On 13 January the European Commission organised and hosted a workshop in Brussels, the main purpose of which was ‘to discuss minimum baseline security and privacy requirements along the entire networked architecture and value chain similar in various sectors.’ It took them a while for them to publish a report, but it’s an interesting read for this group nonetheless, I imagine. ‘Participants were asked to come with, reflect and comment on concrete minimum IoT privacy and security principles to create a trusted IoT environment’ The results of the workshop can be found at https://ec.europa.eu/digital-single-market/en/news/internet-things-privacy-s... (Was anyone on the list there btw?) As the EU is part of the RIPE NCC service region, I think it is important to follow closely what the EC is up to and it probably makes sense to engage with them on this topic if we’re not already doing so.