TelecomTV TelecomTV
  • News
  • Videos
  • Channels
  • Events
  • Directory
  • Smart Studio
  • Surveys
  • Debates
  • Perspectives
  • DSP Leaders World Forum
  • DSP Leaders
  • Great Telco Debate
    • |
    • Follow
    • |
    • Subscribe
  • |
  • More
  • Webcasts
  • Surveys
  • Debates
  • Perspectives
  • Great Telco Debate
  • |
  • Follow TelecomTV
  • |
    • Subscribe
    • |
  • About
  • Privacy
  • Help
  • Contact
  • Follow TelecomTV
  • About
  • Privacy
  • Help
  • Contact
  • Sign In Register Subscribe
    • Subscribe
    • Sign In
    • Register
  • Search

Internet of Things

Internet of Things

UK wants to improve IoT security with labelling scheme

Nick Wood
By Nick Wood

May 1, 2019

via Flickr ©  shoe_scraper_of_death (CC BY-ND 2.0)

via Flickr © shoe_scraper_of_death (CC BY-ND 2.0)

  • Retailers could be blocked from selling insecure products
  • Govt wants to mandate 'Secure by Design' code of practice
  • People are unwittingly sharing personal data via connected devices

The UK government is considering a labelling scheme that tells customers how secure their IoT products are.

It is one move being considered as part of a consultation by the Department for Culture, Media and Sport (DCMS) that could lead to retailers being banned from selling products that don't measure up to its strict security standards.

These standards are laid out in the 'Secure by Design' code of practice:

  • IoT device passwords must be unique and can't be reset to any universal factory setting.
  • OEMs must provide a public point of contact as part of a so-called vulnerability disclosure policy.
  • Device makers must tell buyers the minimum length of time for which their product will receive security updates.

The code is voluntary at the moment, but the consultation proposes making it compulsory. As for the labelling scheme, that would be voluntary at first, but could also become mandatory. The idea is that it will help customers identify products that have basic security features, and those that don't.

"Many consumer products that are connected to the Internet are often found to be insecure, putting consumers' privacy and security at risk," said digital minister Margot James. "These new proposals will help to improve the safety of Internet-connected devices and is another milestone in our bid to be a global leader in online safety."

On a related and almost as important note, privacy is another major issue with consumer IoT, because it seems that end users don't always know what they are signing up to when they buy certain connected devices.

One such example from the US was reported by OneZero this week.

Building entry system maker Latch lets people open their front door with their smartphone, or provide one-time access to the lobby of their building to a delivery driver, for example. According to the report, customers have come to learn that Latch reserves the right under its privacy policy to collect, store, and share personally identifiable information with partners, which sometimes includes landlords. Funnily enough, some of them aren't happy about it, and have taken the company to court.

In addition, earlier this month it emerged that Amazon employs teams of people worldwide to listen to audio clips recorded by its Alexa smart speaker for the purposes of improving its voice recognition technology. These recordings are captured and sent off to Amazon without the customer's knowledge.

On this side of the pond, companies like Latch and Amazon are subject to GDPR, so they are required to tell customers what data they collect and for what purpose, and with whom they might share it.

That works fine for online services, but when it comes to consumer IoT devices, that informed consent might only be sought after the customer has bought the device. Are they really going to return the product, or are they just going to blindly consent to whatever data requests are made so they can get on with using their new gadget? I suspect the latter.

As well as a label that informs prospective customers about how secure or otherwise an IoT device might be, there should probably be another one that outlines what data you'll be giving up before you part with your hard-earned money.

These kind of trust-building business practices might become necessary if consumer IoT wants to truly go mainstream.

Related Topics
  • Analysis & Opinion,
  • Announcement,
  • Europe,
  • IoT Devices,
  • News,
  • Policy & Regulation,
  • Security,
  • Telecoms Vendors & OEMs

More Like This

5G

What’s up with… Samsung, Vodafone, Sunrise, FCC

Jan 22, 2021

Access Evolution

BICS expands NB-IoT connectivity to France to support flourishing IoT market

Jan 21, 2021

Edge

Telefónica opens up its 5G network and edge computing to startups to develop new services

Jan 20, 2021

Access Evolution

What’s up with… German network sharing, Orange, Ericsson

Jan 19, 2021

Access Evolution

How AI and connectivity could unlock a new drone age for industry

Jan 15, 2021

Email Newsletters

Stay up to date with the latest industry developments: sign up to receive TelecomTV's top news and videos plus exclusive subscriber-only content direct to your inbox – including our daily news briefing and weekly wrap.

Subscribe

Top Picks

Highlights of our content from across TelecomTV today

1:4:29

Great Telco Debate: Live Debate – Day 2 (On-demand)

1:18:20

Great Telco Debate: Live Debate – Day 3 (On-demand)

43:08

Developing an ecosystem for vRAN

2:23

The TelecomTV Snapshot: The Great Telco Debate 2020 - CSP Highlights

  • TelecomTV
  • Decisive Media

TelecomTV is produced by the team at Decisive Media

Menu
  • News
  • Videos
  • Channels
  • Directory
  • Smart Studio
 
  • Surveys
  • Debates
  • Perspectives
  • Events
  • About Us
Our Brands
  • TelecomTV Tracker
  • TelecomTV Perspectives
  • DSP Leaders
  • DSP Leaders World Forum
  • The Great Telco Debate
Get In Touch
[email protected]
+44 (0) 207 448 1070

Request a Media Pack

Follow
  • © Decisive Media Limited 2021. All rights reserved. All brands and products are the trademarks of their respective holder(s).
  • Privacy
  • Terms
  • Legal Notices