ACM Public Policy Groups Release Guidance on Internet of Things Privacy and Security
The ACM U.S. Public Policy Council and the ACM Europe Council Policy Committee jointly released a Statement on Internet of Things Privacy and Security addressing existing and expected privacy and security concerns in the Internet of Things ecosystem. IoT is catalyzing new applications and opportunities for society. The benefits to productivity and efficiency are unprecedented. The growing dependence on IoT components makes the reach and impact of the technology unparalleled.
At the same time, the IoT ecosystem, characterized by the pervasiveness and the diversity of its components, raises unique privacy and security concerns. The implications for physical safety and the threat of unexpected risks enhance the need for appropriate privacy and security protections of IoT components. Advancements in predictive analytics and algorithms that facilitate large-scale collection, use, analysis, and sharing of user data amplify these concerns.
The principles embodied in the Statement on Internet of Things Privacy and Security propose policy and technical approaches to tackle emerging privacy and security challenges while ensuring that the technology continues to move forward. The Statement on IoT Privacy and Security highlights the complementary nature of privacy and security and the importance of addressing IoT privacy and security throughout the entire lifecycle of a product.
The statement is guided by the belief that a variety of stakeholders – including government officials, academia, industry, nonprofits, technical experts, and consumer advocates – need to jointly address the challenges brought on by the large-scale nature and reach of IoT. The statement calls for coordinated efforts among stakeholders, including internationally, as many of these issues will cross borders. The statement raises the importance of educating consumers. Transparency and consumer empowerment are integral to promoting consumer trust and safety.
“These principles seek to address and avoid problems at their source,” said Stuart Shapiro, Chair of the ACM U.S. Public Policy Council. “With the ubiquity of IoT, retrofitting is not always a possibility, and, when it is, it can be difficult and costly.”
Fabrizio Gagliardi, Chair of the ACM Europe Council Policy Committee, added that the global nature of IoT calls for an international strategy. “IoT issues cross borders and international coordination is necessary,” said Gagliardi. “The privacy and security of the IoT ecosystem is an important topic for computing experts globally. The Statement on IoT Privacy and Security provides solid guidance for policymakers in the United States and in Europe.”
The Statement on Internet of Things Privacy and Security will serve as foundation for a forthcoming Policy White Paper on IoT.
About the ACM US Public Policy Council
The ACM U.S. Public Policy Council serves as the focal point for ACM’s interaction with the U.S. government in matters of U.S. public policy related to information technology. ACM U.S. Public Policy Council statements represent the views of the Council and do not necessarily represent the views of the Association.
The ACM Europe Council Policy Committee is a standing committee of the ACM Europe Council. It serves as the focal point for ACM’s interactions with governmental bodies in Europe, the computing community, and the public in matters of European public policy related to computing and technology. ACM Europe Council Policy Committee statements represent the views of the Committee and do not necessarily represent the views of the Association.