Stories
Slash Boxes
Comments

SoylentNews is people

posted by on Monday January 09 2017, @04:11PM   Printer-friendly
from the theoretical-harm dept.

A Federal Trade Commission attempt to rein in a poorly secured IoT device is raising questions over whether the U.S. regulator has the power to crack down on vendors suspected of shoddy practices.

On Thursday, the FTC filed a complaint against Taiwanese manufacturer D-Link Systems that charged the company's internet routers and web cameras can easily be hacked, putting consumers at risk.

But the FTC's complaint doesn't cite evidence that the products have been breached, only the potential for harm to consumers.

That's among the reasons D-Link is contesting the complaint. "Notably, the complaint does not allege any breach of a D-Link Systems device," it said in a statement.

"Instead, the FTC speculates that consumers were placed 'at risk' to be hacked, but fails to allege, as it must, that actual consumers suffered," the company said.

-- submitted from IRC


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Informative) by bradley13 on Monday January 09 2017, @06:10PM

    by bradley13 (3053) on Monday January 09 2017, @06:10PM (#451541) Homepage Journal

    Some tidbits:

    - The FTC press release [ftc.gov]: They note that "The Commission files a complaint when it has “reason to believe” that the law has been or is being violated".

    - The complaint itself [ftc.gov] charges D-Link with "engaging in unfair or deceptive acts or practices in violation of Section 5(a) of the FTC Act, 15 U.S.C. § 45(a)"

    - Section 5 of the Federal Trade Commission Act [federalreserve.gov] prohibits "unfair or deceptive acts or practices in or affecting commerce."

    - Specifically, the FTC is trying to use this definition: "To be unfair, an act or practice must cause or be likely to cause substantial injury to consumers. Substantial injury usually involves monetary harm. ... Trivial or merely speculative harms are typically insufficient for a finding of substantial injury."

    D-Link claims that the complaint is speculative, since the FTC does not cite any specific incidents of consumer harm. Moreover, most IoT problems currently involve using devices in BotNets, which generally do no real harm to the device owner.

    So, whaddya think? A good complaint? Or nonsense?

    --
    Everyone is somebody else's weirdo.
    Starting Score:    1  point
    Moderation   +2  
       Informative=2, Total=2
    Extra 'Informative' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   4  
  • (Score: 3, Informative) by DeathMonkey on Monday January 09 2017, @06:27PM

    by DeathMonkey (1380) on Monday January 09 2017, @06:27PM (#451549) Journal

    It's weird that they didn't cite any of the hacks that targeted D-Link devices because they have occurred:

    Mirai, for example, targeted D-Link [bleepingcomputer.com]

    Maybe it's because they weren't in the US. Or, maybe they simple filed the complaint before this occurred, who knows.