Crypto-regulation: A new law in China regulates the use of encryption, but it’s aimed at strengthening it, at least in some settings, Reuters reports. The law is aimed at aiding the development of a digital currency in China, and it is focused on “facilitating the development of the cryptography business and ensuring the security of cyberspace and information,” according to the official Xinhua news agency. The law also requires that all state secrets be stored and transmitted using “core and common” encryption, Engadget says.
Build your own: Some rural Colorado communities are tired of waiting for large broadband providers to bring them service and are seeking grants or forming partnerships to build their own networks, the Canon City Daily Record says. Grants from the state at the Federal Communications Commission are helping communities build fiber networks.
Not so secure: Wyze Labs, the maker of a line of IoT-connected security cameras, has announced a data breach affecting 2.4 million customers. The breach included WiFi network details and customer email addresses, Salon reports. The security cameras don’t appear to be compromised, but compromised email addresses can lead to further customer data breaches, the story notes. Also, there’s this: “The blog Twelve Security made the breach public the day after Christmas. Wyze executives were only made aware of it after a customer posted the blog post on a Wyze online forum. Once executives audited the breach, they discovered a second one occurred on Dec. 27.”
Security rules: A new California IoT security law went into effect on Jan. 1, and it requires IoT makers to take “reasonable” security measures, whatever that means, Technowize reports. While the law is a big vague, it does focus on ending default passwords on connected devices.
Privacy rules: In addition to the IoT security law, the California Consumer Privacy Act also took effect on Jan. 1. There are still questions about compliance, The Verge says, but it does require companies to disclose how they use customers’ personal information, and it allows customers to ask companies to delete their data. And, given that the law covers any business doing significant business in California, it will become the de facto national standard in the U.S.