104 Kevin C. Tofel, Got an IP webcam? Here are 73,000 reasons to change from the default password, GigaOm Research, 7 November 2014, at https://gigaom.com/2014/11/07/got-an-ip-webcam-here-are-73000-reasons-to-change-from-the-default-password/ 105 FTC Staff Report, note 33, p.13.106 Ashkan Soltani, What’s the security shelf-life of IoT? Tech@FTC blog, 10 February 2015, at https://www.ftc.gov/news-events/blogs/techftc/2015/02/whats-security-shelf-life-iot 107 Cesar Cerrudo, An Emerging US (and World) Threat: Cities Wide Open to Cyber Attacks, IOActive Labs White Paper, 2015, at http://www.ioactive.com/pdfs/IOActive_ HackingCitiesPaper_ CesarCerrudo.pdf 108 See for example the US Federal Trade Commission’s orders Credit Karma, Inc., File No. 132-3091 (Mar. 28, 2014); Fandango, LLC, File No. 132-3089 (Mar. 28, 2014) (consent); and HTC America, Inc., No. C-4406 (July 2, 2013) (consent), discussed in FTC staff report, note 120.109 Article 29 Working Party, note 125, p.18.110 36th International Conference of Data Protection and Privacy Commissioners, Mauritius Declaration on the Internet of Things, 14 October 2014, p.2, at http://www.privacyconference2014.org/media/16596/Mauritius-Declaration.pdf 111 See B.J. Koops and R. Levene, Privacy Regulation Cannot Be Hardcoded. A Critical Comment on the 'Privacy by Design' Provision in Data-Protection Law, International Review of Law, Computers & Technology 28 (2), 2014, pp.159-171; ENISA, Privacy and Data Protection by Design, December 2014. 112 C. Cuijpers & B.J. Koops, Smart metering and privacy in Europe: Lessons from the Dutch case. In S. Gutwirth et al. (Eds.), European data protection: Coming of age, Springer, 2012, pp.269- 293.113 FTC Staff Report, note 33, p.28.114 Graham Greenleaf, Sheherezade and the 101 Data Privacy Laws: Origins, Significance and Global Trajectories, Journal of Law, Information & Science (2014) 23(1).115 Article 29 Data Protection Working Party, Opinion 8/2014 on the on Recent Developments on the Internet of Things, 16 September 2014. 116 Article 29 Working Party. Opinion 9/2011 on the revised Industry Proposal for a Privacy and Data Protection Impact Assessment Framework for RFID Applications. 11 February 2011.117 Article 29 Working Party, note 125, p.6. 118 Article 29 Data Protection Working Party, Opinion 8/2014 on the on Recent Developments on the Internet of Things, 16 September 2014, p.8.119 FTC Staff Report, note 33, p.17.120 Scott R. Peppet, Regulating the Internet of Things: First Steps Towards Managing Discrimination, Privacy, Security and Consent, 93 Texas L. Rev. 85 (2014), pp.115-16.121 Peppet, note 127, p.93.122 FTC Staff Report, note 33, pp.39—42.123 Article 29 Working Party, note 125, p.16.124 Jack H. Park, Government to Ease Up on Regulations on Financial Technology, Internet of Things, BusinessKorea, 12 December 2014, at http://www.businesskorea.co.kr/article/7814/internet-deregulations-government-ease-regulations-financial-technology-internet-things 98 Trends in Telecommunication Reform 2016