UK Government Cracking Down on Insecure Connected Devices

In order to protect smart devices in people’s homes from cybersecurity threats, the UK government has introduced a new legislation.

The BBC reports that the Product Security and Telecommunications Infrastructure Bill establishes precise rules to safeguard clients from cyber assaults.

“Our bill will put a firewall around everyday tech from phones and thermostats to dishwashers, baby monitors and doorbells, and see huge fines for those who fall foul of tough new security standards,” remarked Julia Lopez, minister for media, data and digital infrastructure.

The new legislation defines a broad range of devices, from cellphones to routers to security cameras to gaming consoles to smart speakers to internet-connected toys, as devices that must be reported.

Securing all technology

The revised bill aims to secure consumers by eliminating default passwords that are simple to discover. Instead of relying on simple passwords, devices must use complex ones, and mechanisms must be in place to prevent them from resetting the settings to factory defaults.

Manufacturers will also be obligated under the completed version of this legislation to notify customers if their device will receive security upgrades, as well as when they will be delivered.

Importantly, the concepts apply to UK firms that sell low-cost imported goods. This is significant in light of the recent Which? study which revealed over a thousand hazardous and insecure smart gadgets on popular internet marketplaces before Black Friday.

The aim of the bill is to set up a regulator with enforcement powers over an industry responsible for £1.7 trillion in transactions, including businesses that do not comply.

The bill also gives regulators the authority to impose fines on non-compliant firms of up to £10 million or 4% of their worldwide yearly revenue, as well as daily fines of up to £20,000.