The FTC released two guides on the privacy and security issues related to the Internet of Things.  The first is a staff report based on discussions in an FTC-hosted workshop on the subject held on November 19, 2013.  In addition to summarizing the workshop discussions, the report contains staff’s recommendations in the IoT space.  This prompted a FTC Commissioner (Joshua Wright) to dissent from the decision to issue the report.  In Commissioner Wright’s view, it is premature to publish staff recommendations in this area without further research, data, and analysis.  The dissenting statement can be found here.

The report discusses the benefits of IoT as well as three risks:

  1. enabling unauthorized access and misuse of personal information;
  2. facilitating attacks on other systems; and
  3. creating risks to personal safety

The report also discusses Fair Information Practice Principles including security, data minimization, notice, and choice.  Click here to read the full report.

Along with the staff report, the FTC issued a guide called “Careful Connections” that provides recommendations on building security into IoT applications.  Download the guide here.