The Government has outlined new plans in a consultation aimed at ensuring better safety and protection for consumers around the Internet of Things (IoT).

The IoT refers to the millions of consumer items including toy dolls, smart TVs, speakers, ovens and other devices that are increasingly connected to the internet and so vulnerable to all sorts of hacking and cyberattacks for the purposes of stealing personal data, spying on users, taking remote control of appliances or other misuse of the devices.

The proposals were recently announced by the Digital Minister, Margot James, with options for consultation to include a mandatory new labelling scheme. The label would tell consumers how secure their products such as smart TVs, toys and appliances are. The move means that retailers will only be able to sell products with an IoT security label.

The consultation focuses on three key security requirements.

• IoT device passwords must be unique and not resettable to any universal factory setting.

• Manufacturers of IoT products must provide a public point of contact as part of a vulnerability disclosure policy.

• Manufacturers must explicitly state the minimum length of time for which the device will receive security updates through an end of life policy.

Following the consultation, the security label will be launched initially as a voluntary scheme to help consumers identify products that have basic security features and those that don’t.

Commenting on the consultation, Margot James said, “Many consumer products that are connected to the internet are often found to be insecure, putting consumers’ privacy and security at risk… These new proposals will help to improve the safety of Internet connected devices and is another milestone in our bid to be a global leader in online safety”.

For more detailed information, see the topic on Information Protection and Cyber Security.

Last reviewed 15 May 2019