The Policy Toolkit on IoT Security and Privacy is a practical resource for policymakers and regulators to strengthen the security and privacy of IoT systems to protect individuals, businesses and governments.
Many of the actions that are needed must be taken by IoT manufacturers and service providers. But these entities may not have the expertise or incentives to incorporate security, privacy and data protection in IoT devices and services. Meanwhile, many consumers still lack awareness about the risks posed by IoT, and how to protect themselves and others.
There is a critical need for the public sector to lead, guide and support the adoption of security and privacy standards, and of best practices in IoT. Governments can facilitate a collaborative approach to tackling these challenges by engaging with the IoT industry and industry associations, the technical community, academic institutions, consumer protection organisations, and other stakeholders within and across national borders.
This toolkit is based on the following references from the Internet Society:
- Online Trust Alliance (OTA), IoT Security & Privacy Trust Framework
- IoT Security for Policymakers, April 2018
- IoT Privacy for Policymakers, September 2019
- The Economics of the Security of Consumer-Grade IoT Products and Services, April 2019
