In an effort to safeguard consumer data and privacy, the United Kingdom (UK) Department for Science, Innovation, and Technology (DSIT) is enforcing three new security protections for “connected” technology, which go into effect April 29, 2024, UTC.
Connected technology refers to products that connect to the internet or other digital networks, such as Bluetooth speakers, smart watches, smart TVs, security cameras, etc.
This new regulation requires that connected products adhere to these three security protections:
-
- Ensure that passwords are unique per product, or the passwords can be defined by a product’s users;
- Require manufacturers to be transparent about how long products will receive security updates; and
- Require manufacturers to publish contact information to allow vulnerabilities relating to their products to be reported.
You are encouraged to be proactive and review your affected products to check that they comply or that your manufacturers comply. Otherwise, you will need to remove the UK as a sell/ship-to destination for relevant connected products.
Ensuring the security and integrity of technology products is paramount in today's digital landscape. By adhering to these new protections, we can collectively contribute to building consumer trust and confidence in the products we offer.
Learn more about the UK Product Security and Telecommunications Infrastructure (Product Security) regime.
Learn more about UK, EU, and other regional compliance in the Help Center's Compliance section.
Comments
0 comments
Please sign in to leave a comment.