EPIC Asks Congress To Secure The Internet Of Things

The Electronic Privacy Information Center (EPIC) asked Congress to use the reauthorization of the National Telecommunications & Information Administration (NTIA) to finally protect Americans during the rise of the Internet of Things (IoT) in seemingly every aspect of modern life.

"The implications of Internet of Things for consumer privacy and security are far-reaching," the privacy group said in a letter to the head of US House Subcommittee on Communications and Technology. "If the NTIA fails to develop appropriate safeguards, the country will face growing risk."

EPIC isn't alone in thinking IoT devices are a threat. Everyone from Google, which announced in December 2016 a new platform meant to help IoT companies secure their products, to Virginia Senator Mark Warner has called for safer connected devices. These products are threatening on both the individual and national levels. Allowing manufacturers to continue to release them without basic protections is like asking for something bad to happen.

Indeed, some of those bad things have already happened. Popular services like Twitter and Spotify were unreachable for several hours in October 2016 because of an attack on critical infrastructure by malware-affected IoT devices. In December, the Institute for Critical Infrastructure Technology said nations could exploit vulnerabilities in IoT devices for their own purposes, which could lead to a dangerous back-and-forth between various countries.

EPIC asked NTIA to address these problems with consumer protections that:

  • Promote Privacy Enhancing Techniques (PETs) that minimize or eliminate the collection of personal information.
  • Ensure routine security updates for IoT devices; and
  • Carefully assesses IoT deployment for critical functions, including transportation, home security, and medical devices.

The NTIA’s multi-stakeholder processes are simply not working – they result in weak, voluntary self-regulatory regimes. Industry self-regulatory programs do not provide meaningful privacy protections. The NTIA should support a strong legal framework that protects American Internet users and promotes public safety.

This thread is closed for comments
    Your comment
  • firefoxx04
    Why would you ask congress to do that :epic fail:. Sure they will try, while also slipping in a bunch of BS into their proposed laws and arguing non-stop, getting NOTHING done.
  • Slatteew
    While I agree security is necessary, I don't agree with asking Senators to legislate and create "regulations" on products. I don't agree with most regulations. Government over reach and crony capitalism. If consumers want security, people will make it. If they don't bad things can happen, but then people will stop buying those products.
  • jdlech
    Kinda like asking the NSA to help secure your networks. Sure they will, but they'll leave a few back doors for themselves (and for anyone else who finds them).