Consumers’ data and IT systems are increasingly faced with online threats. Examples include identity and data theft or attempts of digital blackmailing.
Current laws insufficiently protect consumers from these threats. For example, connected devices may enter the market without significant IT security mechanisms. Providers of digital services only have to meet vague specifications for securing their infrastructure. If security problems occur, affected consumers have no right to be notified quickly about the issue or, if necessary, to receive technical assistance in the form of security updates.
This is why vzbv is advocating for a legal obligation to implement security-by-default and security-by design: products need secure software designs and must contain pre-activated security mechanisms upon delivery.
- standard encryption of sensitive data
- standard secure authentication mechanisms
- provision of security updates over the entire product lifetime
- immediate, targeted and comprehensible consumer information