Arnold & Porter Discusses New California Law on Security for Internet-Connected Devices

California has passed the first state law imposing security requirements on devices in the Internet of Things (IoT). On September 28, 2018, California Governor Jerry Brown signed into law the nearly identical Senate Bill 327 and Assembly Bill 1906,[1] which require manufacturers of Internet-connected devices that are sold or offered for sale in California to equip them with “reasonable security features.”[2] Manufacturers of IoT devices are now on the clock to make the necessary changes to comply with the law before it becomes effective on January 1, 2020. While the law does provide some specific guidance for manufacturers—including … Read more