The EU-GDPR enters into force on 28 May 2018. Its new provisions on data privacy also affect manufacturers and providers of products that are connected with the Internet and communicate independently through the network - if they store or process personal data. The purpose of the new TÜV Rheinland certificates is to gain the customer’s trust as they confirm that the range of products and services tested complies with data privacy regulations. In the case of products, there are up to 50 individual requirements that can be tested on the basis of the EU-GDPR and, in the case of services, 26 requirement categories are tested, up to and including the penetration test for the detection of security vulnerabilities.
According to the German newspaper "Süddeutsche Zeitung" , more than 5 million new devices are connected to the Internet every day. This increases the security risks, for example due to badly programmed devices. Ajay Kumar of searchsecurity.de stresses that "in a lot of cases, security is not given top priority in the development of embedded operating systems". That is why there are vulnerabilities in a large number of devices. Companies and users should prepare themselves to deal with these problems, for example by developing an understanding of the complexity of the subject and implementing security checks.