Re: certification of IoT devices analogous to UL etc Another potentially useful channel to give this idea legs are insurance companies, get them involved if possible. They underwrite the risks particularly liability risks for manufacturers. That's why "Underwriters Laboratory" is called that, ultimately it's an arm of the insurance industry. If the insurance companies tell a manufacturer they won't cover risk for any non-certified device the device will almost certainly be improved. Similar repercussions for wholesale and retail outlets who could decide to just not offer non-certified devices, for insurance reasons and otherwise. As to those who would try maneuvers such as bankrupting or using shell companies which are dissolved when liabilities occur such willful acts often allow "piercing of the corporate veil". That is, those individuals involved can be sued or held criminally liable personally and any such indemnification made worthless as a protection or defense. In the US, at least, if there's a pattern of such behavior, such as serially setting up shell corps and bankrupting them when trouble arises, the fearsome RICO statutes can be invoked. Basically they provide the added felonies of racketeering and engaging in a conspiracy to commit criminal acts. Not being located in the US may not be sufficient for evasion of prosecution, merely doing business in the US (e.g., selling one's products, establishing a "nexus") can make one a valid target for US (and other) law enforcement. The fly I see in all this ointment is that getting there could be a lot of honest work so who would do that and champion this idea? -- -Barry Shein Software Tool & Die | bzs@TheWorld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: +1 617-STD-WRLD | 800-THE-WRLD The World: Since 1989 | A Public Information Utility | *oo*