The UK government has introduced a Product Security and Telecommunications Infrastructure Bill to better protect people’s smartphones, TVs, speakers, toys, and other digital devices from hackers.
- The Bill seeks to prevent the sale of consumer connectable products in the UK that do not meet security requirements.
- The Bill shall penalise for fines up to £10 million or up to 4 per cent of global revenue for firms failing to comply with the security requirements.
- The new legislation will require manufacturers, importers and distributors of digital tech which connects to the internet or other products that they adhere to new cyber security standards.
- The Bill will allow the government to ban universal default passwords, force firms to be transparent to customers about what they are doing to fix security flaws in connectable products and create a better public reporting system for vulnerabilities found in those products.
- The Bill will also speed up the roll out of faster and more reliable broadband and mobile networks by making it easier for operators to upgrade and share infrastructure. The reforms will encourage quicker and more collaborative negotiations with landowners hosting the equipment, to reduce instances of lengthy court action which are holding up improvements in digital connectivity.
- The Bill provides ministers with new powers to bring in new rules that require manufacturers to provide a public point of contact to make it simpler for security researchers and others to report when they discover flaws and bugs in products.
- It also places duties on in-scope businesses to investigate compliance failures, produce statements of compliance, and maintain appropriate records of this.
- The Bill shall to manufacturers as well as other businesses including both physical shops and online retailers which enable the sale of millions of cheap tech imports into the UK.