Customer CenterPlan to secure internet of things with new law

The rapidly growing "internet of things" (IOT) - internet-connected gadgets - would have to be made more secure under proposed new laws.

Security vulnerabilities that could be targeted by hackers have been found in everything from toy dolls to internet-connected ovens in recent years.

The new laws would mean such devices would have to come with unique passwords, for example.

One expert said it was a "positive step" to protect consumers.

There will be 14.2 billion internet-connected devices in use worldwide by the end of 2019, according to market analysts Gartner.

These include connected TVs, smart speakers and home appliances with internet connectivity.

These devices often become the targets for cyber-attackers who hack them in order to steal personal data, spy on users or remotely take control of devices to otherwise misuse them.

Trust the label

The proposed legislation, launched by Digital Minister Margot James, would also introduce a new labelling system to tell customers how secure an IOT product is.

Ms James said it was part of the UK's bid to be a "global leader in online safety".

Retailers would eventually be barred from selling products without the labels although initially the scheme would be voluntary.

To gain a label and enter the market, IOT devices would have to:

• come with unique passwords by default
• state clearly for how long security updates would be made available
• offer a public point of contact to whom any cyber-security vulnerabilities may be disclosed

The proposed laws follow a voluntary code of practice for IOT manufacturers that was published in the UK last year.