Biden Admin Proposes Voluntary Program for Companies to Put Cybersecurity Labels on IoT Devices; Will Eventually Address Utility “Smart” Meters

By B.N. Frank

Over the years, countless experts have warned about privacy and cybersecurity risks with all “smart”, wireless and/or Internet of Things (IoT) devices and technologies. Ditto on costly, privacy invasive and problematic utility “smart” meters – electric, gas, and water. Today the Biden Administration announced plans to ease Americans’ concerns regarding cyberattacks and vulnerabilities.

From Gov Tech:

FCC Proposes Cybersecurity Labels, Certifications for IoT Devices

The proposed voluntary program would let companies feature labels on consumer products that clear certain cybersecurity criteria, helping consumers identify and select items that are less prone to cyber attack.

News Staff

The federal government is advancing its plan to bring cybersecurity labels to IoT devices and other products. If all goes well, consumers in the near future will be able to check smart home products they’re considering for labels indicating whether the items are generally cyber secure. If the consumers wish, they can reduce their risks of suffering a cyber attack by choosing the certified product.

The cybersecurity certification and labeling program — which is still in its proposal stage — is called Cyber Trust Mark and would be voluntary. Under it, participating companies could feature a distinctive shield logo on products of theirs that meet certain cybersecurity criteria like “unique and strong default passwords, data protection, software updates, and incident detection capabilities,” and other features identified by the National Institute of Standards and Technology (NIST), per a White House announcement. Plans also call for QR codes that consumers could scan to view a national registry of certified devices so they could compare security information about different products.

Today, the Biden administration officially announced its proposal for the program and the Federal Communications Commission (FCC), which would oversee it, applied to register a trademark for the security label. The FCC next intends to seeks public comment on how to roll out the program — something it expects to do in 2024.

This first stage focuses on consumer devices like smart refrigerators, TVs and fitness trackers.

Next, the initiative will address consumer-grade routers, which the White House says are higher risk. Attackers compromising these routers could eavesdrop, steal passwords and use the access to attack other devices and “high value networks.” NIST has until the end of the year to finish determining the cybersecurity requirements that such routers should clear to be deemed cybersecure under the labeling program. (The FCC isn’t committing to ultimately adopting NIST’s recommendations but will consider them).

Another stage of the program will turn attention on security of certain devices used in clean energy smart grids. The Department of Energy, National Labs and industry partners announced today plans to collaborate on researching and developing the kinds of cybersecurity labeling requirements needed for the smart meters and power inverters used in such an energy grid.

“This new labeling program would help provide Americans with greater assurances about the cybersecurity of the products they use and rely on in their everyday lives,” the White House said in its announcement. “It would also be beneficial for businesses, as it would help differentiate trustworthy products in the marketplace.”

The IoT labeling program is one of the many goals outlined in the Biden administration’s cybersecurity strategy. The National Cybersecurity Strategy Implementation Plan released last week attached more specifics to that objective and called for the National Security Council to identify “the broad contours” of a U.S. government IoT security labeling program and designating an agency to take the lead on it by Q4 of fiscal year 2023.

While the Cyber Trust Mark program is voluntary, the White House said several companies pledged to improve their products’ cybersecurity and voiced support for the program. That list includes Amazon, Best Buy, Google, LG Electronics, Logitech and Samsung Electronics.

Privacy Action Plan – Live Your Life Online Again With Zero Fear

(Sign Up Risk-Free Today)

Wireless “smart” and IoT devices allow companies to collect private data on consumers often without their knowledge or consent. Of course, not everybody is okay with that. Additionally wireless devices emit biologically and environmentally harmful radiation. Not everybody is okay with that either.

In regard to “smart” meters, utility providers and other proponents insist they are beneficial to consumers as well as essential for “energy efficiency” even though reports and studies have revealed otherwise (see 1, 2, 3, 4). Utility providers continue to force them on consumers anyway (see 1, 2, 3, 4, 5) so they can remotely control and/or ration utility use (see 1, 2) as well as collect consumer usage data to sell and/or share with 3^rd parties (see 1, 2).

American opposition to “smart” meters has been increasing for over a decade, even inspiring a documentary film. In addition to and cybersecurity risks, privacy violations, and harmful radiation emissions (see 1, 2, 3, 4, 5), other issues associated with these dastardly devices include

billing errors and higher bills (see 1, 2, 3)
fires and explosions (see 1, 2, 3, 4, 5)
installation mishaps (see 1, 2)
mechanical problems and
short lifespans

Adding insult to injury, consumers who are allowed to “opt-out” of “smart” meters are often required to pay expensive fees as well as accept meters that aren’t as safe as traditional analog meters.

Activist Post reports regularly about IoT, “smart” meters, and other privacy invasive and unsafe technologies. For more information, visit our archives and the following websites: