New UK Laws Want Apple to State for How Long iPhones Will Receive Security Updates

In Short
  • A new British cybersecurity law requires smart device manufacturers like Apple must maintain minimum security standards or face huge penalties.
  • Mainly, for Apple, one part of the law that matters the most is revealing the duration of security updates for iPhones.
  • In case of any non-compliance, the offended company will have to pay a fine of up to £10 million or 4% of the company's global turnover.

The UK enforces new cybersecurity laws to protect consumers and businesses from hacking and cyber-attacks. According to these British laws, smart device manufacturers like Apple must maintain minimum security standards to safeguard internet-connected devices against cyber criminals. Otherwise, they will have to face hefty penalties.

The legislation, known as the  Product Security and Telecommunications Infrastructure (PSTI) Act, introduces a series of robust measurements and improved security protections to make it harder for cybercriminals to access private networks and steal personal information. 

iOS 17.4 released

The British cybersecurity law specifically targets the inadequacies in current security measures and it mandates the following three changes to tackle the threat of cybercrime.

  • Common or easily guessable passwords like ‘admin’ or ‘12345’ will be banned to prevent vulnerabilities and hacking  
  • Manufacturers have to publish contact details so bugs and issues can be reported and dealt with  
  • Manufacturers and retailers will have to be open with consumers on the minimum time they can expect to receive important security updates  

These UK cybersecurity laws apply to all companies manufacturing or selling phones, TVs, smart doorbells, and other smart devices in the UK.

Talking about Apple, the new rule requires it to review how its products comply with these enhanced standards. Although Apple devices do not employ default passwords, the company must guarantee that all connected devices sold in the UK clearly convey the duration of security support updates to customers. In addition to these requirements, the impacted companies must set up or improve their contact channels for reporting security issues.

Moving on, Apple store retailers have to provide customers with point-of-sale details regarding the cybersecurity measures that are relevant to the devices they buy. In case of any non-compliance, the PSTI Act has some strict penalties and fines that can reach up to £10 million (approx $12.5 million USD) or 4% of the company’s global turnover.

Well, it seems this is the year when Apple has to make some big changes to its operating systems, App Store policies, and whatnot. Recently, it made several changes to iOS and App Store like support for third-party marketplaces, and launched several EU-exclusive features. Now, the EU has identified iPadOS as a digital gatekeeper. So, Apple will have to overhaul a lot of things to avoid a massive lawsuit.

comment Comments 0
Leave a Reply