The Federal Communications Commission (FCC) voted on March 14 to create a voluntary cybersecurity labeling program for wireless internet of things (IoT) devices including home security cameras, internet-connected appliances, fitness trackers, garage door openers, and baby monitors.
Under the program, qualifying consumer smart products that meet cybersecurity standards will be able to bear a new U.S. Cyber Trust Mark label on their products. The label will also feature a QR code that consumers can scan for more security information on the smart products.
“According to one third party estimate, there were more than 1.5 billion attacks against IoT devices in the first six months of 2021 alone. Others estimate that there will be more than 25 billion connected IoT devices in operation by 2030,” the FCC said in a March 14 press release.
“The cybersecurity labeling program builds on the significant public and private sector work already underway on IoT cybersecurity and labeling, emphasizing the importance of continued partnership so that consumers can enjoy the benefits of this technology with greater confidence and trust,” it added.
The voluntary program will rely on public-private collaboration, with approved third-party label administrators tasked with “evaluating product applications, authorizing use of the label, and consumer education,” the FCC said. Device compliance testing will be handled by accredited labs.
The program was informed by input from a call for comment issued by the agency in August 2023. That action closely followed a White House announcement about the proposed program.
“The goal of the program is to provide tools for consumers to make informed decisions about the relative security of products they choose to bring into their homes,” the White House said in a press release in July 2023. “Manufacturers and retailers announcing support and commitments today to further the program include Amazon, Best Buy, Google, LG Electronics U.S.A., Logitech, and Samsung Electronics.”
The Consumer Technology Association (CTA) expressed its support for the FCC’s decision.
“CTA applauds the FCC for advancing the U.S. Cyber Trust Mark, which reflects many of CTA’s key recommendations aimed at making the program successful, protecting consumers, and raising the bar on product security,” CTA CEO Gary Shapiro said in a statement on Thursday.
“We are pleased to see a voluntary IoT cybersecurity labeling program based on the work of NIST that recognizes the need for international coordination and the importance of educating consumers about the label,” he added.
