• August 1st, 2017

As the House of Representative ponders new legislation for self-driving cars, the U.S. Senate is looking at possible cybersecurity regulations that could address issues with connected cars and the fear of car hacking. A new Senate bill aims to enact stricter security protocols for the array of connected devices that comprise the so-called “Internet of Things,” including cars. Put forward by a bipartisan group of senators, the bill is one of the first major legislative steps to address security vulnerabilities in consumer products.

According to Reuters, the bill would require companies to provide Internet-connected devices to the federal government to determine whether they are patchable, and whether they meet other cybersecurity requirements. It would also prohibit companies from selling products with unchangeable passwords, or that possess known security vulnerabilities.

The bill would also expand legal protections for cybersecurity researchers working in “good faith.” These researchers often hack consumer products to expose vulnerabilities and bring them to the attention of manufacturers. Such research was demonstrated in dramatic fashion in 2015, when white hat hackers Charlie Miller and Chris Valasek digitally cracked into a Jeep Cherokee through its infotainment system. Fiat Chrysler Automobiles subsequently issued a software update to address the vulnerability.