Limited security specifications in IoT devices signal a market failure that has long required regulatory intervention. As long as built-in security features, such as secure code updates and authentication protocols, have not become a legal requirement, IoT vendors have been able to avoid implementing expensive security features. However, in 2018, the IoT sector, including device manufacturers and software vendors, witnessed a sea change in how government viewed its regulation of disruptive technologies. Regulation of IoT security occurred at the state level in the US and at the supranational level in the EU. What’s more, a voluntary national IoT code of practice was introduced in the UK. Overriding all this is a transformative change in the way vendors view government IoT regulation. Following growing consumer awareness of data privacy after the introduction of the EU’s GDPR (General Data Protection Regulation) and the purported use of tampered hardware in Chinese originated devices for government espionage purposes, vendors may now be starting to view government led regulation as more of an opportunity than on obstacle.
You must be a subscriber to view this ABI Insight.
To find out more about subscribing contact a representative about purchasing options.