A new law will require makers of smart devices, including tech giants Apple, Google and Samsung, to offer more transparency around security updates and support.
The new Secure by Design plans, announced by the UK government, are being introduced as part of a cyber security law that will aim to tackle the vast number of smart products on sale, including smartphones, with weak or limited security protections.
They specify key criteria that must be met when smart devices are sold, and are a significant step towards ensuring consumers have the information and safeguards in place to reduce the risk of being vulnerable to cyberattacks.
Under the new legislation, makers of smart devices including smartphones, speakers and doorbells, will be required to adhere to a new set of measures designed to offer more transparency to consumers, and improve safety standards for smart devices. These include:
The legislation, expected to be introduced in 2021, is something Which? has long been calling for. Our testing of hundreds of smart devices, including mobile phones, has revealed serious security flaws and issues around transparency of updates, which this new law will help to address.
Rocio Concha, director of policy and advocacy at Which?, said: 'New laws to tackle this issue are a crucial step as there are a vast array of connected devices with security flaws, many of which are currently on the market, that put consumers at risk from cyber criminals.
'We share the government's ambition to make the UK one of the safest places in the world for consumers to use smart technology and this must be backed up by strong enforcement, ensuring people can get effective redress when they purchase devices that fail to meet security standards and leave them exposed to data breaches and scams.'
A software update is like a warranty for the digital elements of your product. It demonstrates that the brand will continue to issue fixes for the product and its software in case anything happens.
The problem is that currently you have no idea how long that warranty will last - and just one vulnerable device is all it takes to put a home network at risk,
Out of 253 products we assessed over a 12-month period, only four had some form of clear information about the level of update support the brand would give to the product.
A separate study by University College London assessed 270 smart products and found that none displayed information about the length of time updates would be supported, either at point of sale or in the product box or manuals.
The average household bought two new smart devices during the Covid-19 pandemic, according to UK government figures. These included smartphones, smart TVs and smart washing machines.
While these devices can enhance our lives, numerous Which? investigations have demonstrated how security vulnerabilities could put you and your data at risk.
Simple steps, such as changing passwords and keeping devices updated, can vastly improve your security when using smart products. Follow the advice below to mitigate the risks with smart devices you have in the home.