Federal Trade Commission Report on product support for smart devices raises key issues for data security
December 10, 2024
A fairly to update programs and install patches provided by the suppliers is a common way hackers can access websites and smart devices. In those cases the breach is caused by the negligence of the owner of the website or smart device who fails to update. But what if the supplier fails to provide support after a time? With time the program or smart device will become more and more vulnerable to cyber attacks not to mention potentially losing functionality. It is a ubiquitous problem. The Federal Trade Commission has considered it with its report released under a cover of a media release titled Smart Products Surveyed Fail to Provide Consumers with Information on How Long Companies will Provide Software Updates.
The FTC media release provides:
A new paper from Federal Trade Commission staff finds that nearly 89% of products surveyed failed to disclose on their websites how long the products would receive software updates, which help ensure the devices are protected against security threats and operate properly.
FTC staff from the agency’s East Central Regional Office looked for information about 184 different “smart” products—ranging from hearing aids to security cameras to door locks—about how long companies would provide updates for those products. If the manufacturer stops providing software updates, these products may lose their “smart” functionality, become insecure or stop working, according to the FTC Staff Perspective.
“Consumers stand to lose a lot of money if their smart products stop delivering the features they want,” said Samuel Levine, Director of the FTC’s Bureau of Consumer Protection. “Our study shows that nearly 89% of manufacturers of products we examined failed to post this information prominently or make it readily available. When shopping for smart devices, consumers should ask questions and consider how long their product will last.”
Staff reviewed the manufacturer’s product webpages, where consumers might look for detailed information about a connected device, and found 161 of the products surveyed failed to provide information about the support duration or end date. Staff also conducted basic internet searches to determine if consumers could track down support duration and end dates for the smart devices surveyed. Those searches did not uncover support information for two-thirds (124) of the devices surveyed.
The staff paper noted that manufacturers’ failure to inform prospective purchasers about the duration of software updates for products sold with written warranties may violate the Magnuson Moss Warranty Act, which requires that written warranties on consumer products costing more than $15 be made available to prospective buyers prior to sale and requires other disclosures. Failing to provide software update information to consumers could also violate the FTC Act if manufacturers make express or implied representations about how long the product is useable, according to the staff perspective.
This report comes after a Read the rest of this entry »