can we tie exposed data to a specific breach? Can we make certain attacks less profitable? How can we better identify fraud?

We’re also always interested in hearing about the latest research on emerging topics and trends, from the Internet of Things and cloud services to bots, intelligent machines, and virtual reality. For example, how can companies ensure better IoT security? How can we prevent IoT vulnerabilities from exposing other devices on the same network? How can sensor-based monitoring technologies protect the privacy of consumers, particularly children? How can engineers better isolate critical systems, such as a connected car’s CAN bus? When and how do consumers encounter bots, and are they aware of that fact? Does virtual reality raise new fraud, deception, or other consumer protection concerns?

The FTC is interested in learning about tools and techniques that may facilitate relevant research or help protect consumers as well. Useful research might describe tools and techniques that allow consumers to exercise control over personal information across contexts or to observe the behavior and unencrypted communication of their own smart devices, apps, etc. It could also describe tools or approaches to determine practices associated with third-party libraries in apps, detect discriminatory algorithms, spot vulnerable IoT devices, and identify tracking—including cross-device tracking—as well as the information collected.

To learn more about the research questions that the FTC cares most about, be sure to attend the Friday session with Commissioner McSweeny and me!

The author’s views are his or her own, and do not necessarily represent the views of the Commission or any Commissioner.

Comments

Kudos on this initiative!

I attended the DEFCON and saw your presentation there and am interested in scam prevention. I wonder about two things.

1. Why can't the FTC start a national campaign on phone scams? Sort of like in the past we had TV and magazine ads, posters, articles and first lady's commenting about campaigns like no smoking, say not to drugs and drunk driving. Elderly especially are vulnerable to these phone scams because many do not Internet access to research potential scams.

2. I use a call blocker but it doesn't hurt the scammers. Their auto dialer just goes onto the next phone number. I want something that wastes the phone scammer's time to frustrate them (yeah, I'm vindictive). If I get a call from a phone number that people say is a scammer, I don't want to just block his number I want to forward it to some phone number where it gets answered by a voice recording that can fool the auto dialer into thinking a live person answered and the auto dialer then connects the call to a live scammer. If enough people do that, the phone scammer will end up constantly picking up the phone on his end thinking he's talking to a live person when it's just a phone recording. I was thinking of developing an app like that, but I don't know if it would be legal to scam the scammer like that. it may be illegal. In truth I think it's something the FCC should do.

Pages

Add new comment

Comment Policy

Privacy Act Statement

It is your choice whether to submit a comment. If you do, you must create a user name, or we will not post your comment. The Federal Trade Commission Act authorizes this information collection for purposes of managing online comments. Comments and user names are part of the Federal Trade Commission’s (FTC) public records system (PDF), and user names also are part of the FTC’s computer user records system (PDF). We may routinely use these records as described in the FTC’s Privacy Act system notices. For more information on how the FTC handles information that we collect, please read our privacy policy.