Scarinci Hollenbeck, LLC
The Firm
201-896-4100 info@sh-law.comConsumer Privacy and Security Risks Are Issues That Businesses Need To Address
Author: Scarinci Hollenbeck, LLC|January 29, 2015
As the prevalence of Internet-connected devices continues to grow, companies need to be proactive in addressing the consumer privacy attendant risks.
Consumer Privacy and Security Risks Are Issues That Businesses Need To Address
As the prevalence of Internet-connected devices continues to grow, companies need to be proactive in addressing the consumer privacy attendant risks.
The Federal Trade Commission (FTC) recently issued a report on the Internet of Things, which includes steps that New York and New Jersey businesses can take to protect consumer privacy and security.
The term “Internet of Things” (IoT) refers to the ability of everyday objects, from home security systems to pacemakers, to connect to the Internet and to send and receive data. According to the FTC, there will be 25 billion connected devices by the end of 2015. As adoption of the technology grows, so do the potential data security risks, including unauthorized access, misuse of personal information, and personal safety concerns.
To examine how best to address the risks to consumers, the FTC convened a panel of experts, including technologists and academics, industry representatives, and consumer advocates; the agency also solicited comments from the public. Not surprisingly, the top concern was data security.
The resulting report includes the following recommendations for companies developing consumer IoT devices:
- Build security into devices at the outset, rather than as an afterthought in the design process;
- Train employees about the importance of security, and ensure that security is managed at an appropriate level in the organization;
- Ensure that when outside service providers are hired, that those providers are capable of maintaining reasonable security, and provide reasonable oversight of the providers;
- When a security risk is identified, consider a “defense-in-depth” strategy whereby multiple layers of security may be used to defend against a particular risk;
- Consider measures to keep unauthorized users from accessing a consumer’s device, data, or personal information stored on the network; and
- Monitor connected devices throughout their expected life cycle, and where feasible, provide security patches to cover known risks.
“The only way for the Internet of Things to reach its full potential for innovation is with the trust of American consumers,” said FTC Chairwoman Edith Ramirez. “We believe that by adopting the best practices we’ve laid out, businesses will be better able to provide consumers the protections they want and allow the benefits of the Internet of Things to be fully realized.”
With regard to federal legislation, the FTC concluded that it “would be premature at this point in time given the rapidly evolving nature of the technology.” However, the agency strongly recommends the adoption of comprehensive data security and breach notification legislation.
Key Contacts
Let`s get in touch!
Consumer Privacy and Security Risks Are Issues That Businesses Need To Address
Author: Scarinci Hollenbeck, LLC
The Federal Trade Commission (FTC) recently issued a report on the Internet of Things, which includes steps that New York and New Jersey businesses can take to protect consumer privacy and security.
The term “Internet of Things” (IoT) refers to the ability of everyday objects, from home security systems to pacemakers, to connect to the Internet and to send and receive data. According to the FTC, there will be 25 billion connected devices by the end of 2015. As adoption of the technology grows, so do the potential data security risks, including unauthorized access, misuse of personal information, and personal safety concerns.
To examine how best to address the risks to consumers, the FTC convened a panel of experts, including technologists and academics, industry representatives, and consumer advocates; the agency also solicited comments from the public. Not surprisingly, the top concern was data security.
The resulting report includes the following recommendations for companies developing consumer IoT devices:
- Build security into devices at the outset, rather than as an afterthought in the design process;
- Train employees about the importance of security, and ensure that security is managed at an appropriate level in the organization;
- Ensure that when outside service providers are hired, that those providers are capable of maintaining reasonable security, and provide reasonable oversight of the providers;
- When a security risk is identified, consider a “defense-in-depth” strategy whereby multiple layers of security may be used to defend against a particular risk;
- Consider measures to keep unauthorized users from accessing a consumer’s device, data, or personal information stored on the network; and
- Monitor connected devices throughout their expected life cycle, and where feasible, provide security patches to cover known risks.
“The only way for the Internet of Things to reach its full potential for innovation is with the trust of American consumers,” said FTC Chairwoman Edith Ramirez. “We believe that by adopting the best practices we’ve laid out, businesses will be better able to provide consumers the protections they want and allow the benefits of the Internet of Things to be fully realized.”
With regard to federal legislation, the FTC concluded that it “would be premature at this point in time given the rapidly evolving nature of the technology.” However, the agency strongly recommends the adoption of comprehensive data security and breach notification legislation.
