Japan is proposing to amend the Ordinance Concerning Terminal Facilities

Japan is proposing to amend the Ordinance Concerning Terminal Facilities. This has reference to TBT notification no. G/TBT/N/JPN/610 dated 31st October 2018, issued by the Ministry of Internal Affairs and Communications. The products mentioned in the notification falls under the HS Code 851769.

 

Reasons for amendment

 

In recent years, there has been an increasing number of cases where IoT devices were hijacked and abused for DDoS attacks and other cyber attacks to cause problems on the Internet. Accordingly, minimum security measures shall be added to the technical standards of terminal equipment including IoT devices in order to ensure the safety and reliability of information and communications networks.

Outline of the amendment

 

Functions equal to or higher than those specified in following conditions (1) to (4) shall apply as security measures to terminal equipment that uses the Internet Protocol and is connected to digital data transmission equipment, provided that settings for telecommunications functions (limited to those related to transmission and reception) incorporated by the terminal equipment can be changed through telecommunications line equipment to be connected.

 

(1)   Terminal equipment shall incorporate an access control function to allow setting changes in the telecommunications functions of the terminal equipment.

(2)   An identification code shall be provided for the access control function specified in (1). The identification code shall incorporate a function or a feature to prompt the user to make a change to the code if it has been present in the terminal equipment. Otherwise, terminal equipment shall be provided with a unique identification code or a similar effective means shall be taken to terminal equipment.

(3)   Terminal equipment shall accept the updating of software related to the telecommunications function of the terminal device.

(4)   Terminal equipment shall maintain settings for the access control function specified in (1) and the software updated by the function specified in (3) even if power supply to the terminal equipment fails.

However, the above security measures shall not apply to particular types of terminal  equipment (e.g., PCs or smartphones) if they incorporate functions equal to or higher than those of (1) to (4) and can use any kinds of software to be made changes in the functions by users at any time and with ease.

Terminal equipment that has acquired security certification (CC certification) based on international standard ISO/IEC 15408 shall be deemed to have functions equal to or higher than those of (1) to (4).

The above conditions may not apply to terminal equipment if it has obtained technical standards conformity approval in accordance with the Telecommunications Business Act or certification of type in accordance with the same Act.

This amended regulation will enter into force on April 2020.

TBT notification and regulation are attached.

 Inputs / comments on this issue may kindly be forwarded to tbtenquirytel.tec@gov.in for compilation and onward submission to Department of Commerce for responding to this notification.

Comments, if any, may be sent by 5th December 2018.

By TEC