Log in / Register Contact
Return to Documents

Smart devices

Contents

What is a smart device?

Smart devices are those that are capable of connecting to the internet or a home network. For example:

  • smart speakers, smart TVs and streaming devices
  • smart doorbells, baby monitors and security cameras
  • cellular tablets, smartphones and games consoles
  • wearable fitness trackers (including smart watches)
  • smart domestic appliances (such as light bulbs, plugs, kettles, thermostats, ovens, fridges, cleaners and washing machines)

Security requirements

Smart devices are subject to additional consumer protections, designed to protect you from cyber-attacks.

Under the Product Security and Telecommunications Infrastructure (Security Requirements for Relevant Connectable Products) Regulations 2023, manufacturers must comply with 3 security requirements:

1. Universal default passwords are banned.

Easily guessable default passwords can enable hackers to compromise devices on a large scale, facilitating wide-ranging cyber-attacks. If a hacker can guess the password, they can log into your device and use it to gain access to your network.

2. Manufacturers must track security problems and share contact details to allow you to report issues

This allows consumers to prompt manufacturers to upkeep their smart devices by taking the required measures to address any reported security issues with the device, similar to how consumers can have other goods serviced or repaired.

3. Manufacturers must tell you how long they'll provide security updates for

Just as you would install new security updates on your PC or phone, manufacturers of any smart device must release security updates to fix bugs or vulnerabilities that could be exploited by hackers.

Understanding how long they'll do this for is a bit like finding the "use by date" of a food item. Once no further security updates are available and installed on these devices, they become more susceptible to hacking. Some devices may even lose functionality and operate less effectively without these updates and support.

It's a good idea to check the product support end date on the manufacturer's website before making a purchase.

Statement of compliance

The regulations also require that, with some exceptions, products must come with a statement of compliance.

This must include the name and address of each manufacturer of the product, along with a declaration confirming that they meet the above security requirements.

Penalties

Failure to comply with these requirements is a criminal offence and carry hefty fines of up to £10 million or 4% of worldwide turnover (whichever is more).

Law Guide

Law Guide

Need help understanding specific areas of law? Our Law Guide can help you. Click here to visit our Law Guide.

Our use of cookies

We use necessary cookies to make our site work. We would also like to set some optional cookies. We won't set these optional cookies unless you enable them. Please choose whether this site may use optional cookies by selecting 'On' or 'Off' for each category below. Using this tool will set a cookie on your device to remember your preferences.

For more detailed information about the cookies we use, see our Cookie notice.

Manage cookie preferences

Necessary cookies

Necessary cookies enable core functionality such as security, network management, and accessibility. You may disable these by changing your browser settings, but this may affect how the website functions.

Functionality cookies

We'd like to set cookies to provide you with a better customer experience. For more information on these cookies, please see our cookie notice.