Title: Lack of Transparency: Major Technology Brands Fail to Inform Consumers about Product Support
Introduction:
A recent survey conducted by consumer organization Which? reveals that major technology brands are failing to provide consumers with clear information about the duration of support and security updates for their smart products. This lack of transparency not only leaves customers in the dark but also exposes them to potential hacking risks. Despite the introduction of the Product Security and Telecommunications Infrastructure Act 2022, which made such measures legally mandatory, many manufacturers have either pushed the limits of compliance or ignored the requirements altogether.
Brands’ Failure to Inform Consumers:
Which? surveyed 128 brands across 30 product categories and discovered that nearly a quarter (23 percent) did not have publicly available support policies that specified the duration of product protection. Notable brands like Alcatel, Hoover, and Netatmo were among those lacking this crucial information. Furthermore, 18 percent of brands had policies that were unclear about the extent of support they offered. On a positive note, 59 percent of brands were fully compliant and provided a defined product support period.
Legal Consequences and Consumer Advocacy:
The survey was conducted after the implementation of the Product Security and Telecommunications Infrastructure Act 2022, which enforces penalties of up to £10 million or 4 percent of global revenue for non-compliance. Which? expressed disappointment at the number of manufacturers failing to comply with the law, despite having ample time to prepare. Rocio Concha, the director of policy and advocacy at Which?, called on the Office of Product Safety and Standards to urgently investigate this issue and provide clear guidance for manufacturers.
Importance of Support Information for Consumers:
Which? emphasized why it is crucial for companies to provide information on product support coverage to consumers. When support for a product ends, the device becomes more vulnerable to hacking because any emerging security flaws will no longer be fixed. This lack of ongoing protection exposes consumers to potential cyber threats and compromises their personal data.
Varying Support Duration for Smart Products:
Which? analyzed various smart products, including mobile phones, doorbells, thermostats, smart speakers, and smart TVs, to determine the duration of support offered by different brands. For instance, market leaders LG and Samsung guaranteed five years of support for their smart TVs from the launch date, while Hisense provided only two years. This disparity in support duration highlights the need for consumers to be aware of the varying levels of protection offered by different brands.
Rise of Smart White Goods:
The consumer group also examined traditionally non-networked products, such as white goods, which are increasingly being integrated into the Internet of Things (IoT). Around a third of washing machine and dishwasher ranges now include smart capabilities. Among the 224 washing machines analyzed by Which?, 76 were found to be smart. This trend raises concerns about the security of these appliances, as they can be targeted by hackers due to common vulnerabilities like weak passwords or lack of regular updates.
IoT Vulnerabilities and Cybersecurity Risks:
According to Nemko, an agency specializing in testing and certifying electrical products, any product in the IoT, including white goods like washing machines, can be used for hacking. IoT devices often prioritize functionality over security, making them easy targets for cybercriminals. Hacked smart products can serve as entry points into a person’s home network, enabling criminals to exploit vulnerabilities and gain access to sensitive information. Additionally, compromised devices can be weaponized to launch large-scale DDoS attacks or distribute malware.
Real-World Examples of IoT Attacks:
In April 2019, the Microsoft Threat Intelligence Center detected attacks by hackers who gained access to networks through IoT devices such as a VOIP phone, an office printer, and a video decoder. In some cases, the default manufacturer’s passwords had not been changed, while in others, security updates were not applied. These incidents underscore the importance of regularly updating passwords and software to prevent unauthorized access. The Microsoft investigation attributed the attacks to a group known as Strontium, linked to the Russian military agency the Main Intelligence Directorate.
Conclusion:
The lack of transparency from major technology brands regarding the duration of support and security updates for smart products poses significant risks to consumers. It is essential for manufacturers to comply with product security laws and provide clear information to consumers to ensure their safety and protect them from potential cyber threats. As the IoT continues to expand, it is crucial for individuals to prioritize cybersecurity and regularly update their devices to mitigate the risks associated with interconnected smart products.
