Israel issues cyber-security IoT consumer disclosure guidance for public consultation
Israel has released consumer disclosure guidance on IoT cybersecurity for public feedback. Consumers are to be informed about the potential for cyber-attacks, changing passwords, security update timelines, and installation procedures. Lack of password change options or expected updates indicates a faulty or low-quality product. Disclosure must happen before and during the transaction, presented clearly and prominently.
Israel’s Consumer Protection and Fair-Trade Authority and Israel National Cyber Directorate issue cyber-security IoT consumer disclosure guidance for public consultation. According to the guidance, the consumers must be informed whether the IoT product they plan to purchase can be exploited for a cyber-attack. Furthermore, the guide details that consumers must be informed of the following: (1) how to change the initial password and instruct them to do so, (2) the duration in which the manufacturer is expected to publish security updates, and (3) how to install security updates. In cases where there isn’t an option to change the password, or there aren’t any expected security updates, the consumers must be informed that the product is either faulty or low-quality. Consumer disclosure must occur before and during the transaction, and the information must be presented clearly and prominently.
About author
DW Team
The GIP Digital Watch Observatory team, consisting of over 30 digital policy experts from around the world, excels in the fields of research and analysis on digital policy issues. The team is backed by the creative prowess of Creative Lab Diplo and the technical expertise of the Diplo tech team.