The Federal Communications Commission (FCC) has recently approved the establishment of a voluntary cybersecurity labeling program specifically designed for wireless Internet of Things (IoT) devices aimed at consumers. This initiative will introduce a “US Cyber Trust Mark” logo for IoT products that adhere to stringent cybersecurity criteria, guiding consumers towards more secure purchases.
Key features of this program include:
- The “US Cyber Trust Mark” will be displayed on eligible wireless IoT devices that comply with the set cybersecurity standards.
- Each labeled product will feature a QR code providing accessible information about its security features, including the duration of product support and the availability of automatic software and security updates.
- The program encourages a collaborative approach between public and private sectors, with the FCC overseeing the initiative and designated third-party entities managing the evaluation and authorization of products, as well as educating consumers.
- Compliance assessment for products will be conducted in certified laboratories.
The types of products that could qualify for this label encompass a variety of consumer goods, such as home security cameras, voice-activated devices, smart appliances, fitness trackers, garage door openers, and baby monitors.
Furthermore, the FCC is inviting public input on possible extra disclosure requirements, like the geographical origins of software or firmware development and data storage, especially if these originate from countries posing national security risks.
This program is a response to the increasing security vulnerabilities in the diverse range of IoT devices, which are projected to exceed 25 billion units by 2030. The initiative is part of broader efforts to bolster IoT cybersecurity, reflecting the ongoing collaborations in this field. It aims to empower consumers with the confidence and trust to navigate the expanding landscape of connected devices safely.