US senators propose IoT security bill
Four US senators have proposed a bill that, if adopted, will impose certain cybersecurity requirements for technology companies that sell Internet of Things (IoT) devices to the US federal government. Titled ‘Internet of Things Cybersecurity Improvement Act’, the bill will require companies to ensure that their products are patchable and do not include ‘hard-coded’ passwords (that cannot be changed). Companies would also have to notify the purchasing agency of any known security vulnerabilities or defects that they become aware of for the duration of the contract. The bill would exempt cybersecurity researchers from liability under the US Computer Fraud and Abuse Act and the Digital Millennium Copyright Act when engaged, in good faith, in researching the cybersecurity of IoT devices.
About author
DW Team
The GIP Digital Watch Observatory team, consisting of over 30 digital policy experts from around the world, excels in the fields of research and analysis on digital policy issues. The team is backed by the creative prowess of Creative Lab Diplo and the technical expertise of the Diplo tech team.
