IoT, Chatbots and, AI Bills Passed in California
Internet of Things. At the end of August, California became the first state to promulgate regulations requiring security features for Internet-connected devices. Senate Bill 327 requires that a manufacturer of a connected device equip the device with “reasonable security features” that are (1) appropriate to the nature and function of the device; (2) appropriate to the information it may collect, contain, or transmit; and (3) designed to protect the device and any information contained therein from unauthorized access, destruction, use, modification, or disclosure.
The bill specifies that one way a manufacturer can meet this reasonableness standard for a device equipped with a means for authentication outside a local area network is to include a preprogrammed password unique to each device or to include a security feature that requires a user to generate a new means of authentication before access is granted to the device for the first time.