Consumer Electronics Daily was a Warren News publication.

Privacy, Security Concerns Arise at IoT House Hearing

Security and privacy for IoT devices were concerns for industry representatives and some House Digital Commerce and Consumer Protection Subcommittee members at a Tuesday hearing (see 1706120027). IoT device proliferation seemingly "opens the door for a virtual smorgasbord of bad actors and malware being developed," said Rep. David McKinley, R-W.Va. "What role ... should we be playing to try to correct that?" Bill Kuhns, Vermont Energy Control Systems director-product development, said industry can try to make sure devices are as secure as possible, and more effective national and international law enforcement response is needed. "If I’m in my house and somebody’s going around rattling the door, I can call the police and say, 'Hey, there’s a bad guy trying to get in.' In the internet, people are rattling my doorknob hundreds of times per day and there’s not anyone I can call," he said. In response to questions from Republican Reps. Leonard Lance of New Jersey and Gus Bilirakis of Florida, Integra Devices Chief Technology Officer Mark Bachman said privacy for consumer-facing products is a big concern and is continuously evolving with no single standard. Ideas such as end-to-end encryption and better authentication are needed, but he said an independent watchdog that could certify products as "safe" similar to EPA's Energy Star program would help consumers and industry. Bachman said industry should also be required to disclose what and when data is collected and with whom it's shared. Latta asked Peter Kosak, General Motors North America executive director-urban active solutions, what efforts GM and the auto industry are making to protect against cyberattacks. Kosak said the GM team responsible for the issue is growing, and cybersecurity is being designed into systems from the outset. Auto companies are sharing best practices and any information about attacks among themselves and with defense and aerospace industries, he said. Electronic Privacy Information Center President Marc Rotenberg and Policy Director Caitriona Fitzgerald meanwhile wrote Chairman Bob Latta, R-Ohio, and ranking member Jan Schakowsky, D-Ill., to consider privacy and security in legislation. Unregulated collection of personal data and IoT growth "led to staggering increases in identity theft, security breaches, and financial fraud," they said: A "recent law enforcement request for Amazon Echo recordings shows that 'always on' devices will be much sought-after sources of information by law enforcement, foreign and domestic intelligence agencies, and, inevitably, cybercriminals" (see 1703070053 and 1701060025).