Consumer Reports to grade tech products on security, privacy

Credit to Author: Michael Kan| Date: Mon, 06 Mar 2017 14:01:00 -0800

Consumer Reports, a major source for gadget and appliance reviews in the U.S., plans to start rating products on data security and privacy.

On Monday, the nonprofit publication unveiled a set of new testing standards it hopes will push the tech industry to create safer products.

“The goal is to help consumers understand which digital products do the most to protect their privacy and security, and give them the most control over their personal data,” the publication said.

Already, cybersecurity  experts are finding new tech products, whether they are cars or smart teddy bears, that are often poorly secured and easy to hack.  

Other tech products have been found collecting data on their users, without their knowledge.

Government agencies and private groups have tried to address the problem by designing new guidelines for the industry to follow. However, none of them has received widespread support, Consumer Reports said.

But that doesn’t mean nothing can be done. “Consumer pressure and choices can change the marketplace,” the publication said.

Although Consumer Reports didn’t give a date, it will “eventually” use the new standards to test and rate products. In doing so, the publication can expose which vendors are failing to protect their consumers, and the information can help inform the public about the products they should buy.

“When consumers vote with their wallets and their clicks, we’ve seen that companies pay attention,” the publication said. 

To develop the standards, the publication collaborated with three digital consumer protection groups including one led by a well-known cybersecurity expert Peiter “Mudge” Zatko.

Zatko is the director at the Cyber Independent Testing Lab, a nonprofit that has come up with a rating system to test software for security problems.

“You cannot tell people everything’s on fire and then not have anything positive for consumers to do,” Zatko said in a statement.

Consumer Reports has already made its testing standard available on GitHub, and it’s looking for feedback. The publication is also hoping that industry vendors will use the standard when developing new tech products.

“We think these standards address a real gap in the marketplace,” Consumer Reports said.

Although the publication is mainly focused on the U.S. market, it’s also part of Consumers International, a federation of consumer groups that’s working to protect people’s digital privacy across the world. 

http://www.computerworld.com/category/security/index.rss