new laws may be required to secure personal data in the internet of things

60% of digital businesses will be disrupted by a cyber attack
Scan your website for SQLi, XSS, & 4500+ additional vulnerabilities with Netsparker. Eliminate false-positives with our Proof-Based Scanning™ technology. Learn more!

No knows for sure how many “things” are connected to the Internet, but the Federal Trade Commission reported last year that it was more than 8 billion, and that it would exceed 20 billion by the end of 2020! Astonishing as it seems, it turns out that U.S. privacy laws do not apply to all of those devices and the data they collect.

So, for the third time in three years, the Senate has proposed a new law, the Internet of Things Cybersecurity Improvement Act of 2019, which actually would apply to IoT products — but only those purchased by the U.S. government. It seems that the FTC’s approach to IoT data privacy is “put on your own mask first before helping those around you.”

What seems really unbelievable is that Internet-connected things communicate enormous volumes of data from our cellphones, watches, health devices, televisions, door bells, security cameras…well you get it, virtually everything is connected to the Internet in 2019. Should we feel that our privacy is properly protected? We would like to think so.

For instance, everyone relies on maps on their cell devices to know which routes to drive to work or home, or to explore a new town. We know that when the maps show a green road we can safely assume there is no traffic, while yellow indicates traffic is slow, and red means traffic is not moving.

However, most people do not stop to think about how the data is acquired. It comes from the cellphones in the vehicles on those roadways. How? Well, remember when you clicked that “allow access” button that popped up on your map application? You essentially consented to sharing your personal data. Either we are unaware of what “allowing access” means, or we do not really care.

What Did Brittany Say?

In 2018, Brittany Kasier, cofounder of the Digital Asset Trade Association, made the Cambridge Analytica revelation that much of the information people assume is private actually is provided freely to social media, apps on mobile devices, and online e-commerce companies. Brittany highlighted the fact that most of us are not really aware of what data we are sharing — voluntarily or otherwise — or how that data is being stored and used.

Brittany also pointed out that the popularization of big data relates to IoT, social media and mobile devices, and…