Security Status Survey of IoT Devices and Data Submission and Results Announcement Basis Established⋯Government Strengthens Management System, ‘Kim Jang-gyeom, a member of the National Assembly’s Science, Technology, Information, and Communications Committee (People Power Party), proposed a partial amendment to the Act on Promotion of Information and Communications Network Utilization and Information Protection (Information and Communications Network Act) on the 27th. This amendment enables the Ministry of Science and ICT to directly investigate the security status of IoT devices such as robotic vacuum cleaners and IP cameras and transparently disclose the results to the public.’,
Last year, investigations conducted by the Korea Consumer Agency and the Korea Internet & Security Agency (KISA) found multiple security vulnerabilities in Chinese-made products among six robotic vacuum cleaners distributed on the market. Products from Chinese manufacturers Ecovacs and Narwal were deemed insufficient in seven categories. Dreame and Roborock products were also inadequate in five and three categories, respectively.
This investigation was not directly performed by the Ministry of Science and ICT but through related agencies. According to Representative Kim, the ministry, which oversees cybersecurity policy in the private information and communications sector, revealed institutional limitations by not conducting the investigation itself and only providing advice and cooperation.
The current Information and Communications Network Act authorizes the Ministry of Science and ICT to take necessary measures, such as vulnerability checks and technical support, to prevent and curb incidents. However, it does not clearly authorize direct investigation of the security status of IoT devices or public disclosure of the results.
The amendment grants the Ministry of Science and ICT the legal authority to directly investigate the security status of IoT devices suspected of having security vulnerabilities. It allows the Ministry to request submission of necessary data from device manufacturers and importers during the investigation process and to require security improvements if necessary by publishing the investigation results to the public.
Representative Kim stated, “IoT devices closely linked to daily life should not serve as channels for personal information leaks,” and emphasized, “In order to eliminate IoT security blind spots, we will thoroughly verify and manage hardware device security to create a safe digital environment where people can use these devices with confidence.”