November 2, 2016–Policy-makers face a difficult challenge in trying to ensure the security of Internet of things devices because of the uncertainty of the security risks and the danger that regulation could inhibit a nascent marketplace, according to a report today from Silicon Flatirons.
“It is important that regulators not overreact as IoT is still in the early stages of development,” the report said. “There are enormous potential benefits to society and consumers from IoT technology. By focusing on precautionary measures (and the precautionary principle), regulators run the risk of harming innovation.”
“A national strategy on IoT would help advance IoT deployment and monitor changing circumstances,” the report added. “Such an effort could seek to enhance security on existing models, particularly through collaborative, standards-based approaches and industry-led certifications based on these standards.”
“This would also involve crafting simple and transparent messages to consumers so that they can make better decisions when purchasing and operating mission-critical IoT devices. Moreover, policy-makers can work on creating incentives that encourage reporting and enable information-sharing rather than imposing penalties for near misses or attacking companies who make security and interference incidents public,” it said.
“The government could take a more liability oriented approach,” the report suggested. “If one device fails due to faulty design or care, serious liability penalties would be imposed on the manufacturer. In principle, this could incentivize more companies to take appropriate security protections to ensure devices operate correctly.”
The report was based on discussion during a June 22 roundtable held by the Silicon Flatirons Center for Law, Technology, and Entrepreneurship in Washington. Silicon Flatirons is a center for innovation at the University of Colorado Boulder. – Tom Leithauser, firstname.lastname@example.org