2018 California Code
Civil Code - CIV
DIVISION 3 - OBLIGATIONS
PART 4 - OBLIGATIONS ARISING FROM PARTICULAR TRANSACTIONS
TITLE 1.81.26.a - Security of Connected Devices
(a) A manufacturer of a connected device shall equip the device with a reasonable security feature or features that are all of the following:
(1) Appropriate to the nature and function of the device.
(2) Appropriate to the information it may collect, contain, or transmit.
(3) Designed to protect the device and any information contained therein from unauthorized access, destruction, use, modification, or disclosure.
(b) Subject to all of the requirements of subdivision (a), if a connected device is equipped with a means for authentication outside a local area network, it shall be deemed a reasonable security feature under subdivision (a) if either of the following requirements are met:
(1) The preprogrammed password is unique to each device manufactured.
(2) The device contains a security feature that requires a user to generate a new means of authentication before access is granted to the device for the first time.
(Added by Stats. 2018, Ch. 886, Sec. 1. (SB 327) Effective January 1, 2019. Operative January 1, 2020, pursuant to Section 1798.91.06.)