Technologist - The FindLaw Legal Technology Blog

More IoT Regulations Brewing in Congress

Did you ever notice how "LoL" and "IoT" look a little alike? "Laugh out Loud" and the "Internet of Things?"

Maybe it's just me, but there is something a little funny about the internet security of a toaster. Or a coffee maker; that's a hot one.

To help keep our toasters and coffee makers safe, Congress is looking for more ways to deal with cyberattacks and privacy breaches through household devices connected to the internet.

Smart Devices and Cybersecurity

Congress is gearing up for more regulations as experts tell lawmakers how cyberattacks can hit homes. Last year, a House subcommittee heard that IoT devices were used to shut down Amazon, Spotify and Netflix.

"These attacks raise troubling questions," Rep. Anna Eshoo said. It is troubling when your smart TV turns against you.

As the New Year rang in with the Twitter President, Congress got more serious about IoT. The FCC issued a 50-page report that said consumer expectations about smart device security are higher than the actual security.

"The large and diverse number of IoT vendors, who are driven by competition to keep prices low, hinders coordinated efforts to build security by design into the IoT on a voluntary basis," the report says. "Left unchecked, the growing IoT widens the gap between the ideal investment from the commercial point of view and from society's view."

Translated into laymanese, that means the vendors are toast.

The Regs Are Coming! The Regs Are Coming!

The Department of Homeland Security has already issued its guidelines for vendors, manufacturers, service providers and others dealing in smart devices.

"The growing dependency on network-connected technologies is outpacing the means to secure them," said Jeh Johnson, secretary of Homeland Security. "Securing the Internet of Things has become a matter of homeland security. "

Here are some of the agency's principles:

  • Incorporate security at the design phase
  • Prioritize measures according to potential impact
  • Advance security updates and vulnerability management
  • Promote transparency across the Internet of Things

In other words, if your smart device doesn't spy on you, your government will. Now, where is my smart thermometer anyway?

Related Resources: