FTC v. D-Link Systems and The Internet of Things

Thomson Reuters
6 minute read | October.08.2018

As businesses expand the availability of internet-connected devices, Orrick attorney Elizabeth McGinn and Jay Williams addressed the Federal Trade Commission’s role in regulating and enforcing “internet of things” device security to protect consumers’ data.

Businesses are selling consumers an increasing number of “internet of things” devices that connect directly to the internet against a backdrop of limited regulation, including wireless routers, video-enabled baby cameras and daily step trackers.

The Federal Trade Commission has taken notice and, to further its consumer protection mission, has undertaken efforts to compel businesses selling IoT products to enhance security and protect consumer data from unauthorized access.

The FTC’s approach has been twofold. First, it has worked to foster a commitment among businesses to provide consumers with more secure devices as a best practice by publishing guidelines and working to educate businesses about data security. Second, it has positioned itself as a protector of consumer privacy on the IoT by bringing enforcement actions against businesses it views as providing their customers insufficient data protection.