ACM U.S. Public Policy Council Submits Comments on Internet of Things

By Renee Dopplick, ACM Director of Public Policy
April 2, 2017

The ACM U.S. Public Policy Council submitted comments in response to a green paper on “Fostering the Advancement of the Internet of Things,” issued by the U.S. Department of Commerce’s Internet Policy Task Force and Digital Economy Leadership Team. The green paper represents an analysis of comments submitted by stakeholders last year on the role of government in advancing IoT. The green paper cites earlier input from the ACM U.S. Public Policy Council. The U.S. Department of Commerce will use these comments to help inform possible future actions related to IoT.

In its comments, the ACM U.S. Public Policy Council recommended the following:

Privacy and Security Are Complementary
Policy and implementation approaches should advance and support the complementary relationship between privacy and security. The Department should promote the inclusion of privacy concerns and security at all stages of the life cycle, from conception through development to deployment. Further, privacy and security must be similarly embedded into associated processes. This will help prevent major systemic mistakes in IoT devices and sensors and minimize the risks of difficult and costly retrofitting. This needs to occur sooner rather than later due to the rapid proliferation of IoT devices and sensors in the environment.

Lightweight Cryptography
Innovations in lightweight cryptography and cryptographic coprocessors could lessen the challenges of encryption on IoT devices with limited computational and energy resources. ACM regularly publishes cutting-edge research, tutorials, and analysis from its conferences and members with expertise in solutions for resource-limited IoT devices.

Data-Driven Technologies and Algorithmic Capabilities
Several stakeholders provided earlier comments about challenges related to data-driven decisions. To build on this point, the Department should address the use of algorithms in data-driven decisions. Algorithmic capability is especially valuable in areas rich with recorded information, yet it also can result in harmful or unintended consequences. The ACM U.S. Public Policy Council issued guidance on how to prevent harmful algorithmic bias in January 2017 and continues to work on the related policy issues.

Privacy and Security Risks of Abandoned and Discarded IoT Technology
The Department should consider the privacy and security risks associated with IoT devices and sensors that are discarded, orphaned, damaged, or nonfunctioning. These devices and sensors may pose threats to new or existing IoT components.

A trustworthy IoT environment is a main foundation in approaches to grow the IoT ecosystem. Trustworthiness spans hardware, software, operating systems, applications, compilers, network protocols, cryptography, and human interfaces.

Promoting Standards and Technology Advancement
The U.S. government should continue its actions to advance global IoT interoperability and to encourage the growth and innovation of IoT while protecting privacy, security, and intellectual property.

Read the full text.

About the ACM U.S. Public Policy Council

These comments were developed by the ACM U.S. Public Policy Council (USACM), which serves as the focal point for ACM’s interaction with the U.S. government on U.S. public policies related to information technology. The membership of the ACM U.S. Public Policy Council is comprised of computer scientists, educators, researchers, and other technology professionals. ACM U.S. Public Policy Council comments and statements represent the views of the Council and do not necessarily represent the views of the Association.