--- title: "ETSI EN 303 645 telemetry: what should consumer IoT teams evidence?" canonical_url: "https://www.sorena.io/artifacts/global/etsi-en-303-645/faq/telemetry" source_url: "https://www.sorena.io/artifacts/global/etsi-en-303-645/faq/telemetry" author: "Sorena AI" description: "ETSI EN 303 645 telemetry guidance for consumer IoT teams: security anomaly examination, IXIT 24-TelData evidence, personal-data minimization, and consumer telemetry disclosures." published_at: "2026-05-09" updated_at: "2026-05-09" keywords: - "ETSI EN 303 645 telemetry" - "consumer IoT telemetry" - "security anomalies" - "IXIT 24-TelData" - "TS 103 701" - "ETSI EN 303 645" - "telemetry" - "consumer IoT security" - "IXIT evidence" --- **[SORENA](https://www.sorena.io/)** - AI-Powered GRC Platform [Home](https://www.sorena.io/) | [Solutions](https://www.sorena.io/solutions) | [Artifacts](https://www.sorena.io/artifacts) | [About Us](https://www.sorena.io/about-us) | [Contact](https://www.sorena.io/contact) | [Portal](https://app.sorena.io) --- # ETSI EN 303 645 telemetry: what should consumer IoT teams evidence? ETSI EN 303 645 telemetry guidance for consumer IoT teams: security anomaly examination, IXIT 24-TelData evidence, personal-data minimization, and consumer telemetry disclosures. *Artifact Guide* *GLOBAL* *ETSI EN 303 645* ## ETSI EN 303 645 Telemetry evidence for consumer IoT products A focused answer on how ETSI EN 303 645 treats collected telemetry data, security anomaly examination, and user-facing telemetry information. Grounded in ETSI EN 303 645 and ETSI TS 103 701. Use it as implementation guidance, not for legal interpretation. Short answer: if a consumer IoT device or service collects telemetry, ETSI EN 303 645 provision 5.10-1 says that telemetry should be examined for security anomalies. The evidence should identify each telemetry category, its purpose, whether and how it is examined for anomalies, who performs that examination, whether personal data is involved, and what information is provided to consumers. ## What does ETSI EN 303 645 say about telemetry? EN 303 645 defines telemetry as data from a device that can help the manufacturer identify issues or information related to device usage. Provision 5.10-1 is conditional: if telemetry data is collected from consumer IoT devices and services, such as usage and measurement data, it should be examined for security anomalies. The standard gives practical examples of the kind of security signal it expects teams to look for: deviations from normal device behaviour, such as an abnormal increase in failed login attempts, or telemetry across multiple devices showing that updates are failing because software update authenticity checks are invalid. - Start by listing the telemetry actually collected by the device and associated services, not by writing a generic monitoring statement. - For each telemetry category, document whether it is used for security anomaly examination or only for another purpose such as performance or stability analysis. - Keep the claim conditional: EN 303 645 does not require every product to collect telemetry, but collected telemetry should be examined for security anomalies. Sources for this answer: - [ETSI EN 303 645 V2.1.1, clause 5.10](https://www.etsi.org/deliver/etsi_en/303600_303699/303645/02.01.01_60/en_303645v020101p.pdf?ref=sorena.io) - Primary ETSI source for provision 5.10-1 on examining collected telemetry for security anomalies. - [ETSI TS 103 701 V2.1.1, test group 5.10-1](https://www.etsi.org/deliver/etsi_ts/103700_103799/103701/02.01.01_60/ts_103701v020101p.pdf?ref=sorena.io) - Assessment source for checking that at least one security examination is provided in IXIT 24-TelData and that the telemetry description fits the examination. ## What evidence should support a telemetry claim? TS 103 701 turns the telemetry provision into IXIT 24-TelData evidence. The completed IXIT lists telemetry collected by the device and associated services, with an identifier, description, purpose, security examination, and references to any personal data processed in the telemetry data. For provision 5.10-1, the test laboratory checks whether at least one security examination is provided in IXIT 24-TelData for examining security anomalies. It also assesses whether each associated telemetry description is suited to the described security examination. - Use a TelData entry for each meaningful telemetry category, such as crash