Cybersecurity Labeling For Consumer Products

The White House National Security Council has announced plans for a consumer products cybersecurity labeling program that will improve digital safeguards on internet-connected devices. Representatives from product associations, consumer manufacturing companies and tech think tanks will convene at the White House on Oct. 19 for a workshop. The projected launch is spring 2023. The plan is to recommend a few standards that manufacturers can use as the basis for labels that communicate the risks associated with using internet of things devices. The hope is that the program will reward companies that invest in cybersecurity while also helping consumers find safer products. According to an administration spokesperson, the situation at present in which consumers are more or less on their own even if they happen to read complicated product-enclosures that explain cybersecurity features, is not sustainable. The U.S. Cybersecurity Solarium Commission recommended that Congress create a nonprofit national cybersecurity certification and labeling authority tasked with “establishing and managing a voluntary cybersecurity certification and labeling program for information and communication technologies.” The Commission’s director said the White House decision to pursue a label was commendable, but warned it will be difficult to design. Some critics of the plan have called it misguided, in part because the U.S. doesn’t manufacture most of the connected products that American consumers purchase.