Darkreading.com reported that the new January 1, 2020 IoT Security Law in California applies to companies “…that make connected devices — from Internet routers to connected thermostats to home-monitoring cameras…” The Article entitled “California's IoT Security Law Causing Confusion” included these comments:
The California law, Senate Bill 327, was approved by the governor a year ago and requires that all connected devices sold in the state— no matter where they are made — incorporate "a reasonable security feature or features" that appropriately protect the user of the product and the user's data from unauthorized access, modification, or disclosure.
The law specifies that single hard-coded passwords are not allowed, and each device must either have a unique passcode or require the user to generate a new passcode before using the device for the first time.
The California law is not the only legislation to target the security of connected devices.
With 25 billion devices expected to be part of the global IoT landscape, legislators are subjecting IoT manufacturers to increasing scrutiny.
Given the new California Consumer Privacy Act that goes into effect on January 1, 2020 also there are lots of issues to be concerned about:
The enactment of the CCPA will be a watershed moment for data privacy not just in California, but also throughout the United States,…
Since any applicable business across the country and indeed across the globe that serves consumers in California will be required to abide by the law, companies across the board will likely be gearing up for compliance.
Are you ready?