The Internet of Things (IoT) offers untold benefits but will also create myriad security risks which pose major threats that must be addressed, according to Federal Trade Commission chairwoman Edith Ramirez.
Ramirez said at the CES 2015 trade show in Las Vegas (PDF) that she had no doubt that "the IoT has the potential to transform our daily lives", but warned that it poses "significant privacy and security implications" as more data is collected.
"The introduction of sensors and devices into currently intimate spaces, like our homes, cars and even our bodies, poses particular challenges and increases the sensitivity of the data that is being collected," she said.
"Connected devices are effectively allowing companies to digitally monitor our otherwise private activities."
Ramirez also noted that, with more items being connected to the internet as sensors are embedded in all kinds of everyday devices, the risks of such items being hacked and misused will grow commensurately.
"Any device that is connected to the internet is at risk of being hijacked. Like traditional computers and mobile devices, inadequate security on IoT devices could enable intruders to access and misuse personal information collected and transmitted by the device," she said.
Ramirez warned that businesses involved in the IoT market must consider security from the off, and listed five key points that must be considered.
These are conducting privacy and security risk assessments; testing security measures before launching products; using encryption for the storage and transmission of data; monitoring products throughout their lifecycle; and using smart defaults and complex passwords.
Ramirez also urged firms that collect data to collect only the information they require and to delete it afterwards.
"Companies that collect personal information should follow the principle of data
minimisation. In other words, companies should collect only the data needed for a specific purpose and then safely dispose of it afterwards," she said.
Ramirez suggested that firms should be open about the sort of data their applications will collect and how it will be used, so that the IoT market begins with trust and clarity at its core.
"I am confident that the same ingenuity, design acumen and technical know-how
that is bringing us the IoT can also provide innovative ways to give consumers
easy-to-understand choices," she said.
The IoT is seen as a major growth area by many, including the UK government, and several tests beds and networks have gone live to support the deployments of IoT projects.
BT wants to make the public switched telephone network history within eight years
Personal data being purloined by third parties via Facebook Login API
MacOS and iOS are better off apart, says CEO Tim Cook
Or they'll no longer be entitled to updates and bug patches