Australia releases a new code of practice for IoT device manufacturers

Australia releases a new code of practice for IoT device manufactures

IoT devices have poor cybersecurity features which expose Australia’s families, the national security, and the economy to crucial cyberattacks. As the use of the IoT technology has seen significant growth in the country, authorities have been taking serious moves aiming to provide better protection to users. On September 13, 2020, the Australian Government published the code of practice for IoT manufacturers as a key deliverable of the Government’s 2020 Cyber Security Strategy.

The new code entitled “Code of Practice: Securing the Internet of Things for Consumers” contains 13 principles and aims to provide the industry with the best tools to design IoT devices while maintaining cybersecurity.

According to the Department of Defense Minister’s website, Minister for Defense Senator the Hon Linda Reynolds CSC said, “The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has today also released quick and easy tips to help Australian consumers protect themselves against cyber threats when buying and using internet-connected devices. “Boosting the security and integrity of internet-connected devices is critical to ensuring that the benefits and conveniences they provide can be enjoyed without falling victim to cybercriminals,” she said.

The Code of Practice will also help raise awareness of security safeguards associated with IoT devices, build greater consumer confidence in IoT technology, and allow Australia to reap the benefits of greater IoT adoption. Under this code, IoT manufacturers must make sure that personal data are protected according to the Australian legal framework such as the Privacy Act 1988, and the Australian Privacy Principles.

Minister for Home Affairs Peter Dutton sheds light on the importance of considering cybersecurity features when buying an IoT device.  According to ZDNet, Dutton said, “Internet-connected devices are increasingly part of Australian homes and businesses and many of these devices have poor security features that expose owners to compromise”. 

Back to November 19, 2019, the Australian Government has released a draft of the code of practice. Aiming to ensure that the Australians’ expectations are met regarding cybersecurity, a public consultation has been set to take place until March 1, 2020.

Recently, Australia co-signed a Statement of Intent regarding the security of the internet of things (IoT) with the Five Eyes nations – Australia, Canada, New Zealand, the United Kingdom, and the United States – in London.