On 14. March 2024, the US Federal Communications Commission (FCC) approved, based on criteria developed by the NIST, a voluntary program that would create a cybersecurity label for consumer IoT and smart devices, like (not limited to) home security cameras, voice-activated shopping devices, internet-connected appliances, fitness trackers, garage door openers, and baby monitors.
The qualifying consumer smart products that meet robust cybersecurity standards will obtain a “U.S. Cyber Trust Mark” label. This will help consumers make informed purchasing decisions, differentiate trustworthy products in the marketplace, and create incentives for manufacturers to meet higher cybersecurity standards.
The adopted rules are based on the inputs received to the proposal of the FCC released in August 2023.
The voluntary program will rely on public-private collaboration, with the FCC providing oversight and approved third-party label administrators will evaluate product applications and authorize use of the label.
In Europe, the recently adopted EU Cybersecurity Certification Scheme on Common Criteria (EUCC), the first EU certification scheme for ICT products under the umbrella of the EU Cybersecurity Act, remains of voluntary application, but future vertical/sectoral regulations could impose mandatory EUCC certifications for specific IT products.
Read the press release published by the FCC: https://docs.fcc.gov/public/attachments/DOC-401201A1.pdf