FTC Seeks Comment on Issues Raised at Internet of Things Workshop

The staff of the Federal Trade Commission is seeking public comments on the issues raised at the recent workshop exploring consumer privacy and security issues posed by the Internet of Things. 

Held on Nov. 19, the workshop focused on privacy and security issues related to increased connectivity for consumers, both in the home through home automation, smart home appliances, and connected devices, and on the move through health and fitness devices, personal devices, and cars. It brought together academics, business and industry representatives, and consumer advocates to explore the security and privacy issues in our increasingly connected world. 

The workshop agenda, speakers’ bios and an archived video are all available on the workshop’s webpage. A transcript of the proceedings will also be available on the webpage in the coming days.

To further its understanding of the issues, the Federal Trade Commission staff seeks public comments on issues raised at the workshop, including but not limited to:

• How can consumers benefit from the Internet of Things?
• What are the unique privacy and security concerns and solutions associated with the Internet of Things?  
• What existing security technologies and practices could businesses and consumers use to enhance privacy and security in the Internet of Things?
• What is the role of the Fair Information Practice Principles in the Internet of Things?
• What steps can companies take (before putting a product or service on the market) to prevent connected devices from becoming targets of, or vectors for, malware or adware?
• How can companies provide effective notice and choice?  If there are circumstances where effective notice and choice aren’t possible, what solutions are available to protect consumers?
• What new challenges does constant, passive data-collection pose?
• What effect does the Internet of Things have on data de-identification or anonymization?
• How can privacy and security risks be weighed against potential societal benefits (such as improved health-care decision-making or energy efficiency) for consumers and businesses?  
• How can companies update device software for security purposes or patch security vulnerabilities in connected devices, particularly if they do not have an ongoing relationship with the consumer?  Do companies have adequate incentives to provide updates or patches over products’ lifecycles?        
• How should the FTC encourage innovation in this area while protecting consumers’ privacy and the security of their data? 
• Are new use-restrictions necessary to protect consumers’ privacy? 
• How could shifting social norms be taken into account?
• How can consumers learn more about the security and privacy of specific products or services?
• How can consumers or researchers with insight into vulnerabilities best reach companies?

The deadline for filing comments is Jan. 10, 2014, and comments can be filed electronically or by mail. If you have previously filed comments about the workshop, those comments will be taken into consideration. The staff welcomes research and surveys in addition to other comments.       

The Federal Trade Commission works for consumers to prevent fraudulent, deceptive, and unfair business practices and to provide information to help spot, stop, and avoid them. To file a complaint in English or Spanish, visit the FTC’s online Complaint Assistant or call 1-877-FTC-HELP (1-877-382-4357). The FTC enters complaints into Consumer Sentinel, a secure, online database available to more than 2,000 civil and criminal law enforcement agencies in the U.S. and abroad. The FTC’s website provides free information on a variety of consumer topics. Like the FTC on Facebook, follow us on Twitter, and subscribe to press releases for the latest FTC news and resources.