Manufacturers and resellers of consumer connectable products may be fined up to £20,000 a day following the passing of the Product Security and Telecommunications Infrastructure (PSTI) Bill.
The bill requires manufacturers, importers and distributors of digital tech which connects to the internet or other products, to meet new cyber security standards.
The bill highlights that only one in five manufacturers currently embed basic security requirements in consumer connectable products.
It will allow the government to ban universal default passwords, force firms to be transparent to customers about what they are doing to fix security flaws in connectable products and create a better public reporting system for vulnerabilities found in those products.
This regime will be overseen by a regulator with the power to fine companies for non-compliance up to £10m or four per cent of their global turnover, as well as up to £20k a day in the case of an ongoing contravention.
NCSC Technical Director Dr Ian Levy said: “The requirements this bill introduces, which were developed jointly by DCMS and the NCSC with industry consultation, mark the start of the journey to ensure that connected devices on the market meet a security standard that’s recognised as good practice.”