Northern Ireland will switch on tougher cybersecurity and privacy requirements for smart devices on 16 December 2025. The Radio Equipment (Amendment) (Northern Ireland) Regulations 2025 were made on 25 November and apply to internet‑connected radio equipment placed on the NI market, from baby monitors and smart toys to wearables and connected gadgets. The Department for Business and Trade has confirmed the changes under the Windsor Framework.

In plain terms, the law adds new “essential requirements” so connected products must not damage networks or degrade service, must protect users from fraud where money or virtual currency can be transferred, and must build in safeguards for personal data and privacy. Toys, childcare kit and anything worn or attached to clothing are explicitly in scope if they process personal, traffic or location data.

For Northern manufacturers and retailers who ship into Belfast or sell online to NI addresses, this is not optional. Goods “placed on the market” in Northern Ireland must meet these EU‑derived rules because the Radio Equipment Directive sits in Annex 2 of the Windsor Framework. For many firms in the North of England, NI is effectively an EU‑rules destination for these products.

Timing matters. Brussels moved the EU start date for these cybersecurity duties to 1 August 2025. NI is now aligning via the UK statutory instrument that takes effect on 16 December 2025, so any cross‑border sales into the Republic of Ireland already need to meet the EU date, with NI following shortly after.

Remember this sits alongside the UK‑wide Product Security and Telecommunications Infrastructure (PSTI) regime, in force since 29 April 2024. PSTI bans universal default passwords, requires a published support period for security updates and a vulnerability disclosure route. The NI rules add radio‑equipment‑specific duties around network resilience, privacy and fraud protection. Firms trading across GB, NI and ROI should plan to comply with both.

Marking and paperwork stay familiar for NI. CE marking continues. If you use a UK conformity assessment body for mandatory third‑party assessment, you must add the UKNI indication alongside the CE mark; UKCA alone is not valid for NI. Technical files and declarations will need to show how the new requirements are met before products are placed on the NI market.

Scope is broad. “Internet‑connected radio equipment” covers devices that talk to the internet directly or via other kit. Wearables include anything worn on the body or attached to clothing, from smartwatches to connected eyewear. There are carve‑outs where other EU regimes already apply (for example medical devices and certain automotive systems).

Conformity assessment is tightened to reflect the extra duties. Where harmonised standards fully cover these new requirements, manufacturers can rely on those standards; where they don’t, involvement of a conformity assessment body is likely. The NI regulations also update the assessment provisions in regulation 41 to point at the new clauses. Keep this in mind when booking test lab time.

This change follows last year’s NI‑only move on common chargers, which made USB‑C the norm for phones, tablets and other categories from 28 December 2024, with laptops following from 28 April 2026. Many local businesses have already adjusted cables, packaging and labelling; the next job is firmware and data protection.

What to do now if you’re based in the North and sell into NI or ROI: map every SKU that connects to the internet; check whether it processes personal, traffic or location data; confirm whether any app or device enables money or “virtual currency” transfers; then update your technical file to show how you meet network‑resilience, privacy and anti‑fraud features. If you can’t lean on harmonised standards, speak to a notified body early about routes to compliance.

Retailers with NI stores or NI distribution should start asking for refreshed declarations and security support information from suppliers, and be clear about cut‑off dates for non‑compliant stock. E‑commerce sellers shipping direct to NI addresses need the same discipline-goods are “placed on the market” when first supplied, not when they hit a warehouse shelf.

For all the politics, this is ultimately practical. The rules aim to cut botnet traffic, protect children’s data and clamp down on payment fraud in consumer electronics. For Northern firms used to juggling GB and EU standards, the quickest path is to design to the stricter rule set and keep the paperwork clean so products can move from Leeds to Belfast to Dublin without costly rework.