New laws to protect smart doorbells and other gadgets are world-first, minister claims

Written by Sam Trendall on 8 March 2023 in News

Paul Scully pledges that provisions are being made for imminent implementation of act

Credit: LittleVisuals/Pixabay

New laws on consumer tech security requirements will make the UK the first country in the world to offer such legal protections to the likes of smart doorbells, a minister has claimed.

The Product Security and Telecommunications Infrastructure Act – which received royal assent and passed into law in December – sets out measures that manufacturers of connected devices must adhere to. This includes a requirement that all devices must be sold with a unique password, and offer users no option to then reset this to a standard generic option. 

Firms that sell internet-connected devices – which now encompasses products such as televisions and fridges, as well as phones and smart speakers – will also be required to provide clear information at the point of sale about the length of time for which products will receive patches and other security updates. Buyers must be kept informed of any subsequent changes to this policy.

Related content

The regulatory enforcement regime for the law – through which breaches could be punished with multimillion-pound fines, according to the government – has yet to be put in place.

But, according to Paul Scully, a minister at the recently created Department for Science innovation and Technology, such regulations will be passed imminently. After which, this country will offer world-leading protections to “consumer connectable products – including smart doorbells – sold to UK customers”.

“The government is committed to ensuring that the benefits that connectable technologies offer to individuals and the economy, are not at the expense of consumer security,” he said, in answer to a written parliamentary question from Labour shadow digital minister Stephanie Peacock.

Scully added: “Regulations will be made shortly to implement the new act, making the UK market the first in the world to benefit from these new protections. Manufacturers of consumer connectable products sold to UK consumers will be required to stop using universal default and easily guessable default passwords. Regulations will also require these manufacturers to publish a vulnerability disclosure policy on how security issues affecting their products can be reported to them, as well as information on the minimum length of time for which the manufacturer will provide security updates covering the product.”


About the author

Sam Trendall is editor of PublicTechnology. He can be reached on

Share this page




Please login to post a comment or register for a free account.

Related Articles

Government warned over need to protect the metaverse in Online Safety laws
17 March 2023

Campaigners warn that ‘virtual actions are not adequately addressed’ by existing law or pending legislation

Government guidance on use of private email and WhatsApp to be updated for first time in a decade
15 March 2023

Cabinet Office minister says that department will release new guidelines ‘as soon as possible’

How CDDO is working to make government services great
14 March 2023

In this piece for PublicTechnology, head of strategy and standards Ben Tate provides an update on the digital unit's work to transform the most important citizen services

Government anti-Isis comms unit signs data-analytics deal for ‘audience insights’
14 March 2023

Foreign Office-based unit taps Emirati firm to help increase ‘understanding of behavioural and attitudinal characteristics’

Related Sponsored Articles

Digital transformation – a guide for local government
6 March 2023

Digital transformation will play a key role in the future of local government. David Bemrose, Head of Account Strategy for Local Government at Crown Commercial Service (CCS), introduces a new...