California is once again poised to set the standard for privacy and data security by enacting the first state law directed at securing Internet of Things (IoT) devices. The law has passed the state legislature and is awaiting the signature of Governor Jerry Brown. It requires manufacturers of “connected devices” to equip them with “a reasonable security feature or features” that are:
- appropriate to the nature and function of the device;
- appropriate to the information the device may collect, contain or transmit; and
- designed to protect the device and any information contained in it from unauthorized access, destruction, use, modification, or disclosure.