Data Law Insights

Yesterday, the FTC released a report summarizing comments and recommendations arising out of its November 2013 workshop The Internet of Things: Privacy and Security in a Connected World. The report suggests that we are “at the beginning of this technology trend” and estimates that, by 2020, some 50 billion devices will be connected to the Internet.

The FTC’s report details security and privacy risks to consumers associated with Internet of Things (“IoT”) devices, including unauthorized access to and misuse of personal information, attacks on connected consumer networks, physical harm, and privacy risks resulting from the large-scale collection of personal information.

To combat these risks, the report advocates that companies developing IoT products engage in “security by design,” actively assessing a product’s risks during the development process. It also recommends imposing reasonable limits on data collection and retention. Finally, the agency notes that “providing notice and choice remains important” in the IoT context.

While the agency’s recommendations do not carry the force of law, the report provides baseline best practices to companies diving into the IoT market.

For the full report, click here.