Skip to main content

UK proposes new security rules for IoT devices

(Image credit: Image Credit: Melpomene / Shutterstock)

The UK government has drafted three proposals to help both businesses and consumers stay safe as they use Internet of Things (IoT (opens in new tab)) devices. While it isn’t exactly law yet, the government did say that it would look to make it so sometime in the near future.

The proposals, drafted by the Department for Culture, Media and Sport (DCMS), together with the National Cyber Security Centre (NCSC), came after consultations with security experts, retailers and product builders.

Here’s what the government suggests:

- Passwords for IoT devices (opens in new tab) need to be unique and must not be resettable to a factory setting

- IoT builders need to have a point of contact where consumers can report a flaw and where manufacturers can react quickly

- Consumer IoT makers must be clear about the minimum length of time for which the device would be supported with updates and patches

"Our new law will hold firms manufacturing and selling internet-connected devices to account and stop hackers threatening people's privacy and safety," said Matt Warman, minister for digital and broadband at DCMS.

A DCMS spokesperson told ZDNet (opens in new tab) that they’d continue cooperating with retailers and manufacturers as they look to transform these proposals into law.

Cybersecurity is one of the main concerns of consumer IoT devices. Many come with default password settings which are the same for all devices of the same manufacturer. As many consumers can’t be bothered to change the factory settings, they end up being vulnerable to numerous threats.

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.