The Federal Trade Commission on Wednesday ordered the manufacturer of a child monitoring device to improve its security after a hacker gained access to hundreds of video fees of private homes and posted them online.
According to the FTC, the feeds “displayed private areas of users’ homes and allowed the unauthorized surveillance of infants sleeping in their cribs, young children playing and adults engaging in typical daily activities.”
The enforcement action represented the agency’s first crackdown on Internet-connected consumer devices. The company, TRENDnet, manufactured a camera called SecurView that consumers used for security, baby monitoring and other purposes.
But the FTC said the company failed to secure the product, allowing a hacker to gain access to private video feeds from 700 customers’ homes.
On Wednesday, TRENDnet agreed to settle the case. The settlement requires TRENDnet to notify users of the security problem, help users secure their devices, and submit to independent security audits every two years for the next two decades.
The agreement is significant because it’s the first time the security of an Internet-connected consumer product has been the subject of an FTC enforcement action. A growing number of consumer products, from thermostats to refrigerators, are being connected to the Internet, a trend sometimes described as “the Internet of things.” If these devices are poorly designed, they can open users up to mischief from hackers located anywhere in the world.
If companies don’t make security a priority, they could get some unwelcome scrutiny from the agency, the FTC said.
“The Internet of Things holds great promise for innovative consumer products and services,” FTC Chairwoman Edith Ramirez said. “But consumer privacy and security must remain a priority as companies develop more devices that connect to the Internet.”