The FCC voted to create a voluntary cybersecurity labeling program for wireless-enabled consumer Internet of Things (IoT) products. Under the program, qualifying consumer smart products that meet robust cybersecurity standards will bear a label—including a new “U.S Cyber Trust Mark.” The Commission says the mark will help consumers make informed purchasing decisions and differentiate trustworthy products in the marketplace. The agency also hopes the program will create incentives for manufacturers to meet higher cybersecurity standards.
The U.S. Cyber Trust Mark logo will initially appear on wireless consumer IoT products that meet the program’s cybersecurity standards. The logo will be accompanied by a QR code that consumers can scan for easy-to-understand details about the security of the product, such as the support period for the product and whether software patches and security updates are automatic.
The voluntary program will rely on public-private collaboration, with the FCC providing oversight and approved third-party label administrators managing activities such as evaluating product applications, authorizing use of the label, and consumer education.
Compliance testing will be handled by accredited labs. Examples of eligible products may include home security cameras, voice-activated shopping devices, internet-connected appliances, fitness trackers, garage door openers, and baby monitors.
The agency says according to one third-party estimate, there were more than 1.5 billion attacks against IoT devices in the first six months of 2021 alone. Others estimate that there will be more than 25 billion connected IoT devices in operation by 2030. The cybersecurity labeling program builds on the public and private sector work already underway on IoT cybersecurity and labeling, emphasizing the importance of continued partnership so that consumers can enjoy the benefits of this technology with greater confidence and trust.
Several trade associations, including CTIA, USTelecom-The Broadband Association and the Consumer Technology Association praised the FCC’s action to initiate a voluntary cybersecurity labeling program for wireless-enabled consumer IoT devices. “Enhancing cybersecurity is a shared goal between the public and private sectors, and empowering consumers with knowledge can play a vital role,” they stated. “We look forward to our continued collaboration with the Commission to enable consumers to make informed purchasing decisions.”
By Leslie Stimson, Inside Towers Washington Bureau Chief
Reader Interactions