On January 6, the Federal Trade Commission (FTC) announced that it had filed a complaint against Taiwanese D-Link Corp. and its U.S. subsidiary, D-Link Systems Inc. (D-Link), alleging the company made deceptive claims about the security of its products and engaged in unfair practices that put U.S. consumers’ privacy at risk. The case is noteworthy for the fact that the FTC did not cite an actual breach affecting D-Link’s devices; rather, it brought the action based on alleged potential harm to consumers that could result from security vulnerabilities associated with the devices.
D-Link sells networking equipment that integrates consumers’ home networks, such as routers, internet protocol (IP) cameras, baby monitors and home security cameras. These devices allow consumers to monitor the safety of their homes, young children and even pets by allowing access to live feeds from their cameras using their mobile devices or a computer.
The FTC alleges that D-Link failed to protect against “widely known and reasonably foreseeable risks of unauthorized access” to the routers and cameras, thus endangering the privacy and security of their customers. These failures, the FTC asserts, could lead to the exploitation of the devices and exposure of consumer information to attackers. Continue Reading