Free tools and resources for Data Protection Officers!

California introduces new data security requirements for manufacturers of connected devices

Effective January 1, 2020, according to a new Cal. Civ. Code § 1798.91.04(a), manufacturers of connected devices offered for sale or sold in California must equip such devices with reasonable security features to protect the device and any information contained in them from unauthorized access, destruction, use, modification, or disclosure.

Unlike the GDPR and other data privacy laws, which impose obligations on data controllers and processors, the Californian law applies to organizations irrespective of whether they control or process personal data through the device.

Source: California – New data security requirements for manufacturers of connected devices

>