Cullen International published a new benchmark that surveys whether 17 European countries have launched national initiatives addressing the security of consumer internet of things (IoT) devices (e.g. internet-connected household appliances, wearable devices, or toys). It also looks at supervision and enforcement aspects in case of non-compliance. 

The benchmark shows that, of the 17 European countries surveyed, only Finland, Germany and the UK have introduced security requirements for consumer IoT products (e.g. passwords to be unique or user defined, software to be kept up to date).

The initiatives in all three countries are similar as they are based on the European Telecommunications Standards Institute (ETSI) EN 303 645 standard, which sets a baseline level of security to protect such devices from the most common threats on the internet (e.g. data theft).

Further, the UK would make mandatory the security requirements for consumer IoT devices under the Product Security and Telecommunications Infrastructure Bill (PSTI), whereas in Finland and Germany the security measures adopted are voluntary. 

For more information and access to the report, please click on “Access the full content” - or on “Request Access”, in case you are not subscribed to our European Digital Economy service.