Consumers Revolt Over IoT Security Shortcomings
The Internet Society is urging IoT manufacturers to build stronger security measures into devices after releasing new research revealing that nearly two-thirds (64%) of British consumers have concerns over the way they collect personal data.
The non-profit polled over 1300 adults in the UK as part of global research into the fast-growing market for connected devices.
With the majority of consumers now owning such devices, there appears to be a growing gap between their expectations regarding security and privacy and what is being provided by device makers.
Nearly half of Brits don’t trust their device to protect their privacy (48%) or handle their information responsibly (49%), while 59% think their IoT device is “creepy,” the research found.
Global respondents believe that IoT security and privacy is a shared responsibility between consumers (60%), regulators (88%), manufacturers (81%) and retailers (80%).
“Consumers have told us they accept that they have some responsibility for the security and privacy of their IoT products but that isn’t the end of the story. They, and we, want to see tangible action from manufacturers, retailers, and governments on this issue. It has to be a collective effort, not the responsibility of one group,” argued Helena Leurent, director general of Consumers International.
“We are exploring this conversation with progressive manufacturers. Together we are looking at the opportunity to create person-centered technology, that people not only enjoy using, but feel safe and secure doing so. By doing this business can address the concerns of those not engaging with this tech, and open up the benefits of the Internet of Things to everyone.”
The majority of British consumers agree, with 85% arguing manufacturers should only produce secure and privacy-protecting kit, while a similar number (86%) said retailers have a responsibility to only sell hardware that meets these standards.
The ability of consumers and retailers to differentiate between secure and potentially vulnerable IoT devices received a boost earlier this year when the European Telecommunications Standards Institute (ETSI) introduced a new globally applicable standard.
The ETSI TS 103 645 standard is based on a UK government industry code of practice introduced last year and should encourage more manufacturers to improve baseline security whilst providing buyers with a clear label of quality to look out for.
It comes a year after the British Standards Institution (BSI) introduced a kitemark for consumer and business-grade IoT devices.
Source: Information Security Magazine