Security of smart devices must be improved

What changes?

Do you manufacture or sell smart devices? There will be minimum requirements to ensure the digital security of devices connected to the internet – Internet of Things (IoT) devices. These new rules will apply to all wireless devices and products that communicate via and are connected to the internet, such as:

• routers
• security camera’s
• smart thermostats, fridges, lamps, doorbells

The ban on unsafe devices also applies to products such as toys and baby monitors, even if these only use a home network.

Smart devices may not be protected with a weak, standard password. As a manufacturer you must make sure that users have to create a strong password themselves before their fist use. The products must also:

• support software updates
• be tested for security breaches or vulnerabilities
• shield personal and financial data that is stored on the device
• offer the owner the possibility to manage or delete personal and financial data

For whom?

• manufacturers of smart devices
• sellers of smart devices

When?

It is expected this change in law will come into effect on 1 July 2024.

Please note: The effective date of this measure is not yet final. Entry into force is subject to its passing through the upper and lower houses of parliament or proclamation of the Order in Council (Algemene Maatregel van Bestuur, AMvB) or ministerial decree and publication in the Staatsblad or Staatscourant (Government Gazette, in Dutch).