Debate opened on cyber security laws for smart devices

Digital Secretary Nadine Dorries is to open the debate on new law to strengthen cyber protections for people’s smartphones, TVs, speakers, routers and digital devices.

The law will place new cyber security requirements on the manufacturers and sellers of consumer tech which can connect to the internet or other devices. Under the bill, easy-to-guess default passwords which come programmed into digital devices and present an easy target for cyber criminals will be banned.

Manufacturers will have to be more transparent to customers about the length of time products will receive security updates for connectable products and create a better public reporting system for vulnerabilities found in those products.

Dorries said: “Whether it’s your phone, smart speaker or fitness tracker, it’s vital that these devices are kept secure from cybercriminals. Every product on our shelves has to meet all sorts of minimum requirements, like being fire resistant or a choking hazard and this is no different for the digital age where products can now carry a cyber security risk. We are legislating to protect people across the UK and keep pace with technology as it transforms our everyday lives.”

The bill applies to ‘connectable’ products. This includes all devices which can access the internet such as smartphones, smart TVs, games consoles, security cameras and alarm systems, smart toys and baby monitors, smart home hubs and voice-activated assistants, and smart home appliances such as washing machines and fridges.

It also applies to products which can connect to multiple other devices but not directly to the internet. Examples include smart light bulbs, smart thermostats and wearable fitness trackers.