Govtech Publishes Akin Gump Article on New Laws Regulating IoT Security Risks

Government Technology has published the article “State Lawmakers Go After IoT Security Risks,” written by Akin Gump communications and information technology partner Jennifer Richter, senior counsel Karen Milne and associate Virginia Hiner. The article discusses some of the steps being taken at both the state and federal level to regulate “Internet of Things” (IoT) devices.

Among the states taking action, the authors write, California has led the way. Starting next year, they say, “connected devices that are manufactured, sold or offered for sale in California must be equipped with ‘reasonable security’ features.” Oregon has adopted a similar law, and other states are considering legislation of their own.

At the federal level, several measures have been introduced, according to the authors. This includes the Cyber Shield Act in the House, which, if enacted, “would direct the Commerce Department to establish an advisory committee of cyber experts from government, industry and academia to establish ‘cyber benchmarks’ for IoT devices.” Other legislation being considered would, for example, grant the Federal Trade Commission broader authority to regulate IoT devices.

Richter, Milne and Hiner predict more legislation is likely to follow, “with the potential for stricter minimum security standards in the future.” They warn that penalties for noncompliance could be significant, and manufacturers should take action to understand what is required of them.