Get Ready for the US Cyber Trust Mark

Michael Basile, Christy Burrow, Henry Wendel
Cooley LLP
Contact
LinkedIn
Facebook
X
Send
Embed

Cooley LLP

American consumers have benefited in countless ways from Internet of Things (IoT) devices. Unfortunately, cyberattacks have sharply increased in recent years, often through vulnerabilities in IoT devices. In an effort to curb such attacks, the Biden-Harris administration proposed the creation of the US Cyber Trust Mark to help consumers identify products that are less vulnerable to cyberattacks.

The US Cyber Trust Mark will be a voluntary program under which conforming IoT products that meet certain cybersecurity criteria developed by the National Institute of Standards and Technology will be officially certified under a process adopted by the Federal Communications Commission (FCC). Certified products will be permitted to include the US Cyber Trust Mark logo on product packaging alongside a QR code. The QR code will link to a national registry of certified devices to provide consumers with specific and comparable security information about smart products.

The administration plans to educate consumers to look for the new label when buying products and has already started encouraging major US retailers to prioritize labeled products when placing them on the shelf and online. Leading electronics, appliance and consumer product manufacturers have already announced their support for the program.

The details of the US Cyber Trust Mark program are still being developed. Interested parties will have an opportunity to comment on specifics, like the criteria devices must meet to be certified and how the program will be enforced. Proposals are likely to include requirements for unique and strong default passwords, secured data transmissions, access controls, the ability to update software and incident detection capabilities. Also expected are requirements to give consumers the ability to set and change passwords and delete their data. Depending on the specific rules adopted, compliance with the new program could impose significant additional costs on product manufacturers.

The FCC will release a notice of proposed rulemaking (NPRM), which will contain specific proposals for the US Cyber Trust Mark program. Device creators, manufacturers, retailers, consumers and other interested parties will have an opportunity to comment on the proposals in the NPRM. After comments are received, the FCC will vote to adopt the new rules. The program is expected to be up and running in 2024.

[View source.]

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Cooley LLP | Attorney Advertising

Written by:

Cooley LLP
Cooley LLP
Contact
more
less

Cooley LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide