Federal Trade Commission Begins 2017 Privacy Conference With Sharp IoT Focus

January 12, 2017 by George A. Gasper, Partner
Federal Trade Commission Begins 2017 Privacy Conference With Sharp IoT Focus
 
The Federal Trade Commission (“FTC”) held its second annual PrivacyCon on January 12, 2017 to address the privacy and security implications of emerging technologies.  As the Internet of Things (“IoT”) continues its rapid growth across all fields of business, it comes as no surprise that this year’s PrivacyCon began with a sharp focus on IoT issues. 
 
FTC Chairwoman Edith Ramirez delivered opening remarks that addressed how the FTC is working to meet the consumer rights issues presented by recent technological advances, specifically including IoT.  Chairwoman Ramirez noted that technology has always presented a challenge to privacy and outlined the importance of maximizing the benefits while minimizing the associated privacy risks.  She further noted that IoT and other technology can only realize its vast potential if consumers are ensured that the risks do not outweigh the benefits. 
 
Some of the challenges implicated by IoT have been addressed before.  The FTC has long dealt with certain data privacy issues, such as geolocation and other information implicated by increased smart phone use.  But, as noted by Chairwoman Ramirez, IoT also presents new challenges, including the increasing number of companies who compile and interpret data.  With further IoT deployment, not only will consumers interact with more consumer-facing companies that collect their data, but consumers’ data will also be available to and used by “behind the scenes” companies such as software vendors that connect smart devices to the internet and analytics vendors that aggregate and process the underlying data.  Consumer expectations, according to the FTC, are particularly sensitive when dealing with the use of data by these non-consumer-facing companies. 
 
The IoT also increases the number of companies that have consumer data and could, therefore, misuse or lose control of such data.  This requires additional diligence to ensure that all companies are taking adequate steps to protect the security of data they maintain.  Finally, Chairwoman Ramirez observed a third new challenge that IoT can create additional opportunities for hacking, some of which could literally result in physical harm. 
 
The FTC believes IoT companies must earn and keep consumer trust.  To that end, the FTC is committed to being nimble and smart to keep pace with technology and to leverage its resources in achieving its ultimate objectives: to enhance the understanding of consumer expectations, to inform how and whether industry practices align with those expectations, and to guide the ways in which devices and data can be secured in this new landscape. 
 
Following Chairwoman Ramirez’s remarks, PrivacyCon’s opening session also focused specifically on “IoT and Big Data,” featuring research from several different perspectives: (i) privacy vulnerabilities of encrypted IoT traffic; (ii) cross-app tracking via nearby Bluetooth devices; (iii) evaluating products and services for privacy, security, and data practices; and (iv) a user-centered perspective on algorithmic personalization.  The presentation on product evaluation (by the Director of Electronics Testing at Consumer Reports) may be of particular interest to companies, as it addressed the ongoing efforts to establish a new digital standard for reviewing products traditionally tested by Consumer Reports that now incorporate software and continue to become more inter-connected.  As the IoT continues to grow, device manufacturers and software providers will want to stay apprised of expectations and activities of both government agencies such as the FTC and consumer advocacy organizations such as Consumer Reports.
 
George Gasper is a partner in Ice Miller’s business litigation group and a member of the Internet of Things Industry Group. Read Ice Miller’s IoT Smart Connections guide here.

This publication is intended for general information purposes only and does not and is not intended to constitute legal advice. The reader should consult with legal counsel to determine how laws or decisions discussed herein apply to the reader’s specific circumstances.



View Full Site View Mobile Optimized