The Federal Trade Commission held a public workshop to explore consumer privacy and security issues posed by the growing connectivity of devices. The ability of everyday devices to communicate with each other and with people is becoming more prevalent and often is referred to as “The Internet of Things.” Connected devices can communicate with consumers, transmit data back to companies, and compile data for third parties such as researchers, health care providers, or even other consumers, who can measure how their product usage compares with that of their neighbors. The workshop brought together academics, business and industry representatives, and consumer advocacy groups to explore the security and privacy issues in this changing world. The workshop served to inform the Commission about the developments in this area.
The workshop focused on privacy and security issues related to increased connectivity for consumers, both in the home (including home automation, smart home appliances and connected devices), and when consumers are on the move (including health and fitness devices, personal devices, and cars).
The workshop was held at the FTC’s satellite building conference center, located at 601 New Jersey Avenue, N.W., Washington, DC, and was free and open to the public.
The Commission accepted comments on privacy and security topics until January 10, 2014.
Event Speaker - File
Consumer and Business Education
- Sharing Information: A Day in Your Life (video)
- How to Keep Your Personal Information Secure
- Using IP Cameras Safely
- The BCP Business Center: Privacy & Security
- Blog: You’re on Candid Camera
- .com Disclosures: How to Make Effective Disclosures in Digital Advertising
- Mobile App Developers: Start with Security
- FTC Report: "Protecting Consumer Privacy in an Era of Rapid Change: Recommendations For Businesses and Policymakers"
- In the Matter of Trendnet press release
- Careful Connections: Building Security in the Internet of Things
Transcript - Files
Request for Comments
Request for Comments
To further its understanding of the issues, the Federal Trade Commission staff sought public comments on issues raised at the workshop, including but not limited to:
- How can consumers benefit from the Internet of Things?
- What are the unique privacy and security concerns and solutions associated with the Internet of Things?
- What existing security technologies and practices could businesses and consumers use to enhance privacy and security in the Internet of Things?
- What is the role of the Fair Information Practice Principles in the Internet of Things?
- What steps can companies take (before putting a product or service on the market) to prevent connected devices from becoming targets of, or vectors for, malware or adware?
- How can companies provide effective notice and choice? If there are circumstances where effective notice and choice aren’t possible, what solutions are available to protect consumers?
- What new challenges does constant, passive data-collection pose?
- What effect does the Internet of Things have on data de-identification or anonymization?
- How can privacy and security risks be weighed against potential societal benefits (such as improved health-care decision-making or energy efficiency) for consumers and businesses?
- How can companies update device software for security purposes or patch security vulnerabilities in connected devices, particularly if they do not have an ongoing relationship with the consumer? Do companies have adequate incentives to provide updates or patches over products’ lifecycles?
- How should the FTC encourage innovation in this area while protecting consumers’ privacy and the security of their data?
- Are new use-restrictions necessary to protect consumers’ privacy?
- How could shifting social norms be taken into account?
- How can consumers learn more about the security and privacy of specific products or services?
- How can consumers or researchers with insight into vulnerabilities best reach companies?
The deadline for filing comments was Jan. 10, 2014
Comments Submitted in Response to the Above Request:
Previously Submitted Comments: