If you're shopping for smart tech on an online marketplace, the picture is even bleaker – we found hundreds of smart gadgets for sale through eBay, Amazon and Temu that seemingly did not come close to adhering to the law, and could end up putting your security at risk.
Why smart tech sold on online marketplaces could be breaking the law
Based on our snapshot research, 248 out of 282 (88%) of the listings we reviewed were, in our view, non-compliant with the update policy component of PSTI. This states that all brands should have published a policy stating how long they will support the product at a minimum in a period of years with a clear end date.
In the majority of cases this was because there was no brand attached to the product (even the few branded products had curious names such as ‘passion-fruit-4u’), and so there was no website through which to publish the update policy. We also checked for a policy on the marketplace listing.
AmazoneBayTemu
A lot of these marketplace products appeal to budget conscious shoppers. They look like Ring or Nest devices, but cost a fraction of the price. The average price of a wireless camera on Temu at the time was just £15.50, while you could pick up a smart doorbell on eBay for just £25 on average.
The online marketplaces 'loophole'
These smart products fall into a rather substantial loophole under the PSTI legislation. During the passage of law we expressed concern that online marketplaces were not proposed to be included in the definition of retailers, importers or distributors. This meant that they would have limited to no responsibilities to proactively take action under the legislation.
We proposed to expand the definition of ‘distributors’ to include ‘listings platforms’, auction sites and other marketplaces. This was denied by the Government at the time, so under this legislation marketplaces are not responsible for compliance.
Manufacturers do have a responsibility under the Act, but as the majority of the marketplace smart products are produced in China and then re-distributed by a network of sellers, it is hard to pin down who is responsible to comply.
Even if an update policy was stated for these devices, could you really trust that it would be honoured and a critical vulnerability with your product actually fixed?
How the marketplaces responded to our findings
eBay
When we presented our findings in 2024, the auction site said: 'As stated in the PSTI Act, it is the responsibility of the manufacturer of the smart product to publish a security updates policy guarantee, ensuring relevant information is available for consumers at the point of sale. eBay is a third-party marketplace that doesn’t sell, manufacture or handle goods directly, and is not responsible for the provision of this information.'
We were still able to find thousands of unbranded smart products for sale on eBay after reporting our concerns.
Amazon
Temu
'Going forward, only sellers who submit proof of compliance with the PSTI Act will be allowed to list their smart products on Temu. We are actively working with our sellers to guide them through this process and will continue to monitor our platform to maintain compliance with the PSTI Act and all other applicable regulations.'
How to shop for smart tech on online marketplaces
The sheer volume of unbranded smart products, including brands that only appear on online marketplaces, is vast. And with the lack of an established brand making it far more difficult to adhere to these new laws, you should be extra cautious when it comes to purchasing anything that might pose a security risk to your home.
Our tips below can help you spot potentially insecure tech when shopping for new smart devices on online marketplaces:
Brand awarenessCuriosity killed the copycatCheck the reviews
What to do if your smart tech is no longer supported
As smart products have been unregulated for so long, there will be thousands of unsupported devices in consumer homes right now - maybe even yours. But don’t panic. An unsupported smart device isn’t immediately going to get hacked or stop working. However, these risks increase as soon as that support is removed.
With any unsupported device, are there ways to use it more safely? A smart TV could be ‘upgraded’ by purchasing a new smart TV stick. A smart appliance could be disconnected from your wi-fi and still used the traditional way. For some devices, the only choice might be to upgrade.
We all need to take this seriously, though, as the smart home will eventually become the next frontline of fraud and cybercrime.
News, deals and stuff the manuals don't tell you.source https://www.which.co.uk/news/article/online-marketplaces-smart-tech-aqJAQ7v8rRew