Government plans new laws for smart gadgets sold in UK

By Sam Shead
Technology reporter

  • Published
  • comments
Amazon Ring home security camera.Image source, Amazon

The government is developing laws that would require manufacturers to ensure their smart gadgets cannot be hacked and exploited via the internet.

It is concerned many internet-enabled devices lack basic security features.

Security vulnerabilities have been found in everything from toy dolls to internet-enabled ovens in recent years.

The move follows a seven-month consultation with GCHQ's National Cyber Security Centre, manufacturers, retailers, and academics.

Under the proposed laws, manufacturers would have to:

  • ensure all internet-enabled devices had a unique password
  • provide a public point of contact so anyone could report a vulnerability
  • state the minimum length of time a device would receive security updates

Digital Minister Matt Warman said he wanted to make the UK the safest place to be online.

"Our new law will hold firms manufacturing and selling internet-connected devices to account and stop hackers threatening people's privacy and safety," he said.

"It will mean robust security standards are built in from the design stage and not bolted on as an afterthought."

A spokeswoman from the Department of Digital, Culture, Media and Sport was unable to specify a timeframe for when the new legislation might be ready.

Sex toy

Cyber-security experts have warned many gadgets intended to keep people safe are actually putting them at risk of being spied on.

In December, a hacker was able to talk to a young girl in her bedroom via a home security camera made by Ring, which is owned by Amazon.

And in 2017, researchers found a sex toy with an in-built camera could also be hacked.

There will be 75 billion internet-connected devices worldwide by 2025, according to Statista.

And each UK household will have between 10 and 15, according to environmental charity Wrap.

"There is clearly broad support for the proposed regulation of consumer smart devices," said cyber-security expert Ken Munro.

"However, without swift legislation, this is just another meaningless consultation,

"The government needs to act now to help protect us from smart-device manufacturers who play fast and loose with our privacy, safety and security.

"I'm supportive of the government's proposed legislation, so long as it is the first step on a path towards wide-ranging, robust regulation of the internet of things."