In response to growing concerns about the cybersecurity of smart devices, the White House has unveiled a new voluntary cybersecurity labeling program aimed at providing consumers with assurance that their technology products are not vulnerable to hacking or spying.
The bipartisan initiative, launched by the White House, is designed to educate American consumers and provide them with a simple way to evaluate the cybersecurity of their devices. Similar to how EnergyStar labels promote energy efficiency, the cybersecurity labeling program seeks to incentivize companies to prioritize cybersecurity in the production of their products.
Overseen by the US Federal Communications Commission and administered by 11 different companies with UL Solutions leading the way, the program will allow makers of wireless consumer Internet of Things (IoT) devices to submit their products for a security compliance review at accredited laboratories.
Products that meet the testing criteria defined by the National Institute of Standards and Technology (NIST) will be eligible to display the US Cyber Trust Mark and a QR code that consumers can use to access online product information related to security measures and updates.
Popular retailers such as Best Buy and Amazon have expressed their intention to promote products that bear the US Cyber Trust Mark, providing a marketing incentive for manufacturers to participate in the program.
The US Cyber Trust Mark, available in various attractive color schemes, is specifically focused on IoT home security cameras, voice-activated shopping devices, smart appliances, fitness trackers, garage door openers, and baby monitors. It is not intended for medical devices regulated by the FDA, wired products, automotive products, industrial or enterprise devices, or those covered by other network security regulations.
The program was initiated in 2021 following an executive order from the White House aimed at enhancing cybersecurity in the wake of high-profile attacks on companies such as Colonial Pipeline and SolarWinds. The order directed officials to develop cybersecurity criteria for IoT devices to be included in a consumer labeling program.
Amazon Vice President Steve Downer expressed support for the US Cyber Trust Mark, highlighting its role in building consumer trust in connected devices. He emphasized the value of displaying the mark on product packaging and online platforms.
While the US Cyber Trust Mark program may not solve all cybersecurity challenges associated with connected devices, it represents a positive step towards empowering consumers with more information and control over the security of their devices. RJ Cross, director of US PIRG’s Consumer Privacy Program, underscored the importance of transparency and security prioritization by companies in light of increasing cyber threats.
As the certification program aims to provide consumers with greater insight into device security, questions remain about the extent to which the burden of security should shift from consumers to product manufacturers. Comprehensive measures, encompassing both hardware and data security, will be crucial for the program’s effectiveness in safeguarding consumer data and privacy.
In conclusion, the US Cyber Trust Mark program signals a commitment to enhancing cybersecurity in consumer technology products and fostering transparency between companies and consumers. By enabling consumers to make informed choices about the security of their devices, the program aims to address growing concerns about privacy and cybersecurity in the digital age.