California's new IoT Security Law
About California’s new IoT Security Law
California is the first state to pass an Internet of Things (IoT) cybersecurity law (SB-327). The law has taken effect starting from 1st January 2020 and is passed to ensure that all IoT devices sold in California must have “reasonable security measures” embedded by its manufacturer.
What is Internet of Things (IoT)?
Internet of Things (IoT) refers to a network of physical objects that are able to connect to the internet and feature an Internet Protocol (IP) or Bluetooth address, as well as the communication among these objects. Examples of IoT include smart devices, electrical appliances, cars and lights in the household etc. The law is applicable to all these devices which have the capability to connect to the internet with an IP or Bluetooth address.
Importance of the law
In the 21st century, the Internet of Things (IoT) is expanding with more and more devices being able to connect to the internet. Yet, the security risk associated with using these devices is still not well addressed. With this law, the “reasonable security measures” can ensure that the device would contain a unique preprogrammed password or require a user to generate a new authentication prior to granting access. This can prevent the information of the connected devices from unauthorized access, use, modification, destruction or disclosure.