Header graphic for print
Inside Privacy Updates on Developments in Global Privacy & Data Security from Covington & Burling LLP

FTC Announces Workshop On The “Internet of Things”; European Commission Publishes Report

Posted in European Union, Federal Trade Commission, United States

Yesterday, the Federal Trade Commission announced that it would hold a public workshop on November 21, 2013 on “the growing connectivity of consumer devices, such as cars, appliances, and medical devices”―also known as, “the Internet of Things.”  The FTC will accept public comments (due June 1, 2013) in advance of the workshop.

In describing the Internet of Things, the FTC noted that consumers can already use mobile phones to adjust thermostats and open car doors and that these types of services and technologies are rapidly developing.  While the FTC recognized that these functionalities may have benefits for consumers, the FTC is seeking input on the “unique privacy and security concerns associated with smart technology and its data.”  For example, in a blog entry on the workshop, the FTC’s Business Center Blog asks, “What if when we drive near a grocery store, our refrigerator lets us know we’re low on milk?  Would that be convenient?  Disconcerting?  Or maybe a little bit of both?” 

Among the questions that the FTC is seeking specific input are the following:

  • What are the significant developments in services and products that make use of this connectivity (including prevalence and predictions)?
  • What are the various technologies that enable this connectivity (e.g., RFID, barcodes, wired and wireless connections)?
  • What types of companies make up the smart ecosystem?
  • What are the current and future uses of smart technology?
  • How can consumers benefit from the technology?
  • What are the unique privacy and security concerns associated with smart technology and its data? For example, how can companies implement security patching for smart devices? What steps can be taken to prevent smart devices from becoming targets of or vectors for malware or adware?
  • How should privacy risks be weighed against potential societal benefits, such as the ability to generate better data to improve health-care decisionmaking or to promote energy efficiency? Can and should de-identified data from smart devices be used for these purposes, and if so, under what circumstances?

The Internet of Things is not just a trending topic in the United States. The European Commission recently published the results of a public consultation it conducted last year on the Internet of Things (which it short-hands to “IoT”). Last year’s consultation “sought views on an a policy approach to foster a dynamic development of Internet of Things in the digital single market while ensuring appropriate protection and trust of EU citizens.” However, the Commission’s report concludes that, at least at this time, there is no consensus on the need for public intervention in the area, especially in light of the existing legal framework of data protection and competition rules and safety and environmental legislation. The Commission has published a series of fact sheets, including one on privacy and security issues.