The Consumer Product Safety Commission’s (CPSC) recall announcement webpage reads like a horror house of hazards threatening the public, including burns, electric shock, drowning, strangulation, and fire.
But one threat that may frighten many consumers, and doesn’t necessarily yet rise to the level of a recall, is cybersecurity vulnerability.
The CPSC’s Recall Handbook states that companies must report products that “contain a defect that creates a substantial risk of injury to the public to warrant such remedial action.” But there are instances where security vulnerabilities with connected products have been exposed. In some cases, toys and other children’s products have been hacked, allowing the criminals to spy on children, track their movements, and even speak to them inappropriately.
At what point does this type of hacking present a “substantial hazard” warranting a recall as the CPSC requires? Hacking a medical device like a pacemaker can mean life or death. While a connected toy that’s mobile could pose a threat or inflict physical harm if commandeered by a hacker, these kinds of vulnerabilities usually don’t trigger a recall. In fact, in its notice of a public hearing, the commission said:
While cybersecurity vulnerability isn’t as high a priority for recall regulators, there are other regulations that might apply in helping to keep the public safe. The Children’s Online Privacy Protection Rule (COPPA), includes guidance from the Federal Trade Commission to clarify the law “can apply to the growing list of connected devices that make up the Internet of Things. That includes connected toys and other products intended for children that collect personal information, like voice recordings or geolocation data.”
Regardless of whether a product falls under these mandates, regulatory rules aren’t the only factors manufacturers must consider when it comes to product safety. Some retailers have stopped carrying children’s products that have reportedly been hacked, causing damaged brands and negative headlines across the country. And as far as most parents are concerned, these examples of hacking are very frightening. They may expect companies to recall vulnerable products – even if they are not technically required to do so.
Stericycle Expert Solutions focuses on helping customers by providing proven, customer-centric, scalable services that protect people and brands, promote health and safeguard the environment.find out more
Teen drivers who don't buckle their seat belts in select new Chevy cars won't get very far in a hurry. #Chevy keepi… https://t.co/iuq377Pe8W
If you’re ready to get started with our extensive suite of services then contact us today. We have a team of experts ready to assist you!Contact Us today