UK proposes new labeling system to improve smart home security

A new labeling system will help customers know how secure those devices are and for how long they'll receive security updates.

JOIN 12,000+ OTHERS:
Defend free speech. Push back against gatekeepers. Grow and monetize online. Subscribe for free.

The UK Government is planning to make IoT devices more secure by adding new laws. Fresh off the announcement of the very controversial Online Harms Bill digital Minister Margot James proposed new legislation under which a new labeling system will be introduced. This system will help users understand how secure an IoT product is. She also added that plans like these are a part of UK’s efforts to be a “global leader in online safety.”

Recent market analysis by Gartner revealed that by the end of 2019, there will be nearly 14.2 billion IoT devices in the world. Devices such as connected TVs, smart speakers and other home appliances with interconnected devices are all IoT products. As these devices access internet connectivity for several tasks, they can be more vulnerable to cyber attacks. It becomes much easier for an attacker to take remote control of the devices. Having a system to ensure that these IoT products are secure and not prone to such attacks is an inevitable need.

“Serious security problems in consumer IoT devices, such as pre-set unchangeable passwords, continue to be discovered – and it’s unacceptable that these are not being fixed by manufacturers,” said the technical director of the UK’s National Cyber Security Centre (NCSC), Ian Levy.

According to the proposed legislation by the UK’s Digital Minister, all the IoT products sold in the market should be labeled according to their safety and security levels. While in the initial days, this labeling is a voluntary step for manufacturers, in the future, any IoT product without a label shall be prohibited from being sold. Here are the conditions to be fulfilled before gaining a label and entering the market:

  • Must come with a unique password.
  • Must offer a public point of contact to whom any cybersecurity vulnerabilities can be disclosed.
  • Must state clearly about how long the security updates will be available.

“It’s important that government doesn’t allow the proposed regulation to be watered down during consultation. The proposals are limited, but a good start. I’m particularly pleased to see product security labeling being proposed so that buyers can make informed decisions,” said Cyber-security expert Ken Munro.

Defend free speech, online liberty, monetization without dominant platforms

Naga Pramod

Naga Pramod is a computer science major and tech news reporter with a passion for cyber security, networking, and data science. [email protected]