Within two and a half years, all companies selling IoT products on the European market must comply with new rules from the European Commission, which are trying to create more order in the West’s unbridled security for digitization: the Internet of Things (IoT).
The Commission is trying to extend the so-called radio guidance (Radio Equipment Directives) to tighten requirements for IoT products in the European market.
The European Union itself mentions smartphones, tablets, electronic cameras, communication equipment in general, and children’s toys that connect to the Internet.
As the European Commission itself puts it Press release:
The rules should contribute to this
Increase network security: Wireless products and devices must have built-in features that prevent the potential for your device to be misused to interfere with the Websites or other functionality of the Services.
Better privacy guarantee: Wireless products and devices must have features that ensure the protection of personal data. The protection of children’s rights will be an essential part of this legislation. For example, manufacturers must implement methods to prevent unauthorized access to viewing or transferring personal information.
Reducing the risk of financial fraud: Wireless products and devices must have features that reduce the risk of fraud in electronic payments. For example, better control over user authentication should be ensured to avoid false payments.
“The Commission is concerned that the design of wireless products in the European Union does not guarantee an adequate level of cyber security, protection of personal data and privacy of product users. In recent years, many products have been shown to exploit the weak security requirements of certain types of equipment, thus becoming vulnerable to attacks or theft. Personal data “.
Requirements are prepared
The next step now is that the European Parliament and Cabinet have two months to protest – and then companies that want to sell IoT in the European market have 30 months to comply with the new rules.
It is not yet known exactly what it will look like, because the European Union has only now asked the European Standardization Organization (ESO) to prepare the specific standards that companies must follow.
“This applies to all companies that wish to sell their products on the European market, whether European or not,” the Commission wrote in a press release.
Still life for many products
An important point is that old products that do not comply with the new rules can still be used without re-approval during their life cycle.
In practical terms, this means that many IoT devices that won’t actually pass a legal test by 2024 will still be able to use them long after that.
Individual states must monitor market compliance with the rules.
This article was first published in Version 2.
“Web specialist. Lifelong zombie maven. Coffee ninja. Hipster-friendly analyst.”