In with the New: Expect FTC Activity on Internet of Things (IoT) in 2015
The “Internet of Things” (IoT) continues to grow. (IoT refers to the ability of everyday objects to connect to the Internet and one another.) It is estimated that there will be 4.9 billion connected appliances, devices and other “things” in use worldwide by the end of 2015, an increase of 30 percent from 2014. The global market for IoT products is expected to reach $7.1 trillion by 2020.
Proponents of IoT believe that the data generated and shared by connected objects can provide tremendous benefits for individuals, businesses and society as a whole. For example, IoT devices could be used to alert a person of an impending heart attack, improve a business’ manufacturing processes and reduce vehicle traffic congestion. While IoT can provide many benefits, it also poses privacy and security challenges. Internet connected devices, especially when used in an individual’s home or on his or her body, can generate voluminous amounts of highly personal and sensitive data about that individual, including information about physical activity, existing health conditions, energy consumption and entertainment choices. Many users of these devices are unclear about how this data is being used and shared with others. Moreover, the sheer amount and sensitivity of the data collected and transmitted by many IoT products make them an appealing target for hackers.
The Federal Trade Commission (FTC) did not file an enforcement action against a manufacturer of IoT products for inadequate data privacy and security practices in 2014, as it had in 2013. Nonetheless, the privacy and security challenges associated with the massive collection of consumer data by IoT products still are on the FTC’s radar. Commissioner Julie Brill has written extensively about the need to weave in privacy principles to IoT. While IoT products ranging from automated door locks to internet connected pet trackers dominated this year’s International Consumer Electronics Show (CES), Chairwoman Edith Ramirez’s keynote address at the CES outlined several concerns about IoT, including ubiquitous data collection, the ability of IoT devices to capture sensitive personal information about consumers, unexpected uses of consumer data and data security concerns.
Since IoT is on the FTC’s radar, I predict that the FTC will carefully scrutinize manufacturers of IoT products during 2015 and perhaps bring another action against a maker of IoT products for inadequate data privacy or security practices.