So it’s the time to witness the birth of a new certification for IoT industry. As security and data privacy in IoT platforms and products are two of the main concerns for developers and end-users, the new certificate discuss these concerns and even more. IoT is yet to have such certificate, as best of my knowledge, to pave the road to standardize the rules of openness and privacy in IoT. Although the term of IoT certification is already there, and some companies can do security test for your IoT products and certificate it, but nothing seems to analogy to certificate like open source hardware certificate, where anyone meets the principals, can use the OSH mark on his product.
The new certification IoTMark was the output of a meetup hosted on June 16th 2017 in UK. This meetup gathered over 60 participants from UK and Europe. Specifically, a 22-page-long document was the output from this meetup. This document contains the principles of the certificate:
- Ownership, Permissions, Entitlement
- Cost/biz models/pricing transparency
- Lifecycle, provenance, sustainability & future-proofing
To mention a few of these principles:
The supplier of this product or service MUST be General Data Protection Regulation (GDPR) compliant.
This product SHALL NOT disclose data to third parties without my knowledge.
I SHOULD get full access to all the data collected about me.
- Have an open platform API [MUST]
- Provide comprehensive platform API documentation [MUST]
The preparation for the certificate didn’t finish yet, where The folks behind this certification will finalize it and register the mark by December 2017.
Don’t forget to have a look at the full document here. Who knows; You could use it in your next product. It’s really worth to give it a bid!
Source: Adafruit Blog