As we have seen vividly in recent years, inadequate security and privacy protections in the Internet of Things (IoT) can have devastating impacts – on Internet users and core infrastructure. The high profile Mirai botnet distributed denial of service (DDoS) attack in 2016 was a dramatic example of the effects of poor security in IoT devices, and CloudPets connected teddy bears were withdrawn from sale by most retailers after it was revealed that millions of voice recordings between parents and their children were exposed. But the threats from these insecure devices don’t vanish when they are updated or recalled, since there is often a large number of them still in service, and still vulnerable.
Because of this, the Internet Society is particularly focused on improving the security and privacy of consumer IoT. As a rapidly growing area, it is especially vulnerable and has been exploited by malicious actors.
That’s why we’re encouraging manufacturers to adopt Trust by Design.
“Trust by Design” – an umbrella term that includes Privacy by Design and Security by Design – is an essential component of a healthy IoT ecosystem. It has significant implications beyond IoT for the health of the Internet as a whole, and all of its users.
The Privacy by Design concept was developed by Dr. Ann Cavoukian in the 90s in response to the growing and systemic effects of information technologies and large scale data systems. It has since become a foundational concept, underlying much of the work on privacy protection that has followed. There are 7 key principles:
- Proactive not reactive: preventative not remedial
- Privacy as the default setting
- Privacy embedded into design
- Full functionality: positive-sum, not zero-sum
- End-to-end security: full lifecycle protection
- Visibility and transparency: keep it open
- Respect for user privacy: keep it user-centric
While all 7 principles are essential, there is one we place particular emphasis on (especially with manufacturers): privacy embedded into design.
“Privacy measures are embedded into the design and architecture of IT systems and business practices. These are not bolted on as add-ons, after the fact. The result is that privacy becomes an essential component of the core functionality being delivered. Privacy is thus integral to the system, without diminishing functionality.”
There are several interpretations of Security by Design. The Open Web Application Security Project (OWASP) Foundation does a good job of explaining the fundamental principles:
- Minimize attack surface area
- Establish secure defaults
- Principle of Least privilege
- Principle of Defense in depth
- Fail securely
- Don’t trust services
- Separation of duties
- Avoid security by obscurity
- Keep security simple
- Fix security issues correctly
We believe proper security should be included at all steps of the design and architecture of IoT systems, not as an afterthought.
The Online Trust Alliance (OTA, an Internet Society initiative) IoT Trust Framework has 40 key principles that provide a set of guidelines for manufacturers as they design and develop products and services – with privacy and security as a top priority. Developed through a consensus-driven, multistakeholder process, this IoT Trust Framework is unique in two significant ways:
- It takes into account the lifecycle issues associated with IoT products and services..
- It addresses the entire ecosystem, holistically, including devices/sensors, mobile apps, and backend services. Most frameworks focus on just the devices, but a system is only as strong as its weakest link.
There is a great deal that we can all do. In particular, it’s important that:
- Manufacturers take affirmative steps to improve the security and privacy of the devices they produce
- Retailers understand the role they play and the impact they can have when they take these factor into account when deciding upon which products to sell
- Consumers inform themselves, using credible sources, to understand the security and privacy aspects of IoT devices they are considering or already using
- Policymakers and regulators look at the roles they can play and work together with other key stakeholders toward better outcomes
Learn more about Trust by Design and what manufacturers, retailers, consumers, and policymakers can do:
- IoT Security for Policymakers
- The Economics of the Security of Consumer-Grade IoT Products and Services
- IoT Trust Framework
- This Valentines Day All We Want Is Products That Meet Minimum Security Standards (Internet Society, Consumers International, and Mozilla)
- Minimum Standards for Tackling IoT Security (an open letter to retailers from the Internet Society, Consumers International, Mozilla, and others)
- IoT Privacy for Policymakers (coming soon, check this page)