Margot James: The internet has been a powerful force for good, but we need to make sure it is safe
We have a duty of care to UK citizens, especially our children, to help make sure they can access and use the internet safely, writes Margot James
The internet has been a powerful force for good, but we need to make sure it is safe and protect users, a third of whom are children and young people. That’s why this government is building a world-leading digital economy to make the UK the most secure place in the world to live and do business online.
The number of internet-connected devices that people use on a day-by-day basis is increasing all the time. Estimates show every household in the UK now owns at least 10 internet connected devices and this is expected to rise to 15 devices by 2020. In decades to come, these numbers will increase exponentially as the Internet of Things (IoT) takes hold.
However, many products currently on the market lack even the most basic cyber security provisions. Poorly secured devices threaten individuals’ online security, privacy and safety, and could be exploited as part of large-scale cyber attacks. Recent high-profile breaches putting people’s data and security at risk include attacks on smart watches, CCTV cameras and even children’s dolls.
We have a duty of care to UK citizens, especially our children, to help make sure they can access and use the internet safely.
To that end, we have worked closely with the National Cyber Security Centre, consumer groups and industry – particularly manufacturers, consumer groups and retailers, to develop our Secure By Design report. This ambitious report sets out how we will work with industry to improve the cyber security of consumer IoT products.
We need to move the burden away from consumers being expected to secure their own devices. Instead we need to work towards strong cyber security being built into internet-connected devices and products by design, rather than bolting them on as an afterthought.
This marks a significant step towards establishing our Digital Charter which sets the standard for better security online, as well as supporting the ambitions of our Digital Strategy and our ongoing work on the Data Protection Bill.
The report’s central proposal is a Code of Practice, aimed primarily at manufacturers. Proposed measures include making sure that all passwords on new products are unique, can be changed and are not resettable to a factory default. Sensitive data that can be transmitted over apps or products should also be encrypted and software should be automatically updated. Customers should also expect clear guidance on updates and the installation and maintenance of the devices should be as easy as possible.
The report also recommends a number of supporting measures, including a voluntary labelling scheme to help inform consumers about the security features of the products they buy.
The security guidelines set out are the minimum required to protect consumers and our digital infrastructure. But if the market fails to step up, and quickly, we will look to strengthen our levers - including making more of these guidelines compulsory through law. We will also make sure that those who develop, install and maintain internet-connected products have the necessary cyber security skills and knowledge.
As part of wider efforts already underway, we are also exploring avenues for enhancing cyber security in further education, university courses and in professional development programmes, to support the next generation of developers.
Ultimately, IoT security is a global challenge and requires global collaboration. We will continue to collaborate and engage with our international partners to identify shared solutions and realise our shared ambition to make the products and devices in our homes and pockets more secure.
Margot James is Conservative MP for Stourbridge and the Minister for Digital and the Creative Industries