The IoT needs PByD: FTC Looking at Privacy and Security in the Age of Smart Homes

The Internet of Things is the phrase used to describe technology that talks to technology – connected sensors and embedded technology.  Think of smart homes – your refrigerator knows what and when to restock; your HVAC adjusts to your schedule; personal tech – your heart monitor talks to your health care provider.  The FTC recently convened a workshop to address privacy and security considerations surrounding the use of such applications; see:

http://www.ftc.gov/bcp/workshops/internet-of-things/FINALAGENDA-11-13-13.pdf

In conjunction with the event, the Future of Privacy Forum  released “a whitepaper arguing for a new privacy paradigm in the new highly connected world.”

http://www.futureofprivacy.org/2013/11/19/fpf-releases-a-new-privacy-paradigm-for-the-internet-of-things/

The whitepaper authors argue that the consent/notice issues in dealing with the usual customer/consumer paradigm of managing privacy issues may not be relevant or sufficient in a world where the uses of data cannot be discovered until after the data has been collected, employed.  The argument now focuses on Privacy By Design strategies to tackle these thorny issues: anonymizing of data; transparency; codes of conduct; accountability/accessibility.

See IAPP summary of the workshop issues at:  https://www.privacyassociation.org/publications/is_notice_and_consent_possible_with_the_internet_of_things

If we don’t get a handle on this now, that wristband I’m wearing  may soon force me to add another mile to my jog because it knows what I had for lunch!  Let’s move, indeed!Exclamation Point with Social Technology and Internet Color Icon

And in more IoT news, along comes the worm:

http://allthingsd.com/20131130/a-new-worm-proves-that-the-internet-of-things-is-vulnerable-to-attack/#!

My new excuse – the bathroom scale’s been hacked!

Wow Scale

UPDATE:

Google has acquired Nest, the maker of “connected” thermostats and smoke detectors.  According to a statement one of Nest’s founders delivered to TechCrunch, Nest will only use customer information for “providing and improving Nest’s products and services,” indicating it will not be used for Google’s larger advertising schemes.  Of course, the commentators are lining up to speculate about what Google will do with all that data collected straight from a consumer’s home., much in the way consumers have been using connectivity in their cars.  And now Detroit is increasing that connectivity with cars that will be able to connect to the Internet independently, with the car using the custom apps on their own.

See info on Google acquisition of Nest: http://www.engadget.com/2014/01/13/google-acquires-nest/

And, GM’s 2015 roll-out of more connected cars: http://business.time.com/2014/01/07/your-car-is-about-to-get-smarter-than-you-are/

Fun from tomfishburne.com:

 

And then along came Fridge Spam:

-More than 750,000 Phishing and SPAM emails Launched from “Thingbots” Including Televisions, Fridge-

“The attack is believed to be one of the first to exploit lax security on devices that are part of the ‘internet of things.”

See press release from Proofpoint: http://www.proofpoint.com/about-us/press-releases/01162014.php

And, BBC update:

http://www.bbc.co.uk/news/technology-25780908#!

 

 

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.