UK plans laws to protect IoT devices following pandemic sales surge
Wednesday, April 21, 2021
None of the 270 connected devices examined by University College London for a recent study displayed any information to the consumer about how long the device will receive security updates.
Ilia Kolochenko, CEO, Founder, and Chief Architect at ImmuniWeb, said: “This legislative progress is encouraging and should serve as an example to other European governments.
The main challenge of high-tech legislation is to actually enforce the law: people may buy substandard IoT devices abroad in a few clicks, while customs have insufficient resources to monitor compliance with highly complicated legislation amid the influx of foreign goods. A toothless law will unlikely deter bad practices that it aims to regulate.
It would, however, certainly be interesting to measure the impact of Californian IoT security law, enacted in 2018 and effective since 2020, on the consumer protection of Californians.
Individual standing under the new law – one’s capacity to bring a private lawsuit seeking damages in addition to monetary fines issued by the government – is likewise essential to provide aggrieved individuals with redress and bring stronger incentives to comply with the law.
Problematically, most of the insecure and dangerous IoT devices are manufactured in third-party countries that are oftentimes ignorant to any judicial cooperation with the UK authorities. Thus, however good the law will be, its practical enforcement will be decisive for its eventual success.”
The UK government plans to introduce the IoT security legislation as soon as parliamentary time allows. Read Full Article
SecurityWeek: Industry Reactions to FBI Cleaning Up Hacked Exchange Servers: Feedback Friday
ComputerWeekly: NEC, LogicMonitor and ImmuniWeb bolster channel numbers