Unless you’ve been living in a yurt in the wilderness with no access to what’s happening in the world for the past several years, you’ve heard the hype about the Internet of Things (IoT). Everyday objects, like a toaster or your baby’s onesie, send and receive data over the Internet. While the ways the technology can benefit our lives is extraordinary, it’s no surprise that the IoT is also rife with potential for serious privacy and security abuse.
Based on input from technology, academic, and industry leaders, as well as comments from consumer advocates and the general public, the Federal Trade Commission released a report on the Internet of Things with privacy and security steps that businesses should take.
The FTC’s official definition of the Internet of Things covers “devices or sensors – other than computers, smartphones, or tablets.” It’s estimated that by this year there will be more than 25 billion connected devices worldwide, and the number is expected to double by 2020.
The scope of the report is limited to IoT devices that are sold to or used by consumers. From the FTC release, here’s a summary of steps that businesses should take:
FTC staff also recommends that companies limit the amount of consumer data collected and only retain that information for a set period of time—not indefinitely. Companies should also notify consumers and give them choices about how their information will be used.
“The only way for the Internet of Things to reach its full potential for innovation is with the trust of American consumers,” said FTC Chairwoman Edith Ramirez. “We believe that by adopting the best practices we’ve laid out, businesses will be better able to provide consumers the protections they want and allow the benefits of the Internet of Things to be fully realized.”
Although the FTC notes that IoT-specific legislation would be “premature at this point,” it is not ruled out for the future.