Get the lowest-cost and the best server colocation service in the business. Learn more.
Information Technology News.

FTC supports the concept of giving the public access to the source code

Share on Twitter.

Get the best SMTP service for your business. Guaranteed or your money back.

January 26, 2016

It's reported today that FTC Commissioner Terrell McSweeny fully supports the concept of offering the public access to the source code to their devices to ensure better security and privacy in the era of the internet of things (IoT).

The idea is that obvious nasty bugs and poor security mechanisms can be quickly spotted and either fixed or the item stays on the store shelf.

Speaking at the 'State of the Net Conference' in Washington D.C. yesterday, McSweeny noted that the FTC was looking closely at the proliferation of connected devices that gather and store highly personal information on millions of Americans.

"It's not just federal trade commissioners that are concerned about this, consumers are as well," she noted, adding that the FTC is deeply worried about the security practices of many in the industry.

McSweeny was asked whether citizens should be able to look at the source code of products that they purchase. She thought it might be a good idea.

"The ability to take a look at some of these things is really important," she noted. And she highlighted the vital role that white hat security researchers play in highlighting security issues-– something that is very valuable to people.

While noting she was talking in her individual capacity, as opposed to an official position of the FTC, she highlighted the fact that the regulator was building its own in-house capacity to dig into products to assess their security and privacy.

She added she could see a new market of consumer facing tools that would let people know whether their wishes for privacy were being observed as they move around a physical world packed with thousands of connected devices.

McSweeny also stepped into the ongoing debate over encryption and various backdoors on devices. Speaking just moments after assistant attorney general Leslie Caldwell had given a keynote arguing what it was vital that law enforcement be able to access electronic information, McSweeney took the opposite view and said she was opposed to backdoor being introduced or mandated because of the risk to consumer privacy.

Caldwell told the conference "there really aren’t any more physical paper trails for us to follow, there are only virtual ones" and said that she hadn't seen a single case in the past eight years, except for the most basic cases, in which electronic data wasn't a component.

The ability to access electronic material was in a timely manner was essential, she argued, but that it was becoming "more and more difficult to obtain data even when we have court orders to do so".

She also noted that there are "very real physical threats" and that without access to emails, instant messages and so on, it creates obstacles "that can and do stop our investigations in their tracks".

The ability to access encrypted information was a "public need", she argued. But McSweeny also pointed out that while she was "not burdened by looking at intelligence information" that from consumer protection point of view "we have to very, very careful in undermining that security".

Both Caldwell and McSweeny both agree that electronic devices are being used more and more to store every more personal information and in-depth material about ourselves.

Except from Caldwell's perspective, encryption means that information becomes inaccessible and from McSweeney's point of view it means the damage of that information being accessed is significantly greater.

Source: The U.S. Federal Trade Commission.

Get the best SMTP service for your business. Guaranteed or your money back.

Share on Twitter.

IT News Archives | Site Search | Advertise on IT Direction | Contact | Home

All logos, trade marks or service marks on this site are the property of their respective owners.

Sponsored by Sure Mail™, Avantex and
by Montreal Server Colocation.

       © IT Direction. All rights reserved.