In a sign of the times, consumer watchdog Consumer Reports is gearing up to rate appliaces have little in terms of built-in security, making consumers vulnerable to hacks and attacks. In October, a denial of service attack, partially carried out by infected IoT devices, brought down major websites including Twitter Inc. (TWTR), Netflix Inc. (NFLX) and Etsy Inc. (ETSY) in some cases for several hours.
nces and other wirelessly connected devices based on their privacy and security.
With the market for Internet of Things (IoT) devices expected to explode, and lot of tech companies eyeing the market including Samsung Electronics (SSNFL), Google Inc. (GOOG), Microsoft Corp. (MSFT) and AT&T Inc. (T), consumers are increasingly weighing the benefits with protecting their privacy and data. Consumer Reports is responding by beginning the process of someday rolling out a new rating system to help consumers gauge if a device manufacturer, software company or mobile app took the appropriate steps to protect their customers’ information and privacy.
Consumers’ Privacy Concerns
On its website, Consumer Reports said it was launching the new evaluation criteria in response to its recent CR Consumer Voices survey that showed that 65% of people in the U.S. are slightly to not at all confident their data is private and isn’t distributed without their consent. “We think it’s unfair and unrealistic to expect consumers to constantly play defense when the products and services they use aren’t engineered with basic privacy and security protections built in,” wrote the consumer watchdog, noting that while it often writes about security vulnerabilities and provides advice to readers about protecting their personal information as an organization, it says it’s aiming to do more and thus the new ratings.
In the first wave of its new efforts, the non-profit is looking to create a standard that protects consumers’ security and privacy, and it wants companies to use the standard when designing and building IoT devices, software and mobile apps. By creating a standard covering security and privacy, Consumer Reports argues consumers will get more control over their personal data. Down the road, Consumer Reports said the standard could be used to develop test protocols to evaluate and rate products, empowering consumers to make informed purchases. “If Consumer Reports and other public-interest organizations create a reasonable standard and let people know which products do the best job of meeting it, consumer pressure and choices can change the marketplace. We’ve seen this repeatedly over our 80-year history,” Consumer Reports said.
First Up: An Industry Standard
When it comes to protecting consumers’ privacy Consumer Reports wants device makers to require users to choose unique usernames and passwords during the setup likening it to what banks require for online account access. The new privacy standard also urges companies to remove consumer data from their servers if a consumer requests that and to encrypt the data that is sent through the internet. It also wants technology companies to be transparent in how customers’ information is shared.
Wirelessly internet connected devices are already taking off around the world with TVs, appliances, baby monitors and a host of other gadgets talking to the internet. That convenience comes at a price: security.
Many of the devices have little in terms of built-in security, making consumers vulnerable to hacks and attacks. In October, a denial of service attack, partially carried out by infected IoT devices, brought down major websites including Twitter Inc. (TWTR), Netflix Inc. (NFLX) and Etsy Inc. (ETSY) in some cases for several hours.