Almost one year ago, the Federal Trade Commission (FTC) released its “Internet of Things (IoT): Privacy and Security in a Connected World” report urging companies to implement best practices for consumers’ privacy and data security, and shortly thereafter, introduced the new Office of Technology Research and Investigation unit to protect consumers from IoT failures. Since the FTC’s release of its report, and the start of its new IoT unit, we have yet to see any enforcement actions against companies for their IoT failures. While the FTC’s case against TRENDnet in 2013 is known as the first (and only) IoT action to date, in 2016, we will likely see an increase in the FTC’s IoT enforcement actions, as well as an increase in privacy litigation (in particular, a rise in class action plaintiffs) against IoT companies and manufacturers for failure to properly utilize the FTC’s IoT privacy and security recommendations when these individuals attempt to claim losses and sue for damages related to IoT data breaches. A new year’s resolution for IoT companies and manufacturers? Maintain reasonable security measures, update your privacy policies, and freshen up on the requirements of the Fair Credit Reporting Act (FCRA) when using IoT data for credit, employment, insurance or other types of eligibility.