California enacted Internet of Things (IoT) legislation intended to help protect consumer privacy and safety from potential hacking of connected devices. Under the state legislation that may apply to any connected devices sold in California, manufacturers of connected devices are required to equip the devices with security options suitable to the nature of the device and the information processed by the device. The objective of the legislation is to protect consumers, yet adapt to different products and industries. The law also includes several important exceptions. For example, devices regulated by federal law may not be required to comply with this state law. Even though the California law does not take effect until January 2020, companies required to comply with the new requirements should begin taking steps now to ensure appropriate security measures are built into devices at the design phase to avoid costly re-development and/or “slapped on” security features.
Read more on our issued Client Alert here.