New UK law slaps stricter security measures on smart gadgets

In a move aimed at bolstering cybersecurity in households across Britain, manufacturers selling smart gadgets in the UK must now adhere to stringent regulations following the enactment of a new law.

SHARE

SHARE

Manufacturers selling smart gadgets in the UK must now adhere to stringent regulations following the enactment of a new law
Manufacturers selling smart gadgets in the UK must now adhere to stringent regulations following the enactment of a new law

Manufacturers selling smart gadgets in the UK must now adhere to stringent regulations following the enactment of a new law.

In a move aimed at bolstering cybersecurity in households across the nation, the legislation seeks to enhance the security standards surrounding devices like baby monitors, televisions and speakers connected to the Internet.

Sarah Lyons from the National Cyber Security Centre, emphasised the pivotal role of businesses in upholding consumer safety by telling the BBC: “Businesses have a major role to play in protecting the public by ensuring the smart products they manufacture, import, or distribute provide ongoing protection against cyber-attacks.”

She also welcomed the landmark smart gadget legislation as a means to empower consumers in making informed decisions regarding product security.

The proliferation of Internet-connected technology has raised concerns as cyber-criminals exploit them to infiltrate home networks and pilfer sensitive data.

British government experts say the new law aims to provide consumers with “peace of mind” in an increasingly interconnected world.

The prevalence of web-linked devices in homes has surged in recent years, encompassing a huge spectrum ranging from gaming consoles to fitness trackers and household appliances – often dubbed the ‘Internet of things’.

Previously, manufacturers were expected to adhere to security guidelines voluntarily.

But the new legislation introduces three pivotal requirements.

The first is implementation of robust password protocols, prohibiting generic or easily-guessable passwords such as ‘12345’ or ‘admin’.

Clear guidelines on reporting bugs or security breaches is the second, with the third being disclosure of the duration of support – including software updates – provided to consumers upon purchasing the device.

Failure to comply with the minimum standards, stipulated under the Product Security and Telecommunications Infrastructure (PSTI) regime, may result in fines.

Described as a "world first" by the UK government, the legislation is heralded as a significant step towards safeguarding both consumers and businesses against cyber threats while fortifying the nation's resilience against cybercrime.

According to the Department for Science Innovation and Technology (DSIT), more than half of UK households now possess smart TVs, with a similar proportion equipped with voice assistants like Alexa.

On average, homes host approximately nine interconnected devices, ranging from basic broadband routers to web-linked toys and remotely controllable home appliances such as radiators, ovens and refrigerators.

Despite the convenience of the innovations, there has been a surge in reports detailing instances of hackers exploiting such devices for nefarious purposes, including unauthorised surveillance and data theft.