Skip to main content

Can new laws protect you from smart home security breaches?

Blogtrepreneur/Flickr

As internet-connected devices are getting more and more popular, lawmakers are looking at new ways to help protect consumers — and ensure their data isn’t being put at risk by the companies that hold it.

At the federal level, there have been a number of attempts to add regulations that would protect owners of internet of things devices. The Cybersecurity Improvement Act of 2019, introduced last month by Senator Mark Warner of Virginia, would create new requirements for internet-connected devices. The details of the bill are a bit sparse, but it would require the National Institute of Standards and Technology to develop new recommendations for device makers to follow. Those rules would aim to shore up some of the cybersecurity shortcomings that currently plague internet-connected devices, like easy-to-guess default passwords that put millions of products and the households that have them at risk.

“The IoT Cybersecurity Improvement Act attempts to … provide light-touch guidance and security requirements for IoT devices to protect the industry and ultimately the consumer,” wrote North Carolina Rep. Ted Budd, a co-sponsor.

A number of states have gone a step further than the federal law, actually creating specific rules that device makers would have to follow. California, often a leader in digital privacy policy, passed a bill regulating internet of things devices in 2018. Set to go into effect on January 1, 2020, the law will require companies to include “reasonable” security features on their products. That includes requiring shipping devices with unique passwords or forcing users to set passwords when they set up the device.

From Internet connected watches to Internet connected thermostats, as the Internet of Things is integrated into our most private areas, consumers should have the assurance that these devices are secure and fend off unwanted intrusion. #orpol #orleg https://t.co/dtH4OvXxG3

— Jennifer Williamson (@Jennifer_for_OR) April 16, 2019

In Oregon, lawmakers are pursuing a similar path. The state’s House of Representatives recently passed a bill that will require each smart device sold in the state to come with a unique password. The extremely simple requirement is one of the easiest ways to mitigate brute force attacks, in which hackers are able to crack the protection on devices because they use a default password that owners often opt not to change. Hackers can then set up botnets and other attacks that can target many devices at once.

Oregon’s law would also require device manufacturers to follow any federal laws that are passed if they implement stricter requirements than the state’s own laws.

Editors' Recommendations

AJ Dellinger
AJ Dellinger is a freelance reporter from Madison, Wisconsin with an affinity for all things tech. He has been published by…
Ikea launching 3 new smart home safety gadgets in 2024
The upcoming Ikea motion sensor and door sensor on a yellow desktop.

It looks like Ikea is getting further invested in the smart home space, as the company plans to launch three new smart home safety products in 2024. The lineup includes a window sensor, motion sensor, and water sensor, and all three sync with the existing Dirigera Hub for easy operation and customization.

The products are expected to launch in the first half of 2024, starting with the door and window sensor, Parasoll, in January. Parasoll works much like all other door and window sensors on the market, giving you alerts when they've been opened or closed. It features a slim design (so it doesn't look too obtrusive when installed), and pairs with both the Ikea app and smart bulbs.

Read more
Arlo enhances home security offerings with new Arlo Total Security plans
The Arlo Total Security package on a blue background.

Arlo is expanding its home security offerings with the new Arlo Total Security subscriptions. These plans start at $10 per month and provide members with not just professional monitoring services, but also all the hardware they need to secure their property.

Not to be confused with the existing Arlo Secure lineup, Arlo Total Security plans are an entirely new set of monthly subscriptions. There are three tiers to choose from, though all include professional monitoring, hardware (such as sensors and cameras), and free shipping. The cheapest tier is Starter at $10 per month, featuring a security keypad, All-In-One Sensor, and Yard Sign. The Advanced with Video plan is the most expensive at $50 per month and is loaded with cameras and sensors.

Read more
Is an Ecobee Smart Security subscription worth it?
Several Ecobee security products on a green background.

Aside from offering some of the best smart thermostats on the market, Ecobee is also a provider of smart home security systems. And like most home security systems, you'll need a monthly membership to make the most out of your gadgets. But is an Ecobee Smart Security subscription worth it? Here's a look at the two different plans available to customers, along with which homes will benefit from each plan.
What is Ecobee Smart Security Standard?

Ecobee Smart Security Standard costs $5 per month or $50 per year. It doesn't offer professional monitoring but does save videos for one camera for up to 30 days. It also benefits from arm and disarm assistance, smart motion and entry alerts, smoke alarm detection, freeze detection, and the ability to control the system from your smartphone app.

Read more