Cybersecurity Labeling for Internet of Things

Document Headings Document headings vary by document type but may contain the following: the agency or agencies that issued and signed a document the number of the CFR title and the number of each part the document amends, proposes to amend, or is directly related to the agency docket number / agency internal file number the RIN which identifies each regulatory action listed in the Unified Agenda of Federal Regulatory and Deregulatory Actions See the Document Drafting Handbook for more details. Federal Communications Commission 47 CFR Subchapter A [PSHSB: PS Docket No. 23-239; FR ID 210726] AGENCY: Federal Communications Commission. ACTION: Final rule. SUMMARY: In this document, the Federal Communications Commission (Commission or FCC) establishes a voluntary cybersecurity labeling program for wireless consumer Internet of Things, or IoT, products. The program will provide consumers with an easy-to-understand and quickly recognizable FCC IoT Label that includes the U.S. Cyber Trust Mark and a QR code linked to a dynamic, decentralized, publicly available registry of more detailed cybersecurity information. This program will help consumers make safer purchasing decisions, raise consumer confidence regarding the cybersecurity of the IoT products they buy, and encourage manufacturers to develop IoT products with security-by-design principles in mind. DATES: Effective date: This rule is effective August 29, 2024. Incorporation by reference: The incorporation by reference of certain material listed in the rule is approved by the Director of the Federal Register as of August 29, 2024. Compliance date: Compliance with 47 CFR 8.208 , 8.209 , 8.212 , 8.214 , 8.215 , 8.217 , 8.218 , 8.219 , 8.220 , 8.221 , and 8.222 will not be required until the Office of Management and Budget has completed review under the Paperwork Reduction Act. The Commission will publish a document in the Federal Register announcing that compliance date. FOR FURTHER INFORMATION CONTACT: Zoe Li, Cybersec…