Comments about the Internet of Things

Comments about the Internet of Things

On Friday, the Future of Privacy Forum provided an additional set of comments to the FTC in the wake of the Commission’s workshop on the Internet of Things (IoT) last November.   The comments expand on FPF’s recent white paper, An Updated Privacy Paradigm for the “Internet of Things”, and address two important themes from the FTC’s workshop: (1) the importance of data security and (2) the privacy issues raised by the comprehensive collection of information.

FPF’s whitepaper explores why IoT is not well-suited to a one-size-fits all approach to consumer privacy.  The myriad types of connected devices and the varied contexts in which those devices will operate will require the implementation of flexible frameworks designed to address evolving privacy issues and consumer preferences.  The imposition of rigid or universal standards to promote privacy within IoT may harm innovation and, moreover, be ill-suited to the privacy risks and consumer preferences that ultimately emerge.

Our comments note that data security may have been the most frequently raised concern at the FTC’s workshop.  Inadequate security presents the biggest risk of actual consumer harm within IoT.  With it, bad actors will have access to all manner of connected devices, and will be able to pry into intimate spaces or perpetrate fraud or identity theft.  Company must devote adequate resources to security before and after their products reach the market.  Fortunately, companies large and small are aware of this concern and are taking steps to address it.

Another concern posed by the IoT is the ubiquitous data collection of “deeply personal” information.  Still, it must be recognized that not all connected devices will facilitate the large-scale collection of personally identifiable information.  And this issue is neither new nor unique to IoT.

FPF’s comments urge the FTC to continue its advocacy of the high-level principles of privacy by design, simplified consumer choice, and transparency while being mindful of the need for flexibility described above. High-level principles are particularly well-suited for the Internet of Things as they allow policies and procedures to be tailored to the nature of connected devices, the environments in which they are used, the purposes for which the information is used, and the evolution of consumer preferences.  Simplified consumer choice and increased transparency by industry should also be encouraged.  Industry must ensure that consumers understand how they will benefit from IoT and see that measures are in place to promote consumer privacy and security.

Again, our complete set of comments are available to read here.  Our whitepaper, An Updated Privacy Paradigm for the “Internet of Things”, is also available, as are our initial set of comments regarding the Internet of Things from May 2013.


Posted On
Jan 14, 2014
Posted By
Name (Required)William Quarton

Who in HELL would want their things spying on them? Where would it end. Would you want employers requiring access to your ‘refrigerator logs’ or you stove or tv logs as a term of employment. Do you want your health insurer or medical record to know if you opened the fridge between meals? Machines that “do things” for me that I don’t ask for are just CREEPY. I’ll never buy one.

Leave a Reply

Privacy Calendar

all-day 6th Biannual International Surveillance & Society Conference
6th Biannual International Surve…
Apr 24 – Apr 25 all-day
The 6th Biannual International Surveillance & Society conference hosted by the University of Barcelona and supported by the Surveillance Studies Network is currently calling for [...]
all-day IAPP Europe Data Protection Intensive 2014
IAPP Europe Data Protection Inte…
Apr 29 – May 1 all-day
The IAPP Europe Data Protection Intensive features timely programming centred on the top issues impacting the European data protection community, with a focus on addressing [...]
5:30 pm InSecurity: Race, Surveillance and Privacy in the Digital Age @ New America Foundation
InSecurity: Race, Surveillance a… @ New America Foundation
Apr 30 @ 5:30 pm – 7:30 pm
Now more than ever, digital tools sit at a precarious tipping point, and many question whether they will be used to address pre-existing disparities, [...]
all-day Foreign Intelligence Surveillance in an Era of “Big Data” @ Jacob Burns Moot Court Room, George Washington Law School
Foreign Intelligence Surveillanc… @ Jacob Burns Moot Court Room, George Washington Law School
May 2 all-day
Discussions: Panel 1: Why Do We Conduct Foreign Intelligence Surveillance? What Are the Requirements? Panel 2: Making the Trade-Offs Between Surveillance and Civil Liberties Panel [...]
all-day IAPP Canada Privacy Symposium 2014
IAPP Canada Privacy Symposium 2014
May 7 – May 9 all-day
The IAPP Canada Privacy Symposium is the leading conference for education, debate and discussion of issues that matter most to Canadian privacy and data protection [...]
all-day Privacy Law Scholars Conference (7th Annual) @ The George Washington School of Law
Privacy Law Scholars Conference … @ The George Washington School of Law
Jun 5 – Jun 6 all-day
  UC Berkeley School of Law and The George Washington University Law School will be holding the seventh annual Privacy Law Scholars Conference (PLSC) on [...]
all-day Computers, Freedom, and Privacy 2014 Conference @ Airlie Center
Computers, Freedom, and Privacy … @ Airlie Center
Jun 8 – Jun 10 all-day
Mark your calendars! The 2014 Computers, Freedom, and Privacy Conference will be held June 8-10 at the Airlie Center in Warrenton, Virginia. The Airlie Center [...]
all-day Data Privacy Day
Data Privacy Day
Jan 28 all-day
“Data Privacy Day began in the United States and Canada in January 2008, as an extension of the Data Protection Day celebration in Europe. The [...]

View Calendar