Smart devices
Contents
What is a smart device?
Smart devices are those that are capable of connecting to the internet or a home network. For example:
- smart speakers, smart TVs and streaming devices
- smart doorbells, baby monitors and security cameras
- cellular tablets, smartphones and games consoles
- wearable fitness trackers (including smart watches)
- smart domestic appliances (such as light bulbs, plugs, kettles, thermostats, ovens, fridges, cleaners and washing machines)
Security requirements
Smart devices are subject to additional consumer protections, designed to protect you from cyber-attacks.
Under the Product Security and Telecommunications Infrastructure (Security Requirements for Relevant Connectable Products) Regulations 2023, manufacturers must comply with 3 security requirements:
1. Universal default passwords are banned.
Easily guessable default passwords can enable hackers to compromise devices on a large scale, facilitating wide-ranging cyber-attacks. If a hacker can guess the password, they can log into your device and use it to gain access to your network.
2. Manufacturers must track security problems and share contact details to allow you to report issues
This allows consumers to prompt manufacturers to upkeep their smart devices by taking the required measures to address any reported security issues with the device, similar to how consumers can have other goods serviced or repaired.
3. Manufacturers must tell you how long they'll provide security updates for
Just as you would install new security updates on your PC or phone, manufacturers of any smart device must release security updates to fix bugs or vulnerabilities that could be exploited by hackers.
Understanding how long they'll do this for is a bit like finding the "use by date" of a food item. Once no further security updates are available and installed on these devices, they become more susceptible to hacking. Some devices may even lose functionality and operate less effectively without these updates and support.
It's a good idea to check the product support end date on the manufacturer's website before making a purchase.
Statement of compliance
The regulations also require that, with some exceptions, products must come with a statement of compliance.
This must include the name and address of each manufacturer of the product, along with a declaration confirming that they meet the above security requirements.
Penalties
Failure to comply with these requirements is a criminal offence and carry hefty fines of up to £10 million or 4% of worldwide turnover (whichever is more).
What is the law guide
The Desktop Lawyer law guide aims to present the law to you in a comprehensive yet jargon-free and easy-to-read format. Our law guide is constantly kept up to date with changes in business and family law by our team of in house solicitors, and includes information across all the legal jurisdictions in the UK.
Our law guide is free to use. Where we provide documents related to this area of law, or where they may help you with any legal issue in this area, they will be listed to the right of this message.