logs, update failure signals, failed-login indicators, usage measurements, or stream metadata. - For telemetry used in security monitoring, describe how anomalies are examined and whether the examination is performed by the device or by an associated service. - If a telemetry category is not used for security examination, say so plainly instead of implying that every telemetry feed is security telemetry. Sources for this answer: - [ETSI TS 103 701 V2.1.1, IXIT 24-TelData](https://www.etsi.org/deliver/etsi_ts/103700_103799/103701/02.01.01_60/ts_103701v020101p.pdf?ref=sorena.io) - Assessment source for the telemetry data pro forma fields: ID, description, purpose, security examination, and personal data. - [ETSI TS 103 701 V2.1.1, Annex B required IXIT entries](https://www.etsi.org/deliver/etsi_ts/103700_103799/103701/02.01.01_60/ts_103701v020101p.pdf?ref=sorena.io) - Assessment source mapping provision 5.10-1 to IXIT 24-TelData fields for description and security examination. ## How should telemetry personal data and consumer information be handled? EN 303 645 clause 6 is the relevant place to narrow privacy-facing telemetry statements. It says the document addresses personal-data protection from a strictly technical perspective, so teams should avoid broad legal-compliance claims unless they have separate legal grounding. For collected telemetry, provision 6-4 says personal-data processing should be kept to the minimum necessary for the intended functionality. Provision 6-5 says consumers must be told what telemetry data is collected, how it is used, by whom, and for what purposes. - Map any personal data in telemetry to IXIT 21-PersData and keep only the data needed for the stated telemetry purpose. - Make the consumer-facing telemetry notice accessible and consistent with the IXIT 2-UserInfo documentation of telemetry data. - When publishing product claims, say that the ETSI evidence supports technical data-protection provisions; do not claim GDPR compliance from EN 303 645 alone. Sources for this answer: - [ETSI EN 303 645 V2.1.1, clause 6 telemetry provisions](https://www.etsi.org/deliver/etsi_en/303600_303699/303645/02.01.01_60/en_303645v020101p.pdf?ref=sorena.io) - Primary ETSI source for telemetry personal-data minimization and consumer information requirements. - [ETSI TS 103 701 V2.1.1, test groups 6-4 and 6-5](https://www.etsi.org/deliver/etsi_ts/103700_103799/103701/02.01.01_60/ts_103701v020101p.pdf?ref=sorena.io) - Assessment source for checking telemetry personal-data necessity and consumer information about telemetry processing. ## Primary sources - [ETSI EN 303 645 V2.1.1 consumer IoT baseline requirements](https://www.etsi.org/deliver/etsi_en/303600_303699/303645/02.01.01_60/en_303645v020101p.pdf?ref=sorena.io) - Primary ETSI source for telemetry definition, provision 5.10-1, clause 6 telemetry data-protection provisions, and examples of security anomalies. - Quote: "If telemetry data is collected from consumer IoT devices and services" - [ETSI TS 103 701 V2.1.1 conformance assessment for consumer IoT](https://www.etsi.org/deliver/etsi_ts/103700_103799/103701/02.01.01_60/ts_103701v020101p.pdf?ref=sorena.io) - Assessment source for TSO 5.10, IXIT 24-TelData, IXIT 21-PersData, IXIT 2-UserInfo, and telemetry-related clause 6 tests. - Quote: "IXIT 24-TelData: ID, Description, Security Examination" ## Topic Guides - [ETSI EN 303 645 Applicability and Scope](/artifacts/global/etsi-en-303-645/applicability-and-scope.md): Decide whether a connected product is in scope of ETSI EN 303 645, define the consumer IoT evidence boundary, and document N/A justifications for assessment. - [ETSI EN 303 645 compliance: ICS, IXIT, evidence](/artifacts/global/etsi-en-303-645/compliance.md): Plan ETSI EN 303 645 compliance evidence for consumer IoT products with scope, ICS, IXIT, TS 103 701 assessment steps, verdict risks, and source-linked controls. - [ETSI EN 303 645 consumer IoT products: what is in scope?](/artifacts/global/etsi-en-303-645/faq/iot-consumer-products.md): ETSI EN 303 645 FAQ on consumer IoT product scope: devices, associated services, constrained devices, out-of-scope industrial uses, ICS, IXIT, and TS 103 701 evidence. - [ETSI EN 303 645 Current Version Tracker](/artifacts/global/etsi-en-303-645/current-version-tracker.md): Track ETSI EN 303 645 version evidence, ETSI deliverable status checks, TS 103 701 assessment alignment, and change triggers for consumer IoT security work. - [ETSