FTC Seeks Input on Privacy and Security Implications of the Internet of Things

The staff of the Federal Trade Commission is interested in the consumer privacy and security issues posed by the growing connectivity of consumer devices, such as cars, appliances, and medical devices, and invites comments on these issues in advance of a public workshop to be held on November 21, 2013 in Washington, D.C. 

The ability of everyday devices to communicate with each other and with people is becoming more prevalent and often is referred to as “The Internet of Things.”  Consumers already are able to use their mobile phones to open their car doors, turn off their home lights, adjust their thermostats, and have their vital signs, such as blood pressure, EKG, and blood sugar levels, remotely monitored by their physicians. In the not too distant future, consumers approaching a grocery store might receive messages from their refrigerator reminding them that they are running out of milk.

Connected devices can communicate with consumers, transmit data back to companies, and compile data for third parties such as researchers, health care providers, or even other consumers, who can measure how their product usage compares with that of their neighbors.  The devices can provide important benefits to consumers:  they can handle tasks on a consumer’s behalf, improve efficiency, and enable consumers to control elements of their home or work environment from a distance. At the same time, the data collection and sharing that smart devices and greater connectivity enable pose privacy and security risks.

FTC staff seeks input on the privacy and security implications of these developments.  For example:

• What are the significant developments in services and products that make use of this connectivity (including prevalence and predictions)?
• What are the various technologies that enable this connectivity (e.g., RFID, barcodes, wired and wireless connections)?
• What types of companies make up the smart ecosystem?
• What are the current and future uses of smart technology?
• How can consumers benefit from the technology?
• What are the unique privacy and security concerns associated with smart technology and its data?  For example, how can companies implement security patching for smart devices?  What steps can be taken to prevent smart devices from becoming targets of or vectors for malware or adware?
• How should privacy risks be weighed against potential societal benefits, such as the ability to generate better data to improve health-care decisionmaking or to promote energy efficiency? Can and should de-identified data from smart devices be used for these purposes, and if so, under what circumstances?

FTC staff will accept submissions through June 1, 2013, electronically through iot@ftc.gov or in written form.  Paper submissions should be mailed or delivered to:  600 Pennsylvania Avenue N.W., Room H-113 (Annex B), Washington, DC 20580.  The FTC requests that any paper submissions be sent by courier or overnight service, if possible, because postal mail in the Washington area and at the Commission is subject to delay due to heightened security precautions.

The Federal Trade Commission works for consumers to prevent fraudulent, deceptive, and unfair business practices and to provide information to help spot, stop, and avoid them. To file a complaint in English or Spanish, visit the FTC's online Complaint Assistant or call 1-877-FTC-HELP (1-877-382-4357). The FTC enters complaints into Consumer Sentinel, a secure, online database available to more than 2,000 civil and criminal law enforcement agencies in the U.S. and abroad. The FTC’s website provides free information on a variety of consumer topics.  Like the FTC on Facebook, follow us on Twitter, and subscribe to press releases for the latest FTC news and resources.