In The News

California's IoT Security Law Causing Confusion


19 Sep 2019

Morrison & Foerster partner Christine E. Lyon spoke to DARKReading about California’s Internet of Things security law, which goes into effect on January 1, 2020.

The way the law is written seems “specific to authentication,” Chris notes, adding that authentication “seems sufficient, but what I suspect will happen over time is that we will see more specificity around the required security features.”

The law applies to all devices sold in the state regardless of where they are made. Chris states that “the impact of the law will likely be national” and “because the law’s requirements are not onerous, and because it is time consuming to create a special version of products just for the Californian market, companies will probably implement these changes across all their products.”



Unsolicited e-mails and information sent to Morrison & Foerster will not be considered confidential, may be disclosed to others pursuant to our Privacy Policy, may not receive a response, and do not create an attorney-client relationship with Morrison & Foerster. If you are not already a client of Morrison & Foerster, do not include any confidential information in this message. Also, please note that our attorneys do not seek to practice law in any jurisdiction in which they are not properly authorized to do so.