Abstract:
The current set of reactive regulatory agencies, legal protections, and market forces have proven inadequate for managing the security and privacy of the Internet of Thin...Show MoreMetadata
Abstract:
The current set of reactive regulatory agencies, legal protections, and market forces have proven inadequate for managing the security and privacy of the Internet of Things (IoT). Given the ubiquitous nature of IoT devices, current cybersecurity and privacy laws fail to enforce the protections of the data of vulnerable populations. The most vulnerable of these users are children, who are at the most significant risk of harm and least adequately protected by the current regime of controls for devices such as smart toys. In this paper, we review the currently existing regulatory and legal controls related to IoT devices while giving a brief overview of privacy & security policies that govern the data access, retention, and usage policies of children's smart toys. We detail the impact of such security and privacy vulnerabilities by conducting three case studies on IoT smart toys, including FisherPrice's SmartBear, Spiral Toys CloudPet Unicorn, and Owl's SmartWatch. Finally, we establish reasons for the complete restructuring of the responsibilities, requirements, and proactive options for implementing cybersecurity rules by IoT device manufacturers.
Date of Conference: 22-24 June 2022
Date Added to IEEE Xplore: 26 September 2022
ISBN Information: