FTC Requests Info on Smart Device Security Updates
(May 10, 2016) Smart device manufactures must explain to the Federal Trade Commission (FTC) how they decide when to make security updates to address vulnerabilities in their devices.
The FTC wants to more fully understand the policies, procedures, and practices for providing security updates for consumers for their smartphones, tablets, and other mobile devices. The information requested includes:
- How a company monitors whether there are security vulnerabilities in its devices.
- How a company communicates the vulnerabilities among the manufacturers, software developers, and other third parties.
- Whether a company’s licensing terms require it or software developer to develop, test, or deploy security updates.
- How a company determines whether a specific device model will receive a security update to address a vulnerability.
- Whether a company provides notice to consumers that the device no longer will receive security updates.
The request was sent to Apple, Inc.; Blackberry Corp.; Google, Inc.; HTC America, Inc; LG Electronics USA, Inc.; Microsoft Corp.; Motorola Mobility, LLC: and Samsung Electronics America, Inc. The companies have 45 days to respond.