What Should Be on an IoT Privacy and Security Label?

Explore the critical aspects of IoT privacy and security labeling in this IEEE conference talk. Delve into the findings of a comprehensive study involving privacy and security experts and consumers to determine essential information for IoT device labels. Learn about the three-round Delphi process used to identify key factors, the distribution of these factors across primary and secondary label layers, and the rationale behind expert choices. Discover insights from consumer interviews and their perceptions of the proposed label information. Examine the prototype privacy and security label designed to empower consumers in making informed IoT purchase decisions, and understand the potential impact of such labels on transparency in the IoT market.

Intro
Smart devices are getting hacked
Positive attitude toward labels
Three-round Delphi method with 22 experts
Expert recruitment criteria
One interview and two survey rounds
Labels to inform consumers' purchase behavior
Other perceived values of the label
We designed a layered label
Factors to include on the primary layer
Factors to include on the secondary layer
Non-comparative and comparative purchase
Attitudes toward the design of the label
Label should work for both consumers and experts
Specification document details
We designed a tool to generate the label
lot labels to provide transparency