Menu
Let us look at the code running our devices, says Federal Trade Commissioner

Let us look at the code running our devices, says Federal Trade Commissioner

U.S. Federal Trade Commissioner Terrell Sweeny thinks consumers should be allowed to inspect the code running on their connected devices

Consumers should have the right to inspect the source code for connected devices they own, to ensure it doesn't contain bugs or backdoors, one U.S. Federal Trade Commissioner believes.

As we connect our homes, our vehicles and our clothing to the Internet of Things, "We need to be very mindful of consumer data security and be very careful of anything that undermines that data security," said Commissioner Terrell McSweeny.

McSweeny was speaking in a personal capacity at the State of the Net conference in Washington, D.C., on Monday, but her position as one of four Commissioners at the U.S. Federal Trade Commission could allow her to influence policy.

She doesn't plan on reverse-engineering her connected devices herself.

"That's certainly not what I'm going to be doing with my free time," she said. "I don't have the technical ability to do that."

However, she would like to see consumer devices made more open to their owners.

"I think transparency and having the ability to take a look at some of these things is going to be incredibly important... for the people that have the capacity to do that."

White-hat security researchers are playing a vital role, she said, developing tools to examine devices and gain control of them -- but those tools need to come out of the lab and into stores.

"I really hope innovations will come into the market that will help me as an individual consumer."

The kind of help she's looking for is with ensuring that her privacy preferences are respected by the different devices she's connecting to, and warning her when they are not.

Representatives of other U.S. federal agencies have recently called for backdoors to be introduced into all sorts of electronic devices and software in order to allow law enforcement and intelligence services to listen in on encrypted communications. Such backdoors are often called for in the name of preventing terrorism, although a recent proposition in California says such moves should be taken to stop "human trafficking."

While acknowledging that law enforcers need to have the tools to perform their work, McSweeny said that, as someone responsible for consumer protection, "I deeply worry about things like mandatory back doors and exceptional access systems in consumer-facing products because I think it has the consequence of potentially making consumer data less secure."

Indeed, many have argued that where backdoors are built in for law enforcers, criminals will sooner or later obtain the keys.

"We've been having this debate for a long time in this country. We've had it in the crypto wars, for example," McSweeny said, referring to the U.S. government's attempts to impose a key escrow system for encryption in the 1990s.

"I'm personally opposed to government mandating this kind of thing," said McSweeny, adding that what makes things different this time around is the number of devices we're connecting to in our personal lives, and the amount of data we're putting on those devices.

Concern about who might have access to that data is slowing adoption of such technologies, she said.

And it's not just concern about demands from law enforcers: it's also worries about lax security and sloppy coding.

"I've spent a lot of time at hacker conferences looking at IoT security. I'm also a parent thinking in terms of baby monitors and toys, and I'm deeply worried about some of the security practices," McSweeny said.

Through the Office of Technology Research and Investigation (OTRI), the FTC is developing its in-house capabilities to research security vulnerabilities in products, she said.

That expertise will be useful far beyond individual investigations and enforcement actions, she concluded.

"Having more people who understand technology working on those issues in government and in public policy discussions is going to be incredibly important."


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Featured

Slideshows

The making of an MSSP: a blueprint for growth in NZ

The making of an MSSP: a blueprint for growth in NZ

Partners are actively building out security practices and services to match, yet remain challenged by a lack of guidance in the market. This exclusive Reseller News Roundtable - in association with Sophos - assessed the making of an MSSP, outlining the blueprint for growth and how partners can differentiate in New Zealand.

The making of an MSSP: a blueprint for growth in NZ
Reseller News Platinum Club celebrates leading partners in 2018

Reseller News Platinum Club celebrates leading partners in 2018

The leading players of the New Zealand channel came together to celebrate a year of achievement at the inaugural Reseller News Platinum Club lunch in Auckland. Following the Reseller News Innovation Awards, Platinum Club provides a platform to showcase the top performing partners and start-ups of the past 12 months, with more than ​​50 organisations in the spotlight.​​​

Reseller News Platinum Club celebrates leading partners in 2018
Meet the top performing HP partners in NZ

Meet the top performing HP partners in NZ

HP has honoured its leading partners in New Zealand during 2018, following 12 months of growth through the local channel. Unveiled during the fourth running of the ceremony in Auckland, the awards recognise and celebrate excellence, growth, consistency and engagement of standout Kiwi partners.

Meet the top performing HP partners in NZ
Show Comments