How Secure is Your Privacy in the Age of the Internet of Things?

By Michelle Nicolson March 21, 2014

Your refrigerator knows you are out of milk. The thermostat lowers the heat automatically when no one is in the house. A pacemaker sends updated medical information to the doctor’s office. It’s the Internet of Things (IoT), and it’s a market full of both unknown possibilities and unidentified challenges.

A device that is capable of communicating with other devices without human assistance raises new questions about security and privacy. Because if you aren’t the one physically controlling what your device is doing, it opens the possibility that it might reveal things you’d rather stay private. Or even worse, give hackers new avenues to steal personal information or cause harm to others.

The Federal Trade Commission (FTC) is charged with determining with determining the fine line between information sharing and information oversharing. The agency already has the general authority to investigate any company that engages in harmful or deceptive practices. The question remains if this type of technology requires new regulations because it is still evolving.

“It is vital that government officials like myself approach new technologies with a dose of regulatory humility,” said Maureen Ohlhausen, FTC member, during an agency’s panel discussion about this very subject last November. The general consensus of that FTC panel discussion was new rules could have unintended consequences.

“I think regulators need to be very careful and allow markets to develop, not try to guess where it’s going to go because they’re probably going to be wrong,” said Robert McDowell, a former FCC member.

Not that the private sector is unconcerned, of course. Product developers are well aware that any security issues could result in a consumer backlash. But corporates are hesitant to recommend more rules.

“Technology is moving faster than regulation,” said Robert Pepper, vice president for global technology policy at Cisco Systems, network equipment developer. “You can have a very serious negative impact if you regulate prematurely or in the wrong ways.”

However, the FTC isn’t waiting too long. It’s already logged the first complaint about an IoT device—the citation of TRENDnet, a home security equipment manufacturer, for poor security and false promises in 2013. The company’s security camera feeds were available on the Internet, exposing the personal lives of unsuspecting customers.

"The exposure of sensitive information through respondent's IP cameras increases the likelihood that consumers or their property will be targeted for theft or other criminal activity, increases the likelihood that consumers' personal activities and conversations or those of their family members, including young children, will be observed and recorded by strangers over the Internet. This risk impairs consumers' peaceful enjoyment of their homes, increases consumers' susceptibility to physical tracking or stalking, and reduces consumers' ability to control the dissemination of personal or proprietary information," the complaint states.

But the TRENDnet case is just the tip of the iceberg. In the age of identity theft, what information can your refrigerator give a hacker? What happens if a device goes rogue and someone gets hurt? Who is responsible if the perpetrator is a machine?

It’s a question both the FTC and the corporate world will have to face as the market evolves. Industry leaders are already debating the best ways to keep information secure.

“Companies should encourage a skeptical culture in which intellectually diverse groups from different product teams review one another’s designs and give feedback about flaws, including those that affect security,” said Chris Clearfield, a principal at SystemLogic, in a Harvard Business Review blog post. “One particularly useful approach is to designate internal specialists or external experts as devil’s advocates and make it their job to independently review, test and try to break existing systems.”

Edited by Rachel Ramsey

IoTevolutionworld Contributing Writer

Related Articles

5G Progresses Despite COVID-19, Data Says

By: Ken Briodagh    7/2/2020

5G progress in connections and deployments continues despite the COVID-19 pandemic and resulting economic downturn, according to 5G Americas and resea…

Read More

Keyfactor and PrimeKey Partner on Scalable PKI for IoT and Enterprise

By: Ken Briodagh    6/30/2020

Keyfactor and PrimeKey have entered a partnership and integration designed to simplify and automate PKI for large-scale enterprise and internet of thi…

Read More

The Future of IoT: Small is the New Big

By: Arti Loftus    6/30/2020

The commercial availability of 5G-ready, transitional chipsets designed specifically for low power and low bandwidth IoT applications are now availabl…

Read More

Eseye Incorporates floLIVE to Expand its Global IoT Connectivity

By: Chrissie Cluney    6/26/2020

floLIVE has supplied Eseye with a virtual connectivity infrastructure in new regions. This infrastructure comes with complementary management and repo…

Read More

Cisco to Acquire ThousandEyes

By: Chrissie Cluney    6/24/2020

According to a recent announcement, Cisco intends to acquire privately held ThousandEyes, Inc.

Read More