On August 10, the Federal Communications Commission (“FCC”) released a Notice of Proposed Rulemaking (“NPRM”) concerning the creation of a “voluntary cybersecurity labeling program that would provide easily understood, accessible information to consumers on the relative security of an IoT device or product, and assure consumers that manufacturers of devices bearing the Commission’s IoT cybersecurity label adhere to widely accepted cybersecurity standards.” The NPRM reflects the proposal previewed in Chairwoman Jessica Rosenworcel’s announcement last month, which we covered here.

The accompanying Securing Smart Devices Fact Sheet states that proposed program would be based on the National Institute of Standards and Technology’s recommended Internet of Things criteria.  The Fact Sheet also outlines a number of issues for which the FCC invites public comment, including:

  • The scope of devices or products for sale in the U.S. that should be eligible for inclusion in the labeling program,
  • Who should oversee and manage the program,
  • How to develop the security standards that could apply to different types of devices or products,
  • How to demonstrate compliance with those security standards, 
  • How to safeguard the cybersecurity label against unauthorized use, and
  • How to educate consumers about the program.

The FCC estimates that the new program “could be up and running by late 2024” if the agency votes to establish the program after the public comment period.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Matthew DelNero Matthew DelNero

Matt DelNero provides expert regulatory counsel to companies of all sizes in the telecommunications, technology and media sectors. As a former senior official with the FCC and longtime private practitioner, Matt helps clients achieve their goals and navigate complex regulatory and public policy…

Matt DelNero provides expert regulatory counsel to companies of all sizes in the telecommunications, technology and media sectors. As a former senior official with the FCC and longtime private practitioner, Matt helps clients achieve their goals and navigate complex regulatory and public policy challenges.

Matt serves as co-chair of Covington’s Technology & Communications Regulation (“TechComm”) Practice Group and co-chair of the firm’s Diversity & Inclusion initiative.

Matt advises clients on the full range of issues impacting telecommunications, technology and media providers today, including:

  • Structuring and securing FCC and other regulatory approvals for media and telecommunications transactions.
  • Conducting regulatory due diligence for transactions in the telecommunications, media, and technology sectors.
  • Obtaining approval for foreign investment in broadcasters and telecommunications providers.
  • Universal Service Fund (USF) programs, including the FCC’s Rural Digital Opportunities Fund (RDOF).
  • FCC enforcement actions and inquiries.
  • Online video accessibility, including under the Communications and Video Accessibility Act (CVAA) and Americans with Disabilities Act (ADA).
  • Equipment authorizations for IoT and other devices.
  • Spectrum policy and auctions, including for 5G.
  • Privacy and data protection, with a focus on telecommunications and broadband providers.

Matt also maintains an active pro bono practice representing LGBTQ+ asylum seekers, as well as veterans petitioning for discharge upgrades—including discharges under ‘Don’t Ask, Don’t Tell’ and predecessor policies that targeted LGBTQ+ servicemembers.

Prior to rejoining Covington in January 2017, Matt served as Chief of the FCC’s Wireline Competition Bureau. He played a leading role in development of policies around net neutrality, broadband privacy, and broadband deployment and affordability under the federal Universal Service Fund (USF).

Chambers USA has recognized Matt as a “go-to attorney for complex matters before the FCC and other federal agencies, drawing on impressive former government experience.”

Photo of Jennifer Johnson Jennifer Johnson

Jennifer Johnson is a partner specializing in communications, media and technology matters who serves as Co-Chair of Covington’s Technology Industry Group and its global and multi-disciplinary Artificial Intelligence (AI) and Internet of Things (IoT) Groups. She represents and advises technology companies, content distributors…

Jennifer Johnson is a partner specializing in communications, media and technology matters who serves as Co-Chair of Covington’s Technology Industry Group and its global and multi-disciplinary Artificial Intelligence (AI) and Internet of Things (IoT) Groups. She represents and advises technology companies, content distributors, television companies, trade associations, and other entities on a wide range of media and technology matters. Jennifer has almost three decades of experience advising clients in the communications, media and technology sectors, and has held leadership roles in these practices for almost twenty years. On technology issues, she collaborates with Covington’s global, multi-disciplinary team to assist companies navigating the complex statutory and regulatory constructs surrounding this evolving area, including product counseling and technology transactions related to connected and autonomous vehicles, internet connected devices, artificial intelligence, smart ecosystems, and other IoT products and services. Jennifer serves on the Board of Editors of The Journal of Robotics, Artificial Intelligence & Law.

Jennifer assists clients in developing and pursuing strategic business and policy objectives before the Federal Communications Commission (FCC) and Congress and through transactions and other business arrangements. She regularly advises clients on FCC regulatory matters and advocates frequently before the FCC. Jennifer has extensive experience negotiating content acquisition and distribution agreements for media and technology companies, including program distribution agreements, network affiliation and other program rights agreements, and agreements providing for the aggregation and distribution of content on over-the-top app-based platforms. She also assists investment clients in structuring, evaluating, and pursuing potential investments in media and technology companies.

Photo of Andrew Longhi Andrew Longhi

Andrew Longhi is an associate in the firm’s Washington, DC office and a member of the Data Privacy and Cybersecurity and Technology and Communications Regulation Practice Groups.

Andrew advises clients on a broad range of privacy and cybersecurity issues, including compliance obligations, commercial…

Andrew Longhi is an associate in the firm’s Washington, DC office and a member of the Data Privacy and Cybersecurity and Technology and Communications Regulation Practice Groups.

Andrew advises clients on a broad range of privacy and cybersecurity issues, including compliance obligations, commercial transactions involving personal information and cybersecurity risk, and responses to regulatory inquiries.

Andrew is Admitted to the Bar under DC App. R. 46-A (Emergency Examination Waiver); Practice Supervised by DC Bar members.