Get in touch
If you would like help with any of the matters mentioned on this page please do not hesitate to contact us.
Government proposals to strengthen regulations regarding the Internet of Things (IoT) need to strike a careful balance between consumer security and hampering innovation, a specialist tech lawyer said today.
Georgia Shriane, from law firm Boyes Turner, was speaking as a consultation closed this week (June 5) into IoT security, aimed particularly at device manufacturers, IoT service providers, mobile application developers, retailers and consumer groups, academics and technical experts.
The Government has said it may regulate to ensure that strong cyber security is included in IoT devices by design, rather than it being left to the consumer to ensure that adequate security measures are in place.
A Code of Practice for IoT Security was published in October but ministers have now decided to move beyond that to the next stage of consultation on formal regulation.
Within the consultation, which closed this week, the Government said it wanted a trio of key security measures to be mandatory in the UK, which were identified as the top three guidelines in the Code of Practice:
To implement these options, the consultation stage impact assessment includes three options:
Georgia Shriane, a senior associate - solicitor in the commercial and technology team at Boyes Turner, said: “Most households have seen an increase in IoT connected devices but not everyone appreciates that it also can increase the level of risks from hackers and bugs.
“Many consumers assumed that security features would be in-built and the majority of IoT users are not technologically savvy enough to put their own security in place, thus leaving their home networks vulnerable to hackers through their kettles or thermostats.
“There’s an obvious tension here between the desire for minimum levels of security for consumers, and what those measures might be, and the impact this may have on slowing innovation and adding expense for tech businesses.
“There will inevitably be an extra layer of cost to install security into IoT products and it may also stall innovation in the UK – not least as other countries such as the USA and China could have lower security requirements.”
Georgia said many consumers ignored the fact that many IoT devices already have a password reset option, leaving them instead on the factory default setting.
“Simply putting a good password (not just “kettle” for example, and not the same one you use for other items on your household network obviously!) will increase the protection and the difficulty for hackers to gain access,” she said.
Interested parties had until this week (June 5) to submit their views on the consultation, which will now be considered by ministers and officials before the next steps are published.
Share:
If you would like help with any of the matters mentioned on this page please do not hesitate to contact us.
Sign up to receive the latest news on areas of interest to you. We can tailor the information we send to you.
Sign up to our newsletter