Product Security and Telecommunications Infrastructure (PSTI) Regime

regulatory updates

legal updates - big developments in the tech landscape!

Starting 29th April 2024, a ground-breaking new law has brought into effect the Product Security and Telecommunications Infrastructure (PSTI) regime (yes it’s a bit of a mouthful but keep reading, it’s important!), placing stricter regulations on manufacturers of “smart” gadgets. Designed to fortify security measures surrounding devices like baby monitors, TVs and speakers connected to the internet, this law aims to safeguard against cyber threats lurking in our homes.

what does this mean?

Headlines are:

  • Manufacturers are now obligated to stop supplying devices with default passwords.
  • They must establish a dedicated point of contact for reporting security issues and prioritising prompt resolution to mitigate potential risks. 
  • They are now required to disclose the minimum duration for which their devices will receive crucial security updates, safeguarding against vulnerabilities that could compromise user privacy and data security.

why do we care?

In our digital era, where technology and AI are rapidly evolving, the importance of stringent cybersecurity measures cannot be overstated. The PSTI regime represents a pivotal development in safeguarding our interconnected world.

why does this matter to you if you’re a manufacturer/retailer?

As a manufacturer or retailer, compliance with the PSTI regime is not just a legal obligation but a crucial step towards maintaining trust and credibility in the marketplace. Embracing the PSTI regime not only ensures legal compliance but also fosters consumer confidence, driving long-term success and sustainability in the competitive tech landscape.

why does this matter to you if you are a consumer?

The PSTI regime directly impacts our safety, privacy and overall user experience with smart devices. By prohibiting default passwords and ensuring transparency regarding security updates, this law empowers us to make informed decisions about the products we bring into our homes. This law also ensures that we have a direct channel through which we can raise our concerns or complaints regarding the security of our smart devices.

the implications of this law 

These extend beyond national borders, as it applies to all organisations importing or retailing smart devices for the UK market. Non-compliance carries severe penalties, including fines of up to £10 million or 4% of qualifying worldwide revenue, whichever is higher.

Support from the National Cyber Security Centre

To aid retailers and consumers, NCSC has developed a handy ‘point of sale’ (POS) leaflet. This informative resource educates consumers about the PSTI regulations, emphasising the importance of selecting smart products equipped to defend against prevalent cyber threats.  The link to this leaflet is included here.

As we navigate this evolving regulatory landscape, it’s imperative for manufacturers and retailers alike to prioritise cybersecurity to ensure the safety and integrity of connected devices.

Learn how the new PSTI regime impacts you as a manufacturer, retailer or consumer, ensuring safer, smarter tech for everyone.  For more details, please do get in touch with us.

Put off by the ridiculously long name but want more info?
Get in touch