Raising The Standard

The Open Technology Institute’s "Raising the Standard" project educates stakeholders about the importance of including digital security and privacy best practices in all network-connected products through the adoption of the Digital Standard. OTI’s goal for the Raising the Standard project is to educate and facilitate a dialogue among all stakeholders in order to gain feedback on how the Standard can be improved to both protect consumer safety and promote innovation in the industry.

Issue Briefs

OTI has put together issue briefs on the eight key themes that make up the privacy and security components of the Digital Standard. Download each issue brief to learn more about the relevant tests and why companies should care about these issues.

Why Should Companies Care About IoT Privacy and Security ?

The Digital Standard is an ambitious, open, and collaborative effort to create a digital privacy and security standard to help guide the future design of consumer software, digital platforms and services, and internet-connected products. Why does the market need this? Take a look at these numbers.

RTS - Companies

Encryption

Encryption is a fundamental building block of privacy and security online. It is used in a multitude of ways in order to secure networks, authenticate users, and conduct commerce online.

RTS - Encryption

Passwords

Passwords can often be the only obstacle to a hacker gaining control of a system or device. However, the ways in which companies create passwords for devices, and the ways in which consumers manage them, leaves many devices susceptible to attack. Whether through passwords that are too basic or through default passwords that are never changed, a badly managed password can be an invitation for hackers. Password best practices are easy to implement and vitally important for preserving the privacy and security of internet-connected devices.

RTS - Passwords

Terms of Service

A product’s terms of service (ToS) are an important component of its digital security and a valuable tool for companies that want to ensure the health, safety, and security of their products and users. They allow companies to clearly lay out data and information management practices and provide regular notifications to customers when these practices change.

RTS - Terms of Service

Threat Notification

After a customer’s private information is exposed, companies need to have appropriate protocols in place to notify their customers, mitigate the damage, and begin to rebuild their customers’ trust. A clearly thought out threat notification policy is an important component of the Digital Standard and is a critical factor in evaluating the privacy and security of consumer devices.

RTS - Threat Notification

Transparency

A transparency report is a publicly available report, issued by a service provider, that discloses information related to policies and practices that impact user data privacy and security. Although companies are not legally required to issue transparency reports, they have become a valuable tool for highlighting how companies share user data with governments and third parties, and for evaluating privacy and security practices.

RTS - Transparency

User Data

Companies behind Internet of Things products must earn the trust of consumers by proving that they are doing whatever it takes to protect their private data. From ensuring that data collection, retention, and protection practices are sound to transparently disclosing these procedures, companies need to embrace these key privacy and security best practices. For that reason, indicators related to user data are some of the most detailed sections of the Digital Standard.

RTS - User Data

Vulnerabilities

Vulnerabilities are weaknesses in software and hardware that enable an attacker to compromise the integrity, availability, or confidentiality of the software, putting users and networks at risk.

RTS - Vulnerabilities

Events

Video

People

AWilson_thumb

Andi Wilson Thompson is a policy analyst at New America’s Open Technology Institute where she focuses on issues including vulnerabilities equities, encryption, surveillance, and internet freedom.





Schulman_thumb

Ross Schulman is a senior counsel and senior policy technologist at New America’s Open Technology Institute, where he focuses on internet measurement, emerging technologies, surveillance, and decentralization.




Graphic Design by Sarah Dale.