Services
Insights

Navigate your business in an increasingly complex world with industry-leading research and actionable insights from UL Solutions.

View all
Aerial photo of downtown Chicago
Next
Previous
News

Explore our press releases and news updates. Delve into detailed press kits for information on our work. If it’s UL Solutions and newsworthy, it’s here.

View all
man using and tablet while presenting in front of a room
Next
Previous
Events

Connect with us in person or online, around the globe. We’re everywhere your business needs us to be.

View all
Photo of a crowd attending a presentation in a large view.
Next
Previous
About Us

As a global safety science leader, UL Solutions helps companies to demonstrate safety, enhance sustainability, strengthen security, deliver quality, manage risk and achieve regulatory compliance. 

Overview
UL Solutions Consumer Information

See how we put safety science to work to help create a safer, more secure and sustainable world for you.

Learn more
Resources

Explore our business intelligence-building digital tools and databases, search for help, review our business information, or share your concerns and questions.

Overview
UL Solutions Market Access Portal

Accelerate your planning process and learn the requirements needed to take your products to market worldwide.

Visit
myUL® Client Portal

A secure, online source for increased visibility into your UL Solutions project files, product information, documents, samples and services.

Go to myUL
Certification Database — UL Product iQ®

Access UL certification data on products, components and systems, identify alternatives and view guide information with Product iQ.

Visit
Industries
View All
  • Software and Products
  • Feature Story

Legislative Changes for Connected Technology

Contact UL
Girl on IoT device - Legislative Changes for Connected Technology

November 26, 2018

Look to UL to help stay one step ahead of the changing IoT landscape

In September 2018, California Governor Jerry Brown signed Senate Bill 327 and Assembly Bill 1906, marking first-of-their-kind bills of which manufacturers of Internet of Things (IoT) devices need to be aware. The bills, set to take effect January 1, 2020, expressly govern cybersecurity measures built into “smart” devices. With this is mind, and the deadline only 14 months away, retailers should begin speaking with manufacturers about plans for compliance with the new law and the importance of demonstrating this compliance through a third party.

The bills cover all connected devices – defined as “any device, or other physical object that is capable of connecting to the Internet, directly or indirectly, and that is assigned an Internet Protocol address or Bluetooth address” – and any manufacturer who produces these items for sale in California. With California being the 5th largest economy in the world, this likely covers most manufacturers.

In short, Senate Bill 327 requires that connected devices have a “reasonable security feature or features” to protect information, but the terms “information” and “reasonable” are left undefined in the bill. As such, it is likely that the statue will be broadly interpreted, and manufacturers should act by assigning a unique password to each device or, at the very least, require that the device prompts users to create unique passwords when it is set up for the first time. Assembly Bill 1906 requires a manufacturer of a connected device, as those terms are defined, to equip the device with a reasonable security feature or features that are appropriate to the nature and function of the device, appropriate to the information it may collect, contain, or transmit, and designed to protect the device and any information contained therein from unauthorized access, destruction, use, modification, or disclosure, as specified.

Once again, the breadth of this bill, and its scope to cover a range of security measures across different industries and market segments, means that manufacturers should seek advice on how best to interpret the bill to ensure the security of their customers and avoid potential non-compliance. Some of the law’s requirements appear to be enhancements to prior state or national laws, and as noted above it is likely that this new California bill will eventually have national, and even global, impact.

For more information, please contact Abel.Torres@ul.com.