GPEN

September 2016

You can’t Spell Idiot Without IoT

Results of the 4th annual privacy sweep are in. Some 25 authorities participated in the 2016 IoT sweep, examining 314 different devices globally, including wellness devices, thermostats, smart TVs, connected toys, and many others. Global highlights include:
• 59% of devices failed to provide adequate privacy notice
• 48% failed to disclose third-party data sharing
• 38% provided no privacy contacts
• 68% failed to inform users how information was protected
• 72% failed to explain how users could delete their data
https://www.lda.bayern.de/media/pm2016_06_anhang.pdf
jbho: The GPEN hasn’t yet put together any comprehensive reports on any of its sweep results, but the various DPAs share nuggets here and there. The best summaries are usually put out by the Office of the Privacy Commissioner of Canada (OPC). This time, they provided a nice review, along with tips and hints, on their blog at http://blog.priv.gc.ca/index.php/2016/09/22/how-fit-is-your-gadget-putting-web-connected-healthwellness-devices-through-their-privacy-paces/

In case you forgot, GPEN is a network of approximately 50 privacy enforcement authorities from around the world, including the FTC and FCC.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s