The Product Security and Telecommunications Infrastructure Bill (2021-22).

The Product Security and Telecommunications Infrastructure Bill (PSTIB) will be re-read on 26 January 2022.

The Bill would:

  • Let the Secretary of States make regulations for mandatory security requirements that must be applied to connectable goods sold in the UK.
  • Changes to the electronic communication code that governs telecom companies’ rights to place infrastructure on land.
  • Information about the Bill’s stages and related publications is provided on the Page of Parliamentary Bill. 

    Security requirements must be met by connected products

    Part 1 of the Bill addresses the power to create mandatory security requirements for connected products such as smart phones, smart TVs and connected speakers.  These products could also referred to as “smart devices”Or “internet of things (IoT”) devices. 

    What are the security and safety standards for smart devices?

    While connected products are subjected to certain safety standards there are currently no mandatory security requirements. Consumers are becoming increasingly concerned about the risks these products could pose to their privacy and security. These include privacy and safety issues as well as the possibility of cyber-attacks.

    The Government published a voluntary Code of Practice for Consumer IoT Security,2018 It provided manufacturers and others with guidance (13 Principles), on how to ensure that connectable products are secure.

    The Government sought to consult in 2019 regarding imposing mandatory security requirements for connectable products. This was done to address low adoption rates and ongoing risks to consumers.  Legislative suggestions were discussed in 2020.

    What would be the Bill’s future?

    The Bill would allow for the Secretary of State to regulate the introduction security requirements for UK-sold connector products.

    The The Government has statedIt intends that the Bill will affect the following products:

  • smartphones
  • Cameras, TVs & speakers, and other connected devices
  • connected children’s toysMonitors for babies
  • Safety-relevant products, such as smoke detectors or doors locks, can be connected
  • Internet of Things base stations or hubs that connect multiple devices to it
  • Connect your wrist to a tracker for fitness
  • Outdoor leisure products such as GPS-enabled devices with handheld connectivity that aren’t wearables
  • Home automation and alarm system that can be connected with the internet
  • Appliances that have an electrical connection, such as washing machines and refrigerators, can be used
  • Smart home assistants
  • Some products, such as smart meters, medical equipment and vehicles, will be exempted.

    The Government indicated that it will use clause 1 of Bill to implement the Code of Practice’s top 3 guidelines.

  • A ban on default passwords;
  • Products must adhere to a vulnerability disclosure policy which allows for the identification of and notification of security vulnerabilities in products.
  • Transparency is required regarding the timeframe for which security updates are provided by a manufacturer.
  • It would also impose duties on manufacturers, importers, distributors, and retailers of these products to ensure compliance with the statutes. 

    The Bill provides a list of possible enforcement options in the event that compliance is breached. For serious issues of non-compliance, the Bill sets the maximum penalty at £10 million or 4% of the company’s worldwide revenue.

    Modifications to the electronic communications code

    Part 2 would include modifications to the electronic communication codes (ECC). The ECC governs all telecoms companies’ rights to build infrastructure in the UK.

    Reforms in ECC before.

    2017 saw significant reforms in the ECC. These included changes in rights and procedures for resolving disputes. It also changed how land is valued to determine rent for hosting telecom equipment.

    The ECC reforms were controversial. They have often been met with opposition from telecoms operators (landowners), and site providers. The Government must strike a balance between ensuring digital connectivity is available to all while respecting property rights.

    The land valuation reforms are especially controversial. According to reports, Hosting telecoms equipmentThey have been reduced in some cases. According to the ECC this is a major reason for Restrictions on infrastructure roll-outthrough lengthy negotiations and legal proceedings.

    The Government’s consultationThe Bill was not amended to address land valuation.

     What would the Bill change?

    The Bill encourages faster, more collaborative negotiations for the installation and maintenance of telecoms equipment on private land. The GovernmentThis would allow rapid rollout digital infrastructure such gigabit broadband or 5G.

    These are the changes that would be made to the Bill:

  • New provisions encourage alternative dispute resolution over legal proceedings whenever possible
  • This is a faster way to grant telecom operators temporary access to land, and to install infrastructure if the occupier is not responsive.
  • Allowing telecom operators upgrade and automatically share equipment starting before 2017.
  • Modifications to the ECC’s drafting to clarify who can grant rights for infrastructure to be hosted on land in the event that infrastructure has been installed.
  • Modifications to certain types of telecoms agreements that were in effect prior December 2017
  • Setting a time frame for the court’s resolution of disputes regarding the renewal code agreements.
  • Temporary interim orders can be requested to amend the telecoms infrastructure agreement (e.g. During renewal, access rights and rent payments can be requested.
  • The majority of these changes were not well received by telecom operators and site providers. Most site providers disagreed with the conclusion of telecom operators that these changes were necessary.

    The Bill would be applicable to all of the UK.

    Source link

    Source: The Product Security and Telecommunications Infrastructure Bill (2021-22).

    Leave a Reply

    Your email address will not be published. Required fields are marked *