IoT Security & Privacy Label (original) (raw)

We are agroup of researchers at Carnegie Mellon University. We are designing a usable security and privacy label for smart devices to help consumers make informed choices about Internet of Things device purchases and encourage manufacturers to disclose their privacy and security practices. Our label design is based on multiple rounds ofinput from both experts and consumers. If you want to share the summary of the label project with your team, we prepared a one-page handout.

Our designed label includes information on privacy and security practices of the smart device, such as the type of data the device collects and whether or not the device gets automatic security updates. In addition to privacy and security information, our label includes some general information about the device, such as the firmware version and whether the device can function without internet connectivity.

We have designed atwo-layer label that includes a simple, understandable primary layer for consumers and a more detailed secondary layer that includes information important to experts. The primary layer is designed to be affixed to device packaging or shown on an online shopping website, while the secondary layer can be accessed online via a URL or QR code.

Click on the label below to toggle between primary (overview) and secondary (details) layer.