The Federal Communications Commission has issued a formal Notice of Proposed Rulemaking (NPRM) for the U.S. Cyber Trust Mark labeling program for smart devices announced in July with the Biden administration. The voluntary program to provide certification for baseline cybersecurity standards is designed to help consumers make informed purchase decisions regarding Internet of Things (IoT) products. The FCC, which proposes to own the new Cyber Trust trademark and administer it in conjunction with third parties, is now officially soliciting comments from industries and the public on the scope of the proposed program.

“Last year, more than 110 million IoT malware attacks took place — an 87 percent increase from the previous 12 months,” TechCrunch reports, adding that “tens of billions more endpoints are coming online” for connected devices “in the modern home and office.”

Against this backdrop of rapid growth, the government has made cybersecurity a top priority, as detailed in July when it announced plans for the U.S. Cyber Trust Mark to help Americans identify and purchase secure products. The U.S. program follows a similar approach by the European Union called the Cyber Resilience Act.

Those who plan to manufacture and sell IoT compatible devices in the U.S. should start now in implementing cybersecurity standards as labeled devices are expected to begin shipping late next year. “The movement to implement a standard is slow and vague, but the problem for IoT devices is real,” writes Ars Technica, providing details on “what counts as secure.”

Although the Cyber Trade Mark plan is currently voluntary, TechCrunch suggests “there’s a strong possibility that it will become mandatory in a few years,” adding that “device makers that don’t join now risk fines or expensive retrofitting of whole device fleets.” The EU plan stipulates fines of up to €10 million (nearly $11 million) or an amount equivalent of up to 2 percent of worldwide sales for non-compliant IoT devices.

CEPro points out that Crestron, a custom installer and “one of the largest players in both the residential and commercial integration space, says the program would be a net positive to the entire smart home industry.” The endorsement is significant, according to CE Pro, because companies like Creston “install higher-end smart home and IoT products that typically aren’t found in stores or on retail sites and are only available through specialty distributors.”

FCC Chair Jessica Rosenworcel says the FCC is now looking for input on “how best to establish this voluntary labeling program, the scope of eligible devices, the mechanics of managing this program, how to further develop standards that could apply to different kinds of devices, how to demonstrate compliance with those standards, and how best to educate consumers.”