Contact us

Navigating the UK's New Product Security (PSTI) Regime: What Businesses Need to Know

4th April 2024

On April 29, 2024, the UK will witness a significant shift in its consumer product landscape with the implementation of the Product Security and Telecommunications Infrastructure (PSTI) regime. Designed to safeguard consumers and uphold the integrity of the telecommunications infrastructure, this legislation mandates stringent security requirements for manufacturers, importers, and distributors of consumer-connectable products, commonly referred to as "smart" products. As businesses prepare to comply with these regulations, understanding the key provisions is paramount. Here's what you need to know to navigate the changing regulatory landscape.

Compliance Commencement:

The PSTI Act 2022, alongside the Product Security and Telecommunications Infrastructure (Security Requirements for Relevant Connectable Products) Regulations 2023, will officially come into force on April 29, 2024. This signals a crucial deadline for businesses in the supply chain of consumer-connectable products to ensure compliance with the legislation.

Key Players:

The obligations under the regime extend to manufacturers, importers, and distributors of relevant connectable products. Additionally, manufacturers appointing authorised representatives must ensure compliance, although this does not absolve them of liability. Clear definitions provided within the legislation delineate the roles and responsibilities of each economic actor.

Duties and Obligations:

Chapter 2 of the PSTI Act outlines the duties of relevant persons, emphasising the importance of adhering to the security requirements specified in Schedule 1 of the Regulations. Notably, manufacturers and importers are mandated to produce a statement of compliance containing essential information, which must accompany the product.

Defining Relevant Connectable Products:

Understanding the scope of "relevant connectable products" is pivotal in determining the applicability of specific duties. As per Section 4 of the Act, such products encompass internet-connectable or network-connectable items, excluding those listed as excepted products in Schedule 3 of the Regulations.

Security Requirements:

Schedule 1 of the 2023 Regulations delineates specific security requirements that businesses must fulfil. These include provisions related to unique passwords, information dissemination on reporting security issues, and minimum-security update periods. Compliance entails ensuring passwords are not easily guessable and providing clear, accessible information to consumers.

Enforcement Mechanisms:

The Office for Product Safety and Standards (OPSS) will oversee the enforcement of the PSTI Act 2022 and the 2023 Regulations. Leveraging existing processes and collaborations, OPSS aims to enforce the product security regime robustly and proportionately, taking necessary action against non-compliant businesses.

As the UK gears up to implement the PSTI regime, businesses must proactively engage with the regulatory framework to ensure compliance and maintain consumer trust. By adhering to the stipulated duties and security requirements, stakeholders can navigate the evolving landscape of product security while fostering a safer and more resilient consumer ecosystem. Stay informed, stay compliant, and embrace the opportunity to contribute to a more secure future for all.

Talk to our experts and optimise your print setup today

Principal can help you with all of your office print requirements, call us on 0333 240 8130

Contact us