Do We Need Privacy And CyberSecurity Ratings For Technology Consumer Goods? | The Cyber Society

By Marco Ciappelli & Sean Martin

Guests: Julie Haney and Naomi Lefkovitz, NIST

Do We Need Privacy And CyberSecurity Rating For Technology Consumer Goods?

Well, as Sean clearly states in this podcast, he really likes food; therefore, it was inevitable that one of these days, we would end up having a conversation about the need for labeling technology consumer products.

Wait. What?

Stay with me, I do have a point.

As we all know, some people seem to not care about the level of security and privacy of the electronic gadgets they buy. As long as these things blink, are fun, bring next-gen tech, and are connected to the Internet, “everything goes.” Some others—thankfully a growing number—do actually care, at varying levels, and for different reasons, but they do care.

“In an ideal world, the users shouldn’t worry about cybersecurity and privacy!!!”

This is what many cybersecurity professionals and evangelists like to say. In all honesty, I am kinda tired of hearing this; as you have probably noticed, we do not live in such a world. While I do appreciate their idealistic commitment and passion, we need to be pragmatic, and good intentions are not going to drastically change things any time soon. Grandpa used to tell me that the way to Hell is paved with that stuff.

So, until that day comes, the consumer has the right to know what they put in their home, their body, connect to their Wi-Fi, and use in their daily life. No, they do not need to be programmers, hackers, nor engineers to be able to figure out what level of security and privacy those devices have, and if there is two damn things that they really shouldn’t worry about: 1) changing a default Login and password from “admin” | “admin,” or, 2) opting out from some privacy-sucking default settings.

Sure, those that do not care at all will keep ignoring the warnings and plug 35 Christmas light strands into the same outlet. Some will be technically savvy enough that they will want to study a manual — that is, if they can find such a thing anymore. Everyone else should be able to find and read a label that gives them an idea about what kind of device they are dealing with, decide to buy or not, and use it as they please.

Of course, we are not talking about some self-proclaimed military-grade quality here. We are talking about non-GMO, FDA Organic, ingredient lists, with calories, sugars, fats, and such.

Food, I told you we were going to get there. Sean loves food.

How many grams of privacy do I gain—or lose—from the daily use of a gadget?

How about cybersecurity? Is it even covering half of what a family this size should intake every day?

In a society that lives with technology, we must empower the consumer to make the right choice. Now, who is in charge of validating and certifying those claims is a conversation we must have. And, as a matter of fact, we are having it. Right now. In this podcast.

We invited two guests from NIST to help us to figure things out: Julie Haney and Naomi Lefkowitz.

We believe that the key is to decide what will be necessary for people to know what’s going on with their devices—with their data—without ending up doing something overwhelming and not simple to understand so that people can actually get used to it and make decisions. We think it will work. We believe it will be a positive step forward.

What do you think?

Listen up and let us know.

Note: This recap includes some valuable resources mentioned during this conversation—be sure to review them in the podcast recap here:
https://itspmagazine.com/cyber-society-posts/do-we-need-privacy-ratings-for-consumer-goods-a-conversation-with-julie-haney-and-naomi-lefkovitz
_________________________________________

For more Podcasts from The Cyber Society:
https://www.itspmagazine.com/the-cyber-society

Interested in sponsoring an ITSPmagazine column or talk show? Visit: https://www.itspmagazine.com/talk-show-sponsorships