Israel issues cyber-security IoT consumer disclosure guidance for public consultation
Israel’s Consumer Protection and Fair-Trade Authority and Israel National Cyber Directorate issue cyber-security IoT consumer disclosure guidance for public consultation. According to the guidance, the consumers must be informed whether the IoT product they plan to purchase can be exploited for a cyber-attack. Furthermore, the guide details that consumers must be informed of the following: (1) how to change the initial password and instruct them to do so, (2) the duration in which the manufacturer is expected to publish security updates, and (3) how to install security updates. In cases where there isn’t an option to change the password, or there aren’t any expected security updates, the consumers must be informed that the product is either faulty or low-quality. Consumer disclosure must occur before and during the transaction, and the information must be presented clearly and prominently.