DURHAM, N.C. — Consumers are willing to shell out big bucks for a smart device that is resistant to potential cyberattacks. Earlier this year, the White House unveiled its intention to introduce optional labeling for web-connected devices like smart fridges, thermostats, and baby cams that align with specific cybersecurity standards.
These standards emphasize features like automatic security updates and de-identification of user data. These measures aim to address a growing concern: two in every five homes globally own a device susceptible to cyber threats.
The upside for tech companies opting into this program is evident. A fresh U.S. consumer survey reveals a willingness among buyers to pay a marked-up price for devices that assure data privacy and security before purchase. Researchers warn, though, that this voluntary labeling might not suffice for lasting consumer protection.
“Device manufacturers that do not care about security and privacy might decide not to disclose at all,” says Pardis Emami-Naeini, assistant professor of computer science at Duke University, in a university release. “That’s not what we want.”
An average American household currently possesses over 20 internet-linked devices, each gathering and disseminating data. These devices, ranging from fitness trackers to video doorbells, are marveled for their convenience. However, concerns about privacy breaches, such as unauthorized access to baby monitors or smart TVs monitoring their viewers, are rife. Attacks on smart devices surged from 639 million to a staggering 1.5 billion in just the first six months of 2021.
The White House likens this nascent program to the three-decade-old Energy Star labels for energy-efficient appliances. They believe it will set higher cybersecurity standards for household devices.
Emami-Naeini, having advised on the design of the U.S. cybersecurity label, undertook a study with 180 American consumers. Participants were asked to choose between two smart devices with different security levels based on discounted prices. The results were compelling. Consumers showed a willingness to pay up to 50 percent more for devices that provided clear information about their security mechanisms.
Emami-Naeini observed a concerning trend. When participants had to choose between a potentially unsafe labeled device and an unlabeled one, they were inclined to pay more for the latter. The absence of a warning led many to assume such devices were as secure as others in the market. This raises concerns that optional labeling might allow manufacturers to omit information unfavorable to sales.
With an expected rollout in 2024, this labeling initiative has piqued the interest of nations like Singapore, Finland, and Australia. Researchers caution that an optional approach could be exploited by manufacturers. Emami-Naeini advocated for a compulsory security and privacy label, arguing it could prevent firms from manipulating consumer perceptions.
Researchers presented their findings at the 32nd USENIX Security Symposium in Anaheim, California.
You might also be interested in:
- Smart devices are watching you everywhere and violating your privacy, computer scientists warn
- Best Smart TVs For 2023: Top 5 Devices Most Recommended By Experts
- Best Smart Thermostats In 2023: Top 5 Devices Most Recommended By Experts