The ACM US Public Policy Council (USACM) and the ACM Europe Council Policy Committee (EUACM) have released a Statement on IoT Privacy and Security addressing existing and expected privacy and security concerns in the Internet of Things (IoT) ecosystem.
IoT is catalysing new applications and opportunities for society. The benefits to productivity and efficiency are unprecedented. The growing dependence on IoT components makes the reach and impact of the technology unparalleled.
At the same time, the IoT ecosystem, characterised by the pervasiveness and the diversity of its components, raises unique privacy and security concerns. The implications for physical safety and the threat of unexpected risks enhance the need for appropriate privacy and security protections of IoT components. Advancements in predictive analytics and algorithms that facilitate large-scale collection, use, analysis, and sharing of user data amplify these concerns.
The principles embodied in the USACM/EUACM Statement on IoT Privacy and Security propose policy and technical approaches to tackle emerging privacy and security challenges while ensuring that the technology continues to move forward. The Statement on IoT Privacy and Security highlights the complementary nature of privacy and security and the importance of addressing IoT privacy and security throughout the entire lifecycle of a product.
The Statement on IoT Privacy and Security is guided by the belief that a variety of stakeholders—including government officials, academia, industry, nonprofits, technical experts, and consumer advocates—need to jointly address the challenges brought on by the large-scale nature and reach of IoT.
The statement calls for coordinated efforts among stakeholders, including internationally, as many of these issues will cross borders. The statement raises the importance of educating consumers. Transparency and consumer empowerment are integral to promoting consumer trust and safety.
“These principles seek to address and avoid problems at their source,” said Stuart Shapiro, USACM chair. “With the ubiquity of IoT, retrofitting is not always a possibility, and, when it is, it can be difficult and costly.”
Fabrizio Gagliardi, EUACM chair, added that the global nature of IoT calls for an international strategy. “IoT issues cross borders and international coordination is necessary,” said Gagliardi. “The privacy and security of the IoT ecosystem is an important topic for computing experts globally. The Statement on IoT Privacy and Security provides solid guidance for policymakers in the United States and in Europe.”
The Statement on IoT Privacy and Security will serve as a foundation for a forthcoming Policy White Paper on IoT.