Privacy, Security, and IoT Prominent Themes at Silicon Flatirons DBM Conference
Balancing Security and Innovation
During a panel on technological change and industry structure, panelists discussed the tension between network security and technological development. According to Edward Felten, Deputy U.S. Chief Technology Officer at the White House, “so much of the benefit that comes from the digital world comes from the fact that people are moving very quickly, they’re experimenting.” He went on to state that that it is often difficult to balance the safety culture with the “entrepreneurial sort of cowboy culture.”
John Schanz, Executive Vice President and Chief Network Officer at Comcast Cable, discussed the difficulty in developing security solutions in an environment of rapid technological change, stating that “even when you think you have a solution, those solutions have a shelf life.” To address the complex issues in this space, David Clark, Senior Research Scientist, Computer Science and Artificial Intelligence Laboratory at MIT, acknowledged the need for a multi-stakeholder process; however, Clark argued that the challenge lies in “getting assured leadership in the multi-stakeholder space.” Clark compared this process to being lost in the woods: “you can get out by either going north or south, but going in circles is stupid.” Ultimately, stakeholders must agree and make a decision.
The Internet of Things
Another topic that continually arose at this year’s conference was the Internet of Things (IoT). Jack Waters, Chief Technology Officer at Level 3 Communications, said that people must recognize that, in an IoT world, there will be “just more places that can attack you.” David Clark called IoT a “buzzword” that reflects not a new technology, but rather a new branding. Clark further stated that it will be interesting to “watch the IoT people grapple with features versus security versus cost,” expressing his view that costs and features will ultimately win out over security, “leaving a mess to clean up and people asking why they didn’t think of security from the beginning.”
In his opening remarks, Larry Strickling, Assistant Secretary for Communications and Information at National Telecommunications and Information Administration (NTIA) stated that NTIA would “shortly” seek input on policy issues related to IoT that would be appropriate for multi-stakeholder efforts.
FTC Regulation: Privacy and Security
During her fireside chat with Georgetown University Law professor Paul Ohm, Federal Trade Commission (FTC) Chairwoman Edith Ramirez stated that data security is “one of the most significant challenges” society faces. Ramirez acknowledged that data security can be a “daunting challenge,” especially for small and mid-sized companies, but emphasized that companies should be thinking about security from the beginning and “not as an afterthought.” She noted that the FTC takes a flexible, case-specific approach that takes into account multiple factors, including the company’s size and what type of information it is collecting. Ramirez highlighted the FTC’s efforts to work with companies on these issues, mentioning the FTC’s “Start with Security” program that brings experts together to talk to companies about how to tackle these difficult issues.
Chairwoman Ramirez also discussed how the FTC’s years of privacy and data security experience can help other agencies better understand and address privacy and data security issues. Ramirez reiterated this support when discussing the FTC’s relationship with the Federal Communications Commission (FCC), referencing the long standing relationship between the two agencies and stating that she is “pleased” that the FCC is working on these issues.
Interested parties can watch the entire conference here.