President Biden’s Administration Takes Action to Protect Hard-Working Families
In a significant move to safeguard consumers and bolster cybersecurity, major electronics and appliance manufacturers and retailers have voluntarily committed to strengthening the security of smart devices. Their collective efforts aim to provide consumers with safer options and protect against potential cyberattacks.
This initiative, known as the “U.S. Cyber Trust Mark” program, was unveiled today by Federal Communications Commission (FCC) Chairwoman Jessica Rosenworcel. The program seeks to elevate cybersecurity standards across a range of common devices, including smart refrigerators, microwaves, televisions, climate control systems, fitness trackers, and more.
President Biden’s administration continues to prioritize the protection of hard-working families, with this program being the latest example of their dedication to cybersecurity, consumer privacy, and fair market practices.
Industry Leaders Commit to Enhancing Cybersecurity
Acknowledging the urgency to address cybersecurity concerns, several prominent manufacturers, retailers, and trade associations have pledged their support to bolster the security of the products they sell. Leading industry players, including Amazon, Best Buy, Google, LG Electronics U.S.A., Logitech, and Samsung Electronics, have committed to implementing enhanced cybersecurity measures.
Under the proposed program, consumers will be able to identify these secure products through a newly created “U.S. Cyber Trust Mark.” This distinctive shield logo will be affixed to devices that meet rigorous cybersecurity criteria, empowering consumers to make informed decisions when selecting products for their homes.
The FCC’s Role and Expected Timeline
As the FCC possesses the authority to regulate wireless communication devices, it plans to invite public input on the proposed voluntary cybersecurity labeling program, with the program anticipated to be fully operational by 2024.
The program’s implementation will involve leveraging efforts from stakeholders to certify and label products based on cybersecurity criteria established by the National Institute of Standards and Technology (NIST).
These criteria will include stringent requirements such as unique and robust default passwords, data protection, regular software updates, and incident detection capabilities.
A Trademark to Ensure Product Security
To further fortify transparency and competition, the FCC has initiated the process of trademark registration with the U.S. Patent and Trademark Office. This national trademark will be granted exclusively to products that adhere to the established cybersecurity criteria.
The Administration, in collaboration with the Cybersecurity and Infrastructure Security Agency, will educate consumers about the new label, encouraging them to prioritize labeled products when making purchases both in-store and online.
Promoting Transparency and Expansion
The FCC is also striving to enhance transparency for consumers by utilizing a QR code. This code will provide direct access to a national registry of certified devices, offering detailed and comparable security information for smart products.
Additionally, in conjunction with other regulators and the U.S. Department of Justice, the Commission will establish oversight and enforcement safeguards to maintain trust and confidence in the program. To expand the labeling program’s coverage, the National Institute of Standards and Technology (NIST) will promptly embark on defining cybersecurity requirements specifically for consumer-grade routers.
These routers pose a higher risk, as their compromise can lead to eavesdropping, password theft, and attacks on other devices and networks. Completion of this work is projected by the end of 2023, enabling the Commission to consider the inclusion of consumer-grade routers within the program’s scope.
Collaboration for Future Cybersecurity
The U.S. Department of Energy has joined the initiative by announcing a collaborative research effort with National Labs and industry partners. This joint endeavor will focus on developing cybersecurity labeling requirements for smart meters and power inverters, integral components of the forthcoming clean and smart grid.
The Biden-Harris Administration is committed to engaging with allies and partners globally, with the U.S. Department of State actively supporting the FCC in harmonizing standards and pursuing mutual recognition of similar labeling efforts.
Assuring Cybersecurity for Everyday Life
The introduction of this new labeling program signifies a crucial step toward assuring Americans of the cybersecurity measures implemented in the devices they rely on daily. By facilitating informed decision-making, the program empowers consumers to choose products that meet stringent security criteria.
Furthermore, it benefits businesses by differentiating trustworthy products within the competitive marketplace.
Continuing Engagement and Implementation
The Biden-Harris Administration, along with the FCC, remains dedicated to engaging stakeholders, regulators, and Congress to ensure the successful implementation of the program. Their commitment to collaboration underscores the shared goal of safeguarding the American public and upholding their safety in the digital age.
Industry Leaders Join the Initiative
Today’s announcement featured participation from various key industry players committed to enhancing cybersecurity.
Notable participants included Amazon, Best Buy, Carnegie Mellon University, CyLab, Cisco Systems, Connectivity Standards Alliance, Consumer Reports, Consumer Technology Association, Google, Infineon, Information Technology Industry Council, IoXT, KeySight, LG Electronics U.S.A., Logitech, OpenPolicy, Qorvo, Qualcomm, Samsung Electronics, UL Solutions, Yale, and August U.S.