Well, my comment is predicated on the, apparently erroneous :), assumption that no glass is brick-proof. It is impossible to build a secure software product with our current tooling & development practices. The number of security flaws in every software product is so high as to make the label meaningless. I don't think there's a meaningful distinction to end consumers between "this product has 1,000 holes, 100 of which are publicly disclosed" (i.e. no label) and "this product has 900 holes" (i.e. with label).
A car that's safe to crash in is also impossible to build, but the NHTSA has standardized crash tests that they built up over time that has meaningfully made cars safer.
+1 for having a bare minimum requirements for IOT sellers against some standard testing criteria. Raise the bar but
Possibly another important would be NHTSA gathers and publishes numbers on accidents. Having some regularly published numbers would certainly shine more light and is probably lowest hurdle to cross from a political standpoint.
