Libbie Canter writes:
Earlier this week, the Online Trust Alliance released a draft framework of best practices for Internet of Things device manufacturers and developers, such as connected home devices and wearable fitness and health technologies. The OTA is seeking comments on its draft framework by September 14.
The framework acknowledges that not all requirements may be applicable to every product due to technical limitations and firmware issues. However, it generally proposes a number of specific security requirements, including encryption of personally identifiable data at rest and in transit, password protection protocols, and penetration testing.
Read more on Covington & Burling InsidePrivacy.