The Federal Communications Commission (FCC) announced this week that it is looking for a new organization to serve as the lead administrator for its U.S. Cyber Trust Mark Program.
The search begins after UL Solutions – known up until 2012 as Underwriters Laboratories – withdrew as the lead administrator last month, following reports that the FCC was investigating the company’s alleged ties to China.
In a public notice released on Jan. 6, the FCC said it is accepting applications for the lead administrator role until Jan. 28. The lead administrator acts as a liaison between the FCC and the cybersecurity labeling administrators.
“We just opened up this week a new comment period for people to volunteer to be the lead administrator, and so, we’re all in on that,” FCC Chair Brendan Carr said Thursday while speaking at CES in Las Vegas. “We hope to get one or more, hopefully, companies that want to perform the lead administrator role, and we’ll work with them to finalize all the steps to stand the program up.”
Carr explained that when evaluating the applications, the FCC will be looking at an organization’s “national security,” as well as making sure the company is U.S.-based. “We’ll do some good vetting,” he said.
The U.S. Cyber Trust Mark is a voluntary cybersecurity labeling program for wireless internet of things (IoT) devices marketed to consumers. The FCC launched the program in January 2025.
Under the program, qualifying smart products that meet cybersecurity standards will be able to bear a U.S. Cyber Trust Mark label on their products. The label will also be accompanied by a QR code that consumers can scan for more security information on those products.
Products covered under the program include wireless IoT devices such as home security cameras, internet-connected appliances, fitness trackers, garage door openers, and baby monitors.
“This program is a really good concept. It’s built effectively on the idea of the Energy Star program, which is a very voluntary system where, if you go through it, you get a certificate, a label, and it can give consumers a little bit more information and comfort with investing and purchasing in, say, an IoT device,” Carr said.
“These IoT devices, in many cases, are so cheap and inexpensive that there isn’t necessarily the incentive to make sure they have robust cybersecurity protection,” he added.