We’re designing a usable security and privacy label for smart devices to help consumers make informed choices about Internet of Things device purchases and encourage manufacturers to disclose their privacy and security practices.
We’re looking for IoT devices to label!
IoT device manufactures: Show your commitment to security and privacy and be one of the first to try our label generator to create labels for your products. Please send us your questions and feedback, and let us know if you would like your label to be featured on our website.
Watch our video!
The label includes information on privacy and security practices of the smart device, such as the type of data the device collects and whether or not the device gets automatic security updates. In addition to privacy and security information, our label includes some general information about the device, such as the firmware version and whether the device can function without internet connectivity.
We have designed a two-layer label that includes a simple, understandable primary layer for consumers and a more detailed secondary layer that includes information important to experts. The primary layer is designed to be affixed to device packaging or shown on an online shopping website, while the secondary layer can be accessed online via a URL or QR code.
Pardis Emami-Naeini presented our expert elicitation project at the IEEE Symposium on Security and Privacy (S&P'20). Check out the presentation here!
Our paper "Ask the Experts: What Should Be on an IoT Privacy and Security Label?" has been accepted to the 41st IEEE Symposium on Security and Privacy (S&P'20).