“My Google Home Mini was inadvertently spying on me 24/7 due to a hardware
flaw,” wrote a tech blogger who purchased Google Inc.’s latest internet of things
(IoT) device. Following the incident, a pact of consumer advocacy groups insisted
the U.S. Consumer Product Safety Commission recall the Google smart speaker
due to privacy concerns arising when the device recorded all audio without voice
command prompts.
The CPSC is charged with protecting consumers from products that pose potential
hazards. Traditionally, this has meant hazards that may cause physical injury or
property damage. But as internet-connected household products continue to
proliferate, issues like the “always-on” Google Home Mini raise an important
question: Where does cybersecurity of consumer IoT devices fit within the current
legal framework governing consumer products?
Please see our full article as published on Law360.