HomeNews EventsPress ReleasesSecurity and Privacy Checklist for Consumers Gifted with Internet Connected Devices

Security and Privacy Checklist for Consumers Gifted with Internet Connected Devices

Non-profit estimates more than 50 million smart gadgets will be sold during holiday season; urges buyers make security and privacy part of their purchase decisions

Wed, Dec 9, 2015

The Online Trust Alliance (OTA), the non-profit with the mission to enhance online trust, today released a Smart Device Purchase and Set-Up Checklist to help protect the security and privacy of consumers who buy or receive smart or connected devices. By following the checklist, users can take steps to safeguard their personal information and 

prevent devices such as TVs, home appliances and thermostats, children’s games, baby monitors and fitness trackers from being hacked or compromised.

OTA released these recommendations to coincide with the holiday shopping season because the organization estimates that more than 50 million Internet-connected devices will be sold during this time period. “That’s 50 million opportunities for data and home network compromises as well as privacy abuses, which is why it’s imperative that consumers follow our guidelines,” said Craig Spiezle, Executive Director and President of OTA. “Consumers should not have to pay twice—once with their credit card and then again in perpetuity with their personal data, identity and safety.”

Consumers who fail to follow these guidelines are potentially putting their personal and family data at risk. For example, owners of products with integrated cameras such as baby monitors and smart TVs could be spied on by hackers if the devices are compromised.

“The best deals or coolest features aren’t the only things to look for when buying connected devices,” said Susan Grant, Director of Consumer Protection and Privacy at the Consumer Federation of America. “It’s also important to consider privacy and security, and this checklist will help consumers make well-informed decisions in choosing and using these devices.”

“While people are aware that they need to have security on their connected devices, they don’t always take the necessary steps to protect themselves,” said Brian Witten, Senior Director of IoT at Symantec. “Until device manufacturers build security into their products, the responsibility relies with the consumer. That’s why OTA is driving awareness of this issue with easy-to-follow guidelines for consumers. By following OTA’s checklist, more people will be able to make smarter security decisions about their connected devices and better protect themselves.”

Some of the key recommendations of the smart device checklist include:

  • Before purchase, confirm your ability to return the device for a refund if upon set up you find the security and/or privacy practices do not meet your personal requirements. If you cannot opt out of sharing data with third parties or are not provided the option of opting in, consider alternative products.
  • Before purchase, review the device’s warranty and support policies and verify that security and software patches are provided for the life of the product, beyond that of the warranty offered by the manufacturer.
  • Review the privacy practices of connected devices you own or are considering buying, including data collection and sharing policies with third parties. Reset permissions to reflect your preferences (for example – data collection and sharing, camera and microphone settings and other functions). If your settings cannot be modified, consider the “reset to factory settings” option to force a clean setup.

Today’s Smart Device Purchase and Set-Up Checklist was developed by OTA’s Internet of Things (IoT) Working Group, which is made up of some of the world’s most recognizable brands and technology companies in concert with leading consumer and privacy advocates. The checklist is a work product of OTA’s ongoing Internet of Things (IoT) Trust Framework global initiative, which provides guidance for device manufacturers and developers to enhance the security, privacy and sustainability of connected home devices, wearable fitness and health technologies, and the data they collect. 

OTA and the National Association of Realtors also recently developed a similar checklist. The Smart Home Checklist offers guidance to help home buyers, renters and sellers manage the privacy and security of their smart homes and devices.

“With the number of smart homes expected to double next year to 339 million and the number of connected devices forecasted to increase to 1.6 billion, these guidelines and the Trust Framework are proving to be invaluable for consumers and the industy alike,” said Spiezle.

See OTA blog - It Sees You When You're Sleeping, It Knows When You Are Awake

About OTA: 

The Online Trust Alliance (OTA) is a non-profit with the mission to enhance online trust and user empowerment while promoting innovation and the vitality of the Internet. Its goal is to help educate businesses, policy makers and stakeholders while developing and advancing best practices and tools to enhance the protection of users' security, privacy and identity. OTA supports collaborative public-private partnerships, benchmark reporting, and meaningful self-regulation and data stewardship. Its members and supporters include leaders spanning the public policy, technology, ecommerce, social networking, mobile, email and interactive marketing, financial, service provider, government agency and industry organization sectors.

    • IoT Privacy Security