FTC: Smart Gadgets a Huge Security Risk

John Lister's picture

The Federal Trade Commission (FTC) has warned that the boom in Internet-connected home gadgets could increase security risks significantly. It's put together consumer advice and says it will work on applying the law to this new area of tech.

The FTC has published a report on the "Internet of Things". That's something of a vague term, but the commission defines it as any physical object that can connect to the Internet.

Today, the Internet of Things doesn't simply apply to computer and smart phones -- it also applies to billions of other objects, including cameras, home heating systems, and even 'smart' fitness tracker wristbands. According to the report, there will likely be 25 billion such objects in the world this year; it's a figure that could easily double by the year 2020. (Source: ftc.gov)

Gadget Makers Could Pass On Personal Info

According to the FTC, the information gathered on such devices is doubly at risk. Not only could personal information be vulnerable to hackers, but it could be misused or passed on by "legitimate" collectors such as manufacturers.

Among the hypothetical examples identified in the report are cars with electronic tracking systems or fitness wristbands; the FTC is concerned data could be sold on to insurance firms without permission, possibly bumping up premiums. It also suggests employers might try to get hold of such details to identify candidates with risky lifestyles.

Data Collection Should Be On Need-To-Know Basis

The report identifies three main principles it wants manufacturers to follow. The first is to make security a key part of the product design and development process, rather than something that's added on at the end. It wants manufacturers to monitor products for security problems and issue ongoing software updates in the same way as happens with computer operating systems.

Secondly, the FTC wants to establish a principle of data minimization. That means firms who make and sell Internet-connected devices should only collect the data that is genuinely needed for a product or service to work effectively. They should then dispose of this data as soon as its no longer needed.

Finally, the report says manufacturers should give customers clear and detailed information about what data will be collected and to give them as much control and choice over data collection as possible. The FTC says it wants to start debate about the best ways to do this, particularly on devices that don't have screens or other convenient user interfaces.

In the meantime, the commission recommends customers always ask whether any gadget they buy can or will connect to the Internet and, if so, exactly what data will be collected and for what purposes. (Source: cbsnews.com)

What's Your Opinion?

Are you concerned about gadgets increasingly using an Internet connection? Is there a need for tighter regulation of data collection? Have you ever been surprised about what information a device collects and how these details are used?

Rate this article: 
Average: 5 (5 votes)

Comments

Dennis Faas's picture

With all the tracking information readily available on smart phones and the fact that most apps won't install unless you share that information, I suspect we won't be too far away from seeing "custom" advertisements displayed on billboards, taxi cabs, and the like as we stroll through city streets or shop at local malls. Tracking people and their habits is only the tip of the iceberg and firms like Facebook are going to make a killing inventing new ways to invade our privacy. I'm sure all of this innovation will only serve to make it easier for the NSA, too.

malper1942's picture

The FTC needs to limit the collection of data in all forms unless needed for performance of a product.

odiesdad83_3480's picture

How can we expect the FTC to police/monitor any of the problems that have occurred or will occur when the Government doesn't do any thing about the "laws" they pass. Witness the Do-Not-Call situation. It's time we acted by contacting Congress about all the fol-de-rol they are doing. . .

ecash's picture

we have 1 part of the gov. getting upset about encryption, and another Finally deciding to put a foot in about NO encryption, and Data mining.
But I also think that Many new devices have some Problems.
Bluetooth(BT) when it came out did 2 things..There was no encoding the signal, no registering the device to another.. This ment you were broadcasting to anyone that would/could listen to the data.
Even NOW, many of these devices are NOT encoded. and anyone with a passive listening device can Listen to your device.
Then you think about devices like a Frig that KNOWS what is needed to shop for..What in the frig, and sends you a signal. Or is just connected to the net..
IF you understand BASIC radio signal technology, even short range signals can be listened to with another unit from a greater distance.. (eng translation) A device with a 30 foot range, does NOT MEAN someone cant listen to it from 1 mile away.
How many of these devices have Protections? encryption, USER programmed password protection?, ....
If you understand abit about the net, what is stopping someone from FAKING an update and just changing your programming..Stux net did that.. and make you frig into a Camera assited View of your home..
Why is everything being setup for BT and wireless networking? there isnt alot of reasoning for this. they even have a wireless Rubber duck for your bath, to protect your child..WHY? if your child is that Young, why arnt you IN the bathroom watching Them? and why pay $30 for it when a temp Color changing rubber duck is is $3..
Why in the world do I need to add a $100 unit to my Washer/dryer to tell me my clothes are done? are we this air headed? A $5 timer that BEEPS would do the same job..Even your Watch has a timer to Beep you..

How many routers are you going to need to monitor your home for all the appliances using the net or BT.. I can see them all Sending you a signal now..

kendrame08_4344's picture

Smart Gadgets are indeed a huge security risk. It can be easily hacked. Thank you for posting this very informative article. Looking Forward for more.

<a href="http://www.increasemyreverb.org/buy-reverbnation-plays/">Buy Reverbnation Plays</a>