The Federal Communications Commission is seeking public comment on a proposal to create the first-ever voluntary cybersecurity labeling program that would provide consumers with clear information about the security for connected smart devices.
The proposed program—where qualifying products would bear a new US Cyber Trust Mark—would help consumers make informed purchasing decisions, differentiate trustworthy products in the marketplace and create incentives for manufacturers to meet higher cybersecurity standards.
“As we entrust technology with greater responsibility for our money, privacy, personal safety and public order, we need to have greater confidence in its security,” noted FCC Commissioner Nathan Simington.
Why the Program Is Needed
There are a wide range of consumer smart products on the market that communicate over networks: from personal digital assistants to internet-connected home security cameras, voice-activated shopping devices, internet-connected appliances, fitness trackers, GPS trackers, medical devices, garage door openers and baby monitors. These products bring enormous benefits but also present a range of security challenges.
“I strongly support moving on the IoT cybersecurity label, and believe that it will ultimately help consumers identify how secure a device may be, and support safe networks,” commented FCC Commissioner Geoffrey Starks.
How the Program Would Help Consumers
If the program is established, consumers would be able to easily identify smart devices and products that meet widely accepted security and privacy standards by looking for the US Cyber Trust Mark logo. The logo would appear on packaging alongside a QR code that you could scan for more information. The QR code would link to a national registry of certified devices so that you could compare these devices and get the most and up-to-date security information about each.
The Commission expects that over time, an increasing number of manufacturers would participate in the voluntary program to demonstrate their commitment to privacy and security, as there would be increased consumer demand for easily identifiable trustworthy smart products.
This proposal is the cumulation of a significant amount of work between federal government partners, especially the National Institute of Standards and Technology (NIST), and private stakeholders.
If the FCC votes to establish the program, it could be up and running by late 2024.
“That is not a small task. But it’s worth it. Because the future of smart devices is big and the opportunity for the United States to lead the world with a global signal of trust is even greater,” stated FCC Chairwoman Jessica Rosenworcel.