FTC to connected device makers: Focus on security and privacy

The Federal Trade Commission just laid out its initial recommendations for the burgeoning Internet of Things industry -- and they're pretty much what you'd expect. In an extensive report (PDF) released this morning, the agency emphasized that connected device makers will need to think hard about security, as well as how they manage consumers' private information. That shouldn't be news to any company that's been developing web-enabled products over the past few decades, but it'll be particularly important when even the most mundane devices in our lives are filled with sensors and connected. "The only way for the Internet of Things to reach its full potential for innovation is with the trust of American consumers," FTC Chairwoman Edith Ramirez said in a statement. "We believe that by adopting the best practices we've laid out, businesses will be better able to provide consumers the protections they want and allow the benefits of the Internet of Things to be fully realized."

The FTC's suggestions include considering security when new products are being design (instead of as an afterthought), developing in-depth strategies for when security risks are found, and supporting devices throughout their lifetime (including patching them when necessary). Given that most consumers likely won't even notice when one of their smart devices are compromised (it probably won't be as obvious as a typical PC virus or malware infection), there's more of an impetus of the companies creating connected devices to keep an eye on things. The agency also recommends that companies consider data minimization, the process of keeping consumer data for only a limited period, as well offer people the ability to control exactly how they're data is used. This all may seem obvious, but it's crucial for the FTC to make it clear. After all, you probably don't want your future connected toilet to get compromised and publish the dirty details of your daily routine on Facebook.