TrustArc Blog

End of Month Recap: What You May Have Missed [August]

August 31, 2015

At the end of each month we’ll compile a list featuring some of the most informative and interesting privacy blog posts to let you know what topics are driving the privacy agenda this month. This month on the blog we covered data breaches, ‘Right to be Forgotten,’ and the new IoT Trust Framework, among other topics. This was the second month of our new series featuring the leading players in the Privacy Ecosystem. Check out the list below for some of the most popular blog posts this month:   New IoT Trust Framework Addresses Privacy Risks & Guidelines On Aug. … Continue reading End of Month Recap: What You May Have Missed [August]

Can Self-Regulation Meet Privacy Challenges of IoT?

June 23, 2015

By Matthew E.S. Coleman, JD, CIPP/US, Enterprise Privacy Solutions Manager at TRUSTe

Regulators are struggling. They are struggling to find a paradigm to protect consumer privacy in the face of rapid technological change. This sentiment kicked off a panel titled, “Can Self-Regulation Meet Privacy Challenges of IoT?” at TRUSTe’s Internet of Things (IoT) Privacy Summit in Menlo Park, CA on Wednesday. The panel, moderated by Nancy Libin, former Chief Privacy Officer of the Department of Justice, contained a diverse array of privacy professionals from private, public, and, non-profit backgrounds. Panelists included Alex Reynolds, Director and Regulatory Counsel, Consumer Electronics Association; Justin Brookman, Director of Consumer Privacy, Center for Democracy & Technology; Hilary Cain, Director of Technology & Innovation Policy, Toyota Motor North America, Inc.; and Nithan Sannappa, Senior Attorney, Federal Trade Commission.

The panelists largely focused on the recommendations presented in the Federal Trade Commission’s January 2015 report titled, “Internet of Things: Privacy and Security in a Connected World.” There are three main principles from the report touted as a workable privacy standard for IoT device manufacturers: 1) Security; 2) Data Minimization; and 3) Notice and Choice.

The FTC has historically enforced reasonable security as a part of its unfair practices purview. In the context of IoT devices, what is deemed reasonable is largely based on context. What types of information is the device collecting? Is it sensitive personal information (e.g., geolocation, protected health information, etc.)? What quantity of data is collected? The higher the risk profile associated with the data collected then the stronger the protections required on a device.

Read more “Can Self-Regulation Meet Privacy Challenges of IoT?”

Privacy & The Internet of Things: The Importance of Transparency in Accounting for What We Can’t See

June 04, 2015


By Jessica Groopman, Industry Analyst, Altimeter Group

Perhaps the most important lesson the Internet has taught us is that connectivity itself has infinite implications—for good, bad, and most importantly, the unforeseen. We’ve watched digital transform entire industries like publishing, media, music, and retail. As we enter into the next phase of the Internet—the so-called Internet of Things, or more accurately, the digitalization of the physical world through sensors, data and connectivity— the potential for unforeseen implications and unintended consequences skyrockets.

We Can’t Know What We’ve Never Seen

The ratio of unforeseen consequences of data use, aggregation, sharing and targeting eclipses what we can predict. Yet we can illuminate our understanding of this with the following two implications:

  • Connecting things anoints them with context through the data that is inherently created.
  • Connecting things renders the things themselves and the data these things emit vulnerable to threats—to security, privacy and safety.

As the IoT industry grapples with these two competing implications, weighing innovation, opportunity, and potential on the one hand with security, privacy, and safety risks on the other, all constituents involved have a role in helping pave the way. Today we see a dizzying amount of activity and discussion around how to navigate these implications, but we’re in the infancy of this discourse, nevermind its application.

Read more “Privacy & The Internet of Things: The Importance of Transparency in Accounting for What We Can’t See”

Majority of Consumers Want to Own the Personal Data Collected from their Smart Devices [SURVEY]

January 05, 2015

No doubt, connected devices are an increasingly hot commodity as the Internet of Things market continues to grow and will again be a major focus at the 2015 Consumer Electronics Show this week in Las Vegas. However, the one issue that could put a damper on this growth is consumer concerns about data privacy issues and sharing personal information.

Today, TRUSTe released some interesting new data related to the privacy concerns surrounding the growing Internet of Things (IoT). Two studies commissioned by TRUSTe, one in the U.S. and one in the U.K., show that 35% of U.S. consumers and 41% of British consumers own one or more smart devices other than a smart phone. The survey also showed that 79% of U.S. consumers and 80% of British consumers are concerned about the idea of their personal information collected by smart devices.

Slightly more Americans (20%) than Brits (14%) believe that the benefits of smart devices outweigh any privacy concerns, however both numbers are notably low. Perhaps not surprisingly, the majority of consumers – 69% of U.S. consumers and 73% of British consumers – believe they should own any data collected through their smart devices, raising even more questions around the uncertainties of privacy in the big data era.

Read more “Majority of Consumers Want to Own the Personal Data Collected from their Smart Devices [SURVEY]”

How the Internet of Things Transforms the Product Lifecycle

July 08, 2014

By Aaron Weller, Al Sweeny, Brad Chin and Radhika Srivastava of PwC

There is a lot of anticipation, investor excitement, and hype regarding the potential benefits of the Internet of Things (IoT), as often happens with transformational products at the start of their adoption cycle. Beyond just getting the initial devices out the door, forward thinking organizations need to consider the steps to be taken throughout the entire product lifecycle; i.e. how will these devices be supported and maintained over time? Speed to market in the IoT realm can have unintended and expensive consequences.

Consideration should be given to devices that may have an extended operational lifespan or whose software goes through several iterations of updates or releases. For instance, how often do people replace their refrigerator? If the device is smart, the expectation is that the features and functionality will evolve over the lifecycle of the product.  We have already seen this occur in televisions where Samsung has provided ‘upgrades’, including additional processors and memory to enable the use of advanced smart features.

Read more “How the Internet of Things Transforms the Product Lifecycle”

Internet of Things Industry Brings Data Explosion, but Growth Could be Impacted by Consumer Privacy Concerns

May 29, 2014

New research for TRUSTe released today, shows that consumer privacy concerns (#iotprivacy), could hinder the growth of the Internet of Things (IoT) market. The research findings in the U.S. and Great Britain reveal that 59% of U.S. internet users and 47% of British internet users know that smart devices, such as smart TVs, fitness devices and in-car navigation systems can collect data about their personal activities. A Gartner study recently predicted that there will be 26 billion connected devices by the year 2020, but our latest research shows consumers want  more information and controls before purchasing or using a smart … Continue reading Internet of Things Industry Brings Data Explosion, but Growth Could be Impacted by Consumer Privacy Concerns