Today, the Federal Trade Commission (FTC) released a report making privacy and security recommendations to industry regarding the Internet of Things (IoT) report. The report highlights numerous examples of positive uses of IoT, but also identifies several risks.
The FTC recommends IoT companies:
- Build security in from the beginning of product development.
- Consider data minimization - limiting the collection of user data to what is needed and retaining that data for only as long as necessary.
- Notify consumers of how their information will be used and give them choices about how their information is used particularly when that use may be different than what they expect.
The FTC recognizes that IoT is in its early stages of development and therefore does not recommend IoT-specific legislation. However, the report suggests that self-regulatory programs should be created by industry itself to encourage strong privacy and security practices.
While the FTC does not recommend direct limitations on IoT through legislation, it recommends that technology neutral security legislation be enacted that both (i) strengthens the FTC's data security enforcement authority; and, (ii) requires companies to provide notice to consumers in the event of a data breach. Finally, the report recommends that Congress enact baseline privacy legislation.
The Apps Alliance will work with the FTC, Commissioners and their staff to ensure they have a complete understanding of the potential consumer value created by connected devices as well as an appreciation of the lengths developers are already undertaking to enhance data security, customization, and consumer privacy.
Read the report in full, here.