The proposed labels overcome a common IoT problem: People cannot find information about the privacy and security practices of devices at the moment of purchase,
Researchers at Carnegie Mellon University’s CyLab have proposed “nutritional labels” for the Internet of Things devices.
The labels, printed on the back of a product’s box, would inform customers on data practices, security mechanisms, and country of manufacture.
SEE ALSO: IoT Market Remains Fragmented, With Hundreds of Choices
Activating a QR code on the back would provide customers with more information about the device. In total, the label displays 47 pieces of information on privacy and security.
“Survey results show that the vast majority of people are concerned about the security and privacy practices of devices, so we need to provide them with this information,” said CyLab’s Pardis Emami-Naeini, the study’s lead author. “The display of this information should be concise and understandable, akin to a nutrition label on food products.”
IoT devices have been in the news regularly for snooping on users, sending data to unauthorized third parties, or getting hacked.
Lawmakers are beginning to push for better security and privacy, through the Cyber Shield Act and California Consumer Privacy Act, but pre-purchase a customer is still regularly making an uninformed choice on what IoT device has the best practices.
“People cannot find information about the privacy and security practices of devices at the moment of purchase,” said Emami-Naeini.
The team is in talks with manufacturers to adopt the labeling system. However, it will most likely take a law or a collective decision by major manufacturers before we see labels on most devices.
Amazon, Google, and TV manufacturers have all been accused of spying and selling data to third parties as well, so don’t expect them to adopt the labels willingly.