Presentation is loading. Please wait.

Presentation is loading. Please wait.

Consumer Empowerment through Education

Published byMorgan Young Modified over 6 years ago

Similar presentations

Presentation on theme: "Consumer Empowerment through Education"— Presentation transcript:

1 Consumer Empowerment through Education
For Discussion Canadian Multistakeholder Process - Enhancing IOT Security: Consumer Empowerment through Education September 2018

2 Introduction On August 15th, the Consumer Education & Awareness WG agreed at its first virtual meeting to start working on drafting key messages that the initiative could endorse as key components to make an effective education or outreach program. Key messages are to be grouped within three categories - privacy, security, functionality1; and across three verticals - before purchasing, after purchased, at problem. These messages will then be assessed to ensure they address the devices and audiences most vulnerable to IOT privacy and security risks, while still encouraging IOT adoption. Preliminary views are to limit the scope of messages to household and business devices as a starting point for this WG (instead of AVs or SCs). The objectives of this meeting is to: 1) leverage expertise to identify messages and gaps; and 2) provide an initial assessment and consolidation of the list of draft messages. 1. Technological Protection Measures (TPM): contracts and copyrights (i.e. Digital Rights Management (DRM), restrictions on resale, repair and interoperability)

3 Draft IOT Consumers Education & Awareness Framework
Categories Stages Before Purchasing After Purchasing At Problem Potential themes for Key Messages Privacy Read privacy information before purchasing. Understand meaningful consent. Check whether it is possible to not provide some information and still use the product as intended. Learn about the privacy settings in your browser and keep it up to date. Let the manufacturer know if you are not comfortable with your information being shared. Remove all your personal information Before disposing of your connected device. OPC Security What are the security measures put in place by the company? (i.e. will communications between the connected device and my phone be encrypted? Investigate the level of security provided with the IOT device. Ask about the availability and duration of security upgrades and patches, etc. Create a guest WiFi network just for IOT devices to keep them separate from your computers and other more secure devices. Ensure the network is password protected — and choose WAP2 when prompted. Change the default password on the device. Make sure your passwords are strong and don’t re-use the same password across multiple devices or services. Ensure your home network is secured, for example, with virus protection and firewalls. update the computer program that runs the device (known as the firmware) if you receive a notification do to so. _ Functionality Copyrights: Are there TPMs on the software that will limit how the consumer can use the device, e.g. limit their ability to tinker with it or to ensure interoperability? Will software updates be available free of charge? Are there restrictions on consumers’ ability to use services of a third party to repair the device? Is the software part of a closed ecosystem that will not function with the software in other IOT devices? Contracts: What are the policies with respect to returns, refunds and exchanges? Does the device/software come with a manufactures warranty? If so, for how long? Does the warranty cover software? Does the company offer post-sale customer support? Is the IOT product functional without internet connectivity? Provinces

4 Tips to Protect Privacy
OPC Tips to Protect Privacy Sources:

5 PSC Cyber Safe Toolkit Sources:

6 PSC Cyber Safe Tip Sheet Sources:

7 Considerations Discussions on these issues are still ongoing (e.g., via ISED Digital and Data Consultations) and key stakeholders such as provinces will need to weigh in. There is some overlap with respect to consumer issues that are raised via copyright policy versus contract law. Most of the issues raised in the copyright one-pager (e.g. TPMs limiting functionality of device; availability and cost of software upgrades; restrictions on ability of consumer’s to use a third party to repair the device) are also relevant to contact law. 1. Technological Protection Measures (TPM): contracts and copyrights (i.e. Digital Rights Management (DRM), restrictions on resale, repair and interoperability)

8 Participation & Questions Welcome!

Download ppt "Consumer Empowerment through Education"

Similar presentations

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
JEFF WILLIAMS INFORMATION SECURITY OFFICER CALIFORNIA STATE UNIVERSITY, SACRAMENTO Payment Card Industry Data Security Standard (PCI DSS) Compliance.

JEFF WILLIAMS INFORMATION SECURITY OFFICER CALIFORNIA STATE UNIVERSITY, SACRAMENTO Payment Card Industry Data Security Standard (PCI DSS) Compliance.
Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.

Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.
Information Security Information Technology and Computing Services Information Technology and Computing Services

Information Security Information Technology and Computing Services Information Technology and Computing Services
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.

MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.

 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.
PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, 2014 -WITH THANKS TO.

PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.
HIT Policy Committee Privacy & Security Workgroup Update Deven McGraw Center for Democracy & Technology Rachel Block Office of Health Information Technology.

HIT Policy Committee Privacy & Security Workgroup Update Deven McGraw Center for Democracy & Technology Rachel Block Office of Health Information Technology.
The Internet of Things and Consumer Protection

The Internet of Things and Consumer Protection
@ BCHS. The School Policy is your guide to ensuring you and your students are safe. It is your responsibility to make yourself aware and familiar with.

@ BCHS. The School Policy is your guide to ensuring you and your students are safe. It is your responsibility to make yourself aware and familiar with.
Introduction: Introduction: As technology advances, we have cheaper and easier ways to stay connected to the world around us. We are able to order almost.

Introduction: Introduction: As technology advances, we have cheaper and easier ways to stay connected to the world around us. We are able to order almost.
Blogs How to use the bog safely and secure? Create new username. Create a strong password to your account. Create the password to your uploaded files.

Blogs How to use the bog safely and secure? Create new username. Create a strong password to your account. Create the password to your uploaded files.
Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.

Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.
Dial 1800-251-4919 For Netgear Router Support and Help Phone Number.

Dial For Netgear Router Support and Help Phone Number.
Visibook is instant, simple, and dynamic appointment booking We're headquartered in San Francisco, California Visibook is awesome. My entire studio was.

Visibook is instant, simple, and dynamic appointment booking We're headquartered in San Francisco, California "Visibook is awesome. My entire studio was.
Surf smart training.

Surf smart training.
Technology Audit Brandon Hall.

Technology Audit Brandon Hall.
Managing Windows Security

Managing Windows Security
Chapter 5 Electronic Commerce | Security Threats - Solution

Chapter 5 Electronic Commerce | Security Threats - Solution

Similar presentations

Ads by Google