This is the third post in my series on privacy and security in mobile computing, which builds on the Commission’s 2013 mobile security workshop. In my last post, I concluded that – despite a history of usability concerns – permissions in mobile operating systems are clearly an improvement over the opacity of traditional operating systems.
Blog Posts Tagged with Data security
Editor’s Note: As noted in a previous post, Tech@FTC is expanding to include posts by other technically minded staff at the Commission. This is the first in a series of blog posts by Nithan Sannappa, an attorney in the Division of Privacy and Identity Protection, that will explore several important issues regarding user privacy and security in mobile computing.
The FTC released a staff report in late January that took a comprehensive look at the emerging “Internet of Things” and security, including secure APIs, authentication, and product updates, was a key theme.
I’d like to briefly explain why I believe IoT security is so important and why the IoT ecosystem presents a unique set of factors that give rise for special attention to security.
I’d like to introduce myself as the new Chief Technologist of the FTC, following in the footsteps of my predecessors, Latanya Sweeney, Steve Bellovin, and Ed Felten. As the Commission enters its 100th year, technological expertise will be more important than ever, and I’m excited to lead this charge.
In this regard, my agenda will include the following:
Today the FTC announced that it has settled a complaint against RockYou, on charges that the company’s inadequate security led to a breach of consumer data, and that the company collected personal information from children it knew to be under 13 without parental consent.