What is the new law aiming to make smart gadgets safer to use?

William Mata
·2 min read
People have more devices than ever before which could be susceptible to cybercrime (PA Archive)
People have more devices than ever before which could be susceptible to cybercrime (PA Archive)

A new UK law has been introduced to require manufacturers to follow stricter rules to sell smart gadgets in the UK.

The Government has said the new law should give consumers "peace of mind" when they buy products that criminals have used to access private information.

Cybercrime has spiked in recent years, with more devices at home giving greater opportunities for phishing, enumeration attacks, whaling, pig butchering, and spoofing.

A further opportunity has arisen from increased purchases of devices containing personal details such as game consoles, smart watches, doorbells, and dishwashers.

“As everyday life becomes increasingly dependent on connected devices, the threats generated by the internet multiply and become even greater,” cyber minister Viscount Camrose said.

“From today, consumers will have greater peace of mind that their smart devices are protected from cyber criminals, as we introduce world-first laws that will make sure their personal privacy, data, and finances are safe.

“We are committed to making the UK the safest place in the world to be online and these new regulations mark a significant leap towards a more secure digital world.”

A Which? investigation showed that a home filled with smart devices could be exposed to more than 12,000 hacking attacks globally weekly. It said 2,684 attempts to guess weak default passwords could happen on only five devices.

Digital infrastructure minister Julia Lopez has hailed a new era where consumers can have greater confidence that their smart devices are shielded from cyber threats (PA Archive)
Digital infrastructure minister Julia Lopez has hailed a new era where consumers can have greater confidence that their smart devices are shielded from cyber threats (PA Archive)

How will the new restrictions work?

Manufacturers have had to follow security guidelines before the new law was introduced.

They will now be banned from having weak, easily guessable default passwords such as ‘admin’ or ‘12345’. If there is a common password, the user will be prompted to change it on start-up.

Additionally, manufacturers must publish contact details so bugs and issues can be reported and dealt with.

Manufacturers and retailers must also be open with consumers on the minimum time they can expect to receive important security updates.

“Today marks a new era where consumers can have greater confidence that their smart devices, such as phones and broadband routers, are shielded from cyber threats, and the integrity of personal privacy, data and finances better protected,” data and digital infrastructure minister Julia Lopez said.

“Our pledge to establish the UK as the global standard for online safety takes a big step forward with these regulations, moving us closer to our goal of a digitally secure future.”