The IoT Trust Label: Benefits and Challenges to Implementation
Roland AtouiRoland Atoui
The current regulatory framework in the IoT space is weak, at best. It's partly because the industry is still experiencing growing pains. On one hand, there is an exceptional flourishing in demand for connected devices across B2B and B2C sectors. Gartner estimates that by 2020 there will be 20-50 billion connected gadgets in regular use, which is undoubtedly a conservative estimate. The fact is: IoT products represent a substantial potential market for IoT manufacturers.
The race is on to develop standards for trust, privacy, and end-to-end security for a range of IoT products that promise to fuse the digital and the physical like never before.
On the other hand, the increasing number of connected devices poses a unique security threat. As IT experts are well aware, anything connected to the internet doubles as a current platform for bad actors to target. The race is on to develop standards for trust, privacy, and end-to-end security for a range of products that promise to fuse the digital and the physical like never before.
In acknowledging the apparent risks, the European Commission is looking into the possibility of creating an IoT "Trust Label" to strengthen IoT security and end-to-end personal data protection. However, exploring the merits of a trusted label raise many questions that remain unanswered.
A trusted label is a mark that is supposed to "provide to consumers of IoT products information about the products' level of security and privacy. Such a "Trust Label" could be similar to the labeling system used today to indicate energy-efficiency of various appliances across the EU".
Benefits of a trust label include:
Cybersecurity is not static, nor is it easy to prescribe. Bad actors are always adapting their approach to undermine innovations made in hardware capacity, network integrity, and data processing and connectivity. Each market has its own set of challenges, and the solutions are never apparent from the outset.
Implementing a trust label runs the risk of oversimplifying the cyber threats to consumers by giving them a false sense of security in products that may have a label but are no longer equipped to offer end-user protection. To successfully deal with these concerns, a trust label must be:
Another challenge inherent in setting a trust label in the IoT space is the fact that few if any, objective standards are being arranged. Each industry has its problems, both from a hardware perspective and an end-user perspective, and trust labels need to reflect these differences.
In looking to set the groundwork for a more in-depth discussion in the healthcare app industry, the US Federal Trade Commission has put forward a list of best practices to inform developers and businesses looking to improve their data security strategy. There are essential questions about authentication and data sorting – and new solutions offered.
For trust labels to gain traction in B2B or B2C interactions, best practice guides similar to the one published by the FTC need to be crafted.
Given the lack of regulatory standards in IoT, setting forth trust labels for each industry is an important goal shared between governments, product manufacturers, business leaders, and consumers. Finding a way to overcome industry-unique challenges for certification without compromising on competitiveness and innovation is the primary challenge facing the IoT industry today.
The Most Comprehensive IoT Newsletter for Enterprises
Showcasing the highest-quality content, resources, news, and insights from the world of the Internet of Things. Subscribe to remain informed and up-to-date.
New Podcast Episode
Recent Articles