During research into the California Consumer Privacy Act (CCPA), we came across a rarely talked about new law in California.
The law requires a boost to the cybersecurity of IoT devices.
We're guessing it's less talked about than the CCPA because it's burdensome only for Internet of Things (IoT) manufacturers.
California Senate Bill-327 prohibits IoT devices from having those generic default passwords that IoT security has grown infamous for.
Instead, IoT devices in California must have one of the following:
- The pre-programmed password is unique to each device manufactured.
- The device contains a security feature that requires a user to generate a new means of authentication before access is granted to the device for the first time.
California's governor signed the bill into law during the fall of 2018, and it will go into effect in 2020.
[RELATED: Which Tech Giants Fought California Privacy Regulation?]
