Big tech brands flouting new laws on smart devices, warns Which?
Big brands behind expensive smart appliances, including smartphones, doorbells and smart TVs, are potentially selling smart devices illegally by breaking product security laws that came into force earlier this year.
The consumer association’s survey of more than 120 brands revealed that despite having over a year to prepare, a quarter (23%) could be flouting laws by not having published a product security updates policy in the public domain – including big names such as Alcatel, Hoover and Huawei.
Many other brands offer pitifully short support periods. While this does not breach these laws it essentially means quickly abandoning the products and putting consumers at risk long before the end of the product’s natural life – and increasing the chances of items unnecessarily being added to environmental waste.
New laws (the Product Security and Telecommunications Infrastructure Act 2022) came into force in April this year, applying to the majority of smart products and making it illegal to sell products in the UK that do not have published product update policies stating a minimum time for support – which is a commitment that manufacturers will prevent the products from losing functionality and becoming hacking risks.
Manufacturers that fail to comply with the laws face potential fines of up to £10 million or four per cent of worldwide revenue. Which? is now calling on the Office for Product Safety and Standards (OPSS) to investigate the issue and outline what it will be doing to enforce the new laws. The regulator has only published limited guidance since the PSTI Act was passed into law.
Which? researchers searched online for the support policies of 128 brands, in around 30 product categories, and also asked them if they had a clear updates policy. A staggering 29 (23%) did not have a policy in the public domain – and gave no indication they are addressing this – so would appear to be breaking the law. A further 23 brands (18%) had a policy that – in Which?’s view – was not clear.
Which? believes just 76 brands (59%) had a compliant published policy, stating a clearly defined support period.
However, the regulations state that a policy should be ‘clear, ‘accessible’ and ‘transparent’, and understandable by anyone, regardless of their technical knowledge – yet Which? found most brands were burying policies in distant corners of their website, or in hard-to-read technical compliance documents.
In the smartphone category, Which? found Alcatel, Huawei and TCL did not have published policies on tech updates. TCL said it was working on adding policy information for phones. Researchers considered Honor’s policy insufficiently clear. And despite smartphones having estimated physical lifetimes of around five years on average, some brands, like Motorola and Xiaomi, guarantee just two years of support on some handsets, compared to seven or more from rivals.
Smart TVs have an estimated average physical lifetime of almost seven years. However, Which? found TCL, Panasonic and Sony all had poor policies. Hisense, a prominent Euro 2024 sponsor, offers just two years of support from when a smart TV is first released.
On smart speakers, Belkin, B&W and Audio Pro were silent on support policies.
Wireless cameras and smart doorbells are particularly sensitive security risks as their primary purpose is to protect people’s homes. However, Which? found that in both categories Arlo and Ubiquiti said nothing about how long their products would be supported with vital security updates.
During the investigation, and despite the deadline for implementation having passed, a number of companies either changed, or were in the process of changing, their policies after being contacted by Which?.
Says Rocio Concha, Which? Director of Policy and Advocacy, said:
“It’s very disappointing that big brands are seemingly failing to comply with new product security laws despite having over a year to prepare, leaving customers in the dark about how long their products will be supported with vital security updates and potentially putting them at risk.
“It’s bad news for consumers and the environment, especially when you consider these short support periods could result in smart tech ending up in landfill way before its time.
“The OPSS must urgently investigate this issue, provide clear guidance for manufacturers and explain how it is going to crack down on brands ignoring security laws designed to help consumers buy products that are built to last.”