"We can’t allow IoT vendors to pass off all such liability to the consumer": Investigating the U.S. Legal Perspectives on Liability for IoT Product Security
Prianka Mandal, Amit Seal Ami, Iria Giuffrida, Daniel Shin, Ella Sullivan, Adwait NadkarniWilliam & Mary
IEEE Symposium on Security and Privacy 2025 · Day 3 · Embedded and Wireless Security
The proliferation of Internet of Things (IoT) devices has introduced unprecedented convenience into daily life, yet it has simultaneously opened a Pandora's Box of security vulnerabilities. With billions of connected devices entering homes and critical infrastructure, the question of who bears responsibility when these devices are exploited—especially those that have undergone security certification—remains critically ambiguous. This talk, presented by Prianka Mandal and a collaborative team of security and law researchers from William & Mary, delves into the complex landscape of legal liability for IoT product security in the United States. It meticulously examines how IoT vendors attempt to contractually disclaim responsibility and contrasts these practices with the perspectives of legal experts.