October 21, 2022

By: Christopher A. Iacono

Takeaway: Security labels on internet-connected devices are on the horizon for companies that manufacture and want to sell such devices worldwide.

Last week, the White House National Security Council announced plans for a consumer products cybersecurity labeling program aimed at improving digital safeguards on internet-connected devices.

On October 19, 2022, 50 representatives from different industries including tech, consumer product, and manufacturing convened to discuss the cybersecurity labeling program that is planned to launch in the Spring of 2023.

In conjunction with its announcement, the White House also released a fact sheet outlining various cybersecurity initiatives. In its fact sheet, the White House recommends three or four cybersecurity standards that manufacturers can use as the basis for labels that communicate the risks of using internet-connected devices.

Additionally, the administration is working with the European Union to align its Cybersecurity Act standards with those of the cybersecurity labeling program.  The White House envisions that products with cybersecurity labels will be sold globally.

The idea is for the standards under consideration to rate products based on how often manufacturers deploy patches for software vulnerabilities or whether a device connects to the internet without a password.

The White House hopes this program will incentivize companies to invest in cybersecurity because they will be rewarded for participating in the program whilst customers are provided with safer products. Part of the process will include using the National Institute of Standards and Technology to create labels according to the specifications of a product. The initial stage of the program includes the creation of bar-like labels on products that consumers can scan with their phones for updated security details. The remaining stages will be released as the White House continues to develop the program.

Protecting connected devices has been an ongoing issue for some time now. Companies should stay alert as the White House releases more information in the coming year.

For more information about the cybersecurity labeling program click here.

* This blog is available for informational purposes only and is not considered legal advice on any subject matter. By viewing blog posts, the reader understands there is no attorney-client relationship between the reader and the blog publisher. The blog should not be used as a substitute for legal advice from a licensed professional attorney. Readers are urged to consult their own legal counsel or reach out to any of Pietragallo’s attorneys on any legal questions concerning a specific situation.