法律人 LawPlayer logo

資料由法律人 LawPlayer整理提供·UK legislation / curated by LawPlayer from legislation.gov.uk

Statutory Instrument

The Product Security and Telecommunications Infrastructure (Security Requirements for Relevant Connectable Products) (Amendment) (No. 2) Regulations 2025

Citation
S.I. 2025/1267
As at
Sections
8
Section 1Citation, commencement, extent and interpretation

(1) These Regulations may be cited as the Product Security and Telecommunications Infrastructure (Security Requirements for Relevant Connectable Products) (Amendment) (No. 2) Regulations 2025.

(2) These Regulations come into force on the day after the day on which they are made.

(3) These Regulations extend to England and Wales, Scotland and Northern Ireland.

(4) In these Regulations, “ the 2023 Regulations ” means the Product Security and Telecommunications Infrastructure (Security Requirements for Relevant Connectable Products) Regulations 2023 .

Section 2Amendment to the 2023 Regulations

The 2023 Regulations are amended in accordance with regulations 3 to 8.

Section 3Amendment to regulation 2

In regulation 2 (interpretation) in paragraph (1), at the appropriate places insert—

“ Japan JC-STAR STAR-1 ” means the Labeling Scheme based on Japan Cyber-Security Technical Assessment Requirements (JC-STAR) STAR-1 Conformance Requirements and Assessment Methods published by the Information-technology Promotion Agency, Japan (JST-CR-01-01-2024R1, December 2024) ;”;

““ Singapore Cybersecurity Labelling Scheme ” means the Cybersecurity Labelling Scheme published by the Cyber Security Agency of Singapore, the specifications for which are in document CCC SP-151-2 CLS(IoT) Scheme Specifications (version 1.4, April 2025) .

Section 4Insertion of regulation 4A

After regulation 4, insert—

Deemed compliance with the requirement to have a relevant connectable product accompanied by a statement of compliance

(4A) Schedule 2A specifies the conditions under which a manufacturer is to be treated as having complied with the requirement to have a relevant connectable product accompanied by a statement of compliance for the purposes of section 9 (statements of compliance).

Section 5Amendments to Schedule 2

(1) Paragraph 1 of Schedule 2 (conditions for deemed compliance with security requirements) to the 2023 Regulations is amended according to paragraphs (2) to (4).

(2) In paragraph 1(1), for “the condition in sub-paragraph (2) is” substitute “any of the conditions in sub-paragraphs (2) to (4) are” .

(3) In paragraph 1(2), for “The condition is that” substitute “Condition A is that” .

(4) After paragraph 1(2), insert—

(3) Condition B is that the relevant connectable product, of which they are the manufacturer, is currently assigned a conformance label under the Japan JC-STAR STAR-1 as an indicator of compliance with the requirements set out in JC-STAR STAR-1, and that label has not expired.

(4) Condition C is that the relevant connectable product, of which they are the manufacturer, is currently awarded a label under any level of the Singapore Cybersecurity Labelling Scheme as an indicator of compliance with the requirements set out in that scheme, and that label has not expired.

Section 6

(1) Paragraph 2 of Schedule 2 (conditions for deemed compliance with security requirements) to the 2023 Regulations is amended according to paragraphs (2) to (4).

(2) In paragraph 2(1), for “the condition in sub-paragraph (2) is” substitute “any of the conditions in sub-paragraphs (2) to (2B) are” .

(3) In paragraph 2(2), for “The condition is that” substitute “Condition A is that” .

(4) After paragraph 2(2), insert—

(2A) Condition B is that the relevant connectable product, of which they are the manufacturer, is currently assigned a conformance label under the Japan JC-STAR STAR-1 as an indicator of compliance with the requirements set out in JC-STAR STAR-1, and that label has not expired.

(2B) Condition C is that the relevant connectable product, of which they are the manufacturer, is currently awarded a label under any level of the Singapore Cybersecurity Labelling Scheme as an indicator of compliance with the requirements set out in that scheme, and that label has not expired.

Section 7

(1) Paragraph 3 of Schedule 2 (conditions for deemed compliance with security requirements) to the 2023 Regulations is amended according to paragraphs (2) to (4).

(2) In paragraph 3(1), for “the condition in sub-paragraph (2) is” substitute “any of the conditions in sub-paragraphs (2) to (2B) are” .

(3) In paragraph 3(2), for “The condition is that” substitute “Condition A is that” .

(4) After paragraph 3(2), insert—

(2A) Condition B is that the relevant connectable product, of which they are the manufacturer, is currently assigned a conformance label under the Japan JC-STAR STAR-1 as an indicator of compliance with the requirements set out in JC-STAR STAR-1, and that label has not expired.

(2B) Condition C is that the relevant connectable product, of which they are the manufacturer, is currently awarded a label under any level of the Singapore Cybersecurity Labelling Scheme as an indicator of compliance with the requirements set out in that scheme, and that label has not expired.

Section 8Insertion of Schedule 2A

After Schedule 2 (conditions for deemed compliance with security requirements), insert—

Conditions for deemed compliance with the requirement to have a relevant connectable product accompanied by a statement of compliance

(1) A manufacturer is treated as having complied with the requirement at section 9(2) (statements of compliance) if any of the conditions in paragraphs 2 and 3 are met.

(2) Condition A is that the relevant connectable product, of which they are the manufacturer, is currently assigned a conformance label under Japan JC-STAR STAR-1 as an indicator of compliance with the requirements set out in JC-STAR STAR-1, and that label has not expired.

(3) Condition B is that the relevant connectable product, of which they are the manufacturer, is currently awarded a label under any level of the Singapore Cybersecurity Labelling Scheme as an indicator of compliance with the requirements set out in that scheme, and that label has not expired.

8 sections

Cite this legislation

The Product Security and Telecommunications Infrastructure (Security Requirements for Relevant Connectable Products) (Amendment) (No. 2) Regulations 2025 (legislation.gov.uk, OGL v3.0). Retrieved via LawPlayer, https://lawplayer.com/uk/act/uksi-2025-1267 (accessed 2026-07-06)

Contains public sector information licensed under the Open Government Licence v3.0.

OGL-3

本頁資料來源:legislation.gov.uk (The National Archives)·整理提供:法律人 LawPlayer· lawplayer.com