EPIC Urges FCC to Enhance Disclosures to Consumers in IoT Rulemaking

On May 24, EPIC filed reply comments in the Federal Communication Commission’s Further Notice of Proposed Rulemaking on Cybersecurity Labels for the Internet of Things focused on disclosures related to operations performed in high-risk countries. In its comments, EPIC supported the FCC providing additional information to consumers but urged the FCC to include disclosures about indirect methods data might end up in the same place—for example, by the company giving access to data to intermediaries who may ultimately pass the data along to entities in high-risk countries. EPIC also stressed the importance of privacy-related disclosures, especially in the context of survivors of domestic violence who may be targeted for surveillance, control, or re-victimization by means of IoT devices, echoing its earlier reply comments in the docket. EPIC also provided brief suggestions as to the applicability of the Magnuson-Moss Warranty Federal Trade Improvement Act.

EPIC regularly comments on regulations and testifies on policies to promote better cybersecurity practices that protect consumer data from unauthorized access and other misuse, including actions against stalkerware developers. EPIC also filed an amicus brief urging that dating platform companies be held liable when they ignore harassment and abuse.