This inquiry follows a week after Senator Mark Warner’s (D-VA) request to FTC Chairwoman Edith Ramirez that the FTC work with members of Congress to identify ways to better protect children in the era of connected toys. Warner writes that the Children’s Online Privacy Protection Act was enacted in 1998 and may not have contemplated today’s evolving market of smart toys, for example, those connected devices that record children’s conversations and upload them to the cloud for all to hear and for hackers to exploit. The recent proliferation of these connected toys, Warner states, makes congressional efforts to protect children’s data “even more imperative.”
These congressional inquiries underscore potentially serious privacy concerns in the evolving market of connected toys and augmented reality. Since the publication of its January 2015 IoT Report, the FTC has encouraged companies to take three key steps in order to build consumer trust in IoT devices: (i) adopt “security by design”; (ii) engage in data minimization; and (iii) increase transparency and provide consumers with notice and choice for unexpected data uses. The FTC recently stated its belief that IoT-specific federal legislation is not warranted at this time, and the FTC will continue to rely on its Section 5 authority to ensure companies do not engage in unfair or deceptive privacy and data security practices.
For more guidance, see our Mashable article, “Navigating the Legal Pitfalls of Augmented Reality.”