Partner Dana B. Rosenfeld discusses best practices for the ever-changing digital landscape in The Cyber Security Law Report article, “Designing Privacy Policies for Products in the Internet of Things.” Dana shared conventional ways individuals and companies can maintain privacy, however as technology evolves, consumers and regulators must walk a fine line to find balance between privacy and convenience.

Dana elaborates on common difficulties companies face in obtaining user consent in the Internet of Things (IOT), as well as obstacles in designing IOT products. “The FTC has recognized there is no one-size-fits-all approach and there are flexible ways to provide this information to consumers,” “So often it comes down to what types of information you’re collecting, whether consumers would expect the device or your company to collect that information, and whether the information is being used in a way that makes sense based on the purpose or functionality of the device.”

When drafting policies for IOT products, Dana recommends consumers and companies view the FTC staff report and related enforcement documents. While it may be difficult for companies to review more than 100 privacy and security-related enforcement actions, the FTC provides guidance in documents that are helpful in the initial stages.

Cybersecurity Law Report Interviews Dana B. Rosenfeld on Privacy Policies for Products and Devices in the Internet of Things