White House Introduces U.S. Cyber Trust Mark for Internet-Connected Devices
The White House introduced a new label for Internet-connected devices this week after a public notice and input period that spanned eight months. The U.S. Cyber Trust Mark, which was authorized by the Federal Communications Commission (FCC) in a bipartisan and unanimous vote, will be employed on so-called “smart products” sold in the United States by 11 companies.
It will begin to appear later this year, to help American consumers determine whether the smart devices are safe for use at home. It will include a range of devices including home security cameras, TVs, fitness trackers, baby monitors, and climate control systems – all of which have Internet connections. The U.S. Cyber Trust Mark will indicate the products include security features approved by the National Institute of Standards and Technology (NIST).
Major electronics, appliance, and consumer product manufacturers, as well as retailers and trade associations, have been working to increase cybersecurity for the products they sell.
The White House said in a statement that it “launched this bipartisan effort to educate American consumers and give them an easy way to assess the cybersecurity of such products, as well as incentivize companies to produce more cybersecure devices, much as EnergyStar labels did for energy efficiency.”
It added that it had received input from major electronics, appliance, and consumer product manufacturers, as well as retailers and trade associations.
“We see great potential in the U.S. Cyber Trust Mark Program,” said Michael Dolan, senior director and head of Enterprise Privacy & Data Protection at retail giant Best Buy. “It is a positive step forward for consumers and we are excited about the opportunity to highlight this program for our customers.”
Too Much Faith In Labels?
Though the purpose of the U.S. Cyber Trust Mark is to help consumers make informed decisions, it could come with some consequences – namely that Americans may believe products to be more secure than they are. Cybersecurity experts have long warned the weakest link in any network is the humans using it, and that isn’t going to change.
It could get worse as consumers may expect they’re receiving added protection and could inadvertently let their guard down.
“It seems generically like a good idea,” explained Jim Purtilo, associate professor of computer science at the University of Maryland. “But I wonder whether companies will use this as an excuse to charge more.”
Click HERE to read the full article
The Department welcomes comments, suggestions and corrections. Send email to editor [-at-] cs [dot] umd [dot] edu.