Three Steps Everyone Can Take to Protect Privacy in the IoT

by Larry Ponemon

Privacy is the top concern people have when it comes to the Internet of Things (IoT).

That’s the finding of a recent survey that questioned more than 5,200 mobile users in eight countries. It found that 62 percent of people are concerned about privacy in the IoT. Security was the second biggest concern, cited by 54 percent of people.[2]

Sadly, these concerns are very much grounded in reality, as all devices connected to the Internet run the risk of being hacked.

Consider the story of the parents who woke up in the middle of the night to a man yelling at their infant daughter through an Internet-connected baby monitor. The man had apparently hacked into the device.[3]

Security service provider Proofpoint also uncovered a cyberattack in which 100,000 household devices were compromised and used to send out malicious emails. The devices included routers, TVs, multi-media centers – and even a refrigerator.[4]

While these incidents are often attributed to cyberattacks, they can stem from low-tech threats, such as when someone gathers the username and password for a device through visual hacking. This is the viewing or capturing of sensitive information for unauthorized use – perhaps by observing a computer screen as someone enters their credentials.

3 Easy Steps
A few basic measures can go a long way in protecting the privacy and the security of your information when using IoT devices.

  1. Better Manage Passwords: The default passwords provided for devices are often simple, making them easy to hack. Replace them with a custom and more complex password. Also, don’t use the same password across multiple devices or apps. If you’re worried about memorizing multiple passwords, rely on long phrases, as they can take longer to hack than short, complex passwords.
  1. Improve Awareness: Think about how you use an ATM. If you’re like most people, you have at least some awareness about your surroundings or potential onlookers when entering your PIN or withdrawing cash.

Now, think about how you use your smartphone in public places. Do you have the same level of awareness? If not, you should, given that your smartphone can likely access that same bank account if not also your home, health records, work and personal email, and more.

Make a point to be more aware of your surroundings when using personal devices to access IoT devices. Especially when accessing sensitive payment or account information, make sure your device screen is not exposed to potential onlookers.

  1. Use Privacy Products: Privacy Filters and Screens blacken out the side angled view of onlookers to help protect information displayed on a device screen. They are increasingly considered a security best practice for businesses organizations, and you should strongly consider using them for your personal devices – especially those that are used outside the secure confines of your home or office.

Privacy Filters and Screens are available for laptops and mobile devices, and provide the added benefit of helping protect screens against scratches and other damage.

Family Shot_121415_NewMonitorNewAntiGlareTablet copy

3M privacy filters and screens blacken out the side angled view of onlookers to help protect information displayed on a device screen.

Own the Privacy Burden
The U.S. Federal Trade Commission (FTC) released a report last year that said IoT-specific legislation would be premature at this time because the industry is still in its early stages.[5] As a result, the responsibility to secure IoT devices will continue to fall on the device makers themselves for the foreseeable future.

But that’s a lot of responsibility given the number of consumer IoT devices is expected to grow from 3 billion in 2015 to a staggering 13.5 billion in 2020.[6] Truly protecting your privacy in the IoT will require taking initiative beyond the default security included in most devices and taking ownership of the privacy burden yourself.

Dr. Larry Ponemon is the chairman and founder of Ponemon Institute, a research “think tank” dedicated to advancing privacy and data protection practices. Dr. Ponemon is also the chairman of the 3M-sponsored Visual Privacy Advisory Council.[1]


[1] He receives compensation from 3M in connection with his participation on the Visual Privacy Advisory Council.

[2] The Impact of Trust on IoT, Mobile Ecosystem Forum, 2016

[3] Hacker hijacks baby monitor, Fox 19, April 22, 2014

[4] Proofpoint Uncovers Internet of Things (IoT) Cyberattack, Proofpoint, Jan. 16, 2014

[5] Internet of Things: Privacy & Security in a Connected World, FTC, January 2015

[6] Gartner Says 6.4 Billion Connected “Things” Will Be in Use in 2016, Up 30 Percent From 2015, Gartner, Nov. 10, 2015



IoT Innovator Newsletter

Get the latest updates and industry news in your inbox! Enter your email address and name below to be the first to know.