Submission to Code of Practice – Securing the Internet of Things (IoT) for Consumers

Our research also shows that Australians want more transparency and control in relation to how industry collects, uses and shares their data, and they expect government to regulate industry conduct in this area. For example, 73% of survey respondents agreed that the government should give consumers options to opt out of what data they can provide, how it can be used, and if it can be shared with others. Only 10% of people considered it is the individual’s responsibility to check how companies are using their data.

CPRC therefore supports the Code of Practice provisions requiring industry members to:

  • ensure that personal data is protected in accordance with data protection laws, and that consumers are provided with clear and transparent information about the data that is being used, how, by whom and for what purposes, for each device and service, including any third parties
  • give consumers the opportunity to withdraw their consent to personal data use
  • make it easy for consumers to delete personal data in any circumstance, including on

    transfer of ownership or disposal of the device. The right to delete personal data at any time is an important protection for family violence victim-survivors and other people whose personal safety is at risk

  • securely store credentials and security-sensitive data such as usernames and passwords.

Download the full submission here.

Research Areas
Consumer Policy Research Centre

The Home

Consumer Policy Research Centre

Living Online

Consumer Policy Research Centre

CPRC Annual Consumer Index

Consumer Policy Research Centre

Making Consumer Decisions Easier & Fairer

Consumer Policy Research Centre

When Things Go Wrong