A new British IoT product security law is racing through the House of Commons, with the government boasting it will outlaw default admin passwords and more.
The Product Security and Telecommunications Infrastructure (PSTI) Bill was introduced yesterday and is intended to drive up security standards in consumer tech gadgetry, ranging from IoT devices to phones, fondleslabs, smart TVs, and so on.
Digital infrastructure minister Julia Lopez MP said in a canned statement: "Our Bill will put a firewall around everyday tech from phones and thermostats to dishwashers, baby monitors and doorbells, and see huge fines for those who fall foul of tough new security standards."
The new law has been years in the making and follows lots of international wailing and gnashing of teeth over non-existent minimum security standards for Internet of Things devices – which both the US and European Union (along with the UK) are tackling. Yet the bill as drafted will apply to mobile phones and similar smart devices too.
David Rogers, chairman of the GSMA's Fraud and Security Group and author of the UK's 2018 Code of Practice on IoT Security, hailed the PSTI Bill as "absolutely crucial".