A new British cybersecurity law mandates smart device manufacturers like Apple to enhance protections or face hefty penalties.
The legislation, known as the Product Security and Telecommunications Infrastructure (PSTI) Act, introduces robust requirements aimed at securing devices connected to the internet to make it harder for cybercriminals to get access to private networks.
The law specifically targets the inadequacies in current security measures by mandating three major changes: the elimination of default passwords, a clear protocol for reporting security vulnerabilities, and detailed consumer information on the length of product support and software updates. These stipulations apply to all companies manufacturing or selling smart devices in the UK.
For Apple, the law will necessitate a review of how its products comply with these enhanced standards. While Apple devices do not use default passwords, the company will need to ensure that all of its connected devices sold in the UK clearly communicate the duration of security support to customers. In addition, affected companies are expected to establish or refine their contact points for security issue reporting.
Retailers such as Apple stores are also required to provide customers with point-of-sale information about the cybersecurity practices relevant to the devices they purchase. The PSTI Act also includes strict penalties for non-compliance, with fines that can reach up to £10 million ($12.5 million USD) or 4% of the offending company's global turnover.
Note: Due to the political or social nature of the discussion regarding this topic, the discussion thread is located in our Political News forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.
