Regulators should be able to compel manufacturers to follow standards for privacy and security when designing Internet of Things (IoT) devices, in a similar way that regulators mandate that electrical safety standards are followed. This is important for consumers, because IoT devices collect so much data about a person and their surroundings and privacy considerations are poor at present.
European Union: A working group of European data protection regulators have published an opinion (PDF) on the privacy risks of IoT and how the current data protection framework in the EU can be applied in their context.
United States: The Federal Trade Commission have released a report (PDF) into IoT and possible regulation. It states that it may be too early to do so, as the industry is still in its infancy, but general data protection legislation should be strengthened.
David Wheeler has written about policy interventions for digital security that could apply to Internet of Things devices.
Range of devices is so broad that it’s difficult to audit them consistently.
Regulatory overhead prevents small companies from launching products.