8/18/2015 10:09:52 AM
Online Trust Alliance Releases Guidelines for IoT Consumer Protections
Online Trust Alliance,IoT Guidelines
https://appdevelopermagazine.com/images/news_images/Guidelines-for-IoT-App-Developer-Magazine_xun0uox4.jpg
App Developer Magazine

Online Trust Alliance Releases Guidelines for IoT Consumer Protections



Stuart Parkerson Stuart Parkerson in IoT Tuesday, August 18, 2015
6,241

The Online Trust Alliance (OTA) has released its Internet of Things Trust Framework designed to address IoT risks for consumers. The OTA is a non-profit organization with the mission to enhance online trust and user empowerment while promoting innovation and the vitality of the Internet.

The new Internet of Things Trust Framework presents guidelines for IoT manufacturers, developers and retailers to follow when designing, creating, adapting and marketing connected devices in two key categories: home automation and consumer health and fitness wearables

The framework was created by the OTA IoT Working Group which determined that the safety and reliability of any IoT device, app or service depends equally on security and privacy. There was a third, often overlooked component - sustainability (the life-cycle supportability of a device and the protection of the data after the warranty ends) which the OTA states is critical to the security, privacy and personal safety of users and businesses worldwide.  

The OTA points out that without addressing sustainability, devices that may have been secure off the shelf will become more susceptible to hacking over time. This could lead to hackers remotely opening garage doors, turning on baby monitors that are no longer patched, infiltrating fitness wearables to spy on health vitals or sabotaging connected appliances.

The OTA has opened a call for comments for best practices to be included as part of the framework which offers the proposed suggestions below:

- Making privacy policies readily available for review prior to product purchase, download or activation.

- Encrypting or hashing all personally identifiable data both at rest and in motion.

- Disclosing prior to purchase a device’s data collection policies, as well as the impact on the device’s key features if consumers choose not to share their data.

- Disclosing if the user has the ability to remove or make anonymous all personal data upon discontinuing device or device end-of-life.

- Publishing a timeframe for support after the device/app is discontinued or replaced by newer version.

In parallel with these best practices, the OTA is developing testing tools and methodologies to formalize the IoT Trust Framework with scoring criteria, which will lead to a voluntary code of conduct and certification program. OTA is seeking public and industry comment on this list of best practices from now until Sept 14, 2015. To review the framework, provide feedback, or for information on joining the IoT Working Group, click here.


Read more: https://otalliance.org/system/files/files/in_the_n...

A new way to manage your development projects

Learn the best ways to organize your app development projects, and keep code straight, clients happy, and breathe a easier through launches.
 

The Latest Nerd Ranch Guide (3rd Edition) to Android Programming

Write and run code every step of the way, using Android Studio to create apps that integrate with other apps, download and display pictures from the web, play sounds, and more. Each chapter and app has been designed and tested to provide the knowledge and experience you need to get started in Android development.

Starting your own app business?

How to create a profitable, sustainable business developing and marketing mobile apps.



Comments

There are no comments yet, be the first to leave your remarks.

Leave a Reply