California Enacts First State Law Targeting IOT Cybersecurity

On September 28th, California Governor Jerry Brown signed a first-of-its kind law to regulate the security of connected devices that make up the “Internet of Things” (IOT)—connected fitness trackers, smart appliances, home alarm systems and much more.

The rapid adoption of these connected devices has led to an increase in security risk and a corresponding rise in government interest in IOT security. US federal agencies such as the Department of Homeland Security and the Department of Commerce have provided guidance on how to manage the security of these devices, and the Federal Trade Commission (FTC) has asserted its authority to bring enforcement actions for “unreasonable” IOT cybersecurity practices.


Mayer Brown partners John Nadolenco and Stephen Lilley, counsel Kendall C. Burman, and associate Mickey Leibner report on the new guidance and highlight areas of interest in this Legal Update.

Related Content