The 2017 CompTIA State Tech Summit featured an engaged second panel conversation on Internet of Things (IoT) data collection, storage, usage and most importantly consumer trust.
Margaret Gladstein, partner of Capitol Advocacy served as moderator and the panelists were: Joe Gervais, Principal Cybersecurity Researcher, LifeLock, Leah Popoff, State and Local Government Affairs at VMware and John Punzik, National Business Development Manager, SLED at VMware.
The launching point for the panel discussion was the The Teddy Bear and Toaster Act, a bill prepared by California lawmakers requiring manufacturers to notify consumers when ‘smart’ internet-connected products were collecting information and requiring consumer consent before collecting/transmitting information beyond “the stated functionality of the device.” The bill did not advance in the California State Legislature but could come up for consideration again in 2018.
While the Teddy Bear and Toaster act was deeply flawed, it encapsulates many of the throny questions that face us all. What is the correct balance between consumer privacy and advancement of innovation through technology neutral policies? How will IoT change our devices in the next 5 years? Who owns the data?
The advent of technologies like fitbit and personal on-line assistants like Siri, Alexa and Cortana, make these questions all the more trenchant. One thing was certain: all the panelists agreed that security cannot be an afterthought. Government and businesses must put these concerns front and center as we educate legislators, government administrators and citizens alike about good cyber hygiene, cybersecurity practices and a commitment to security by design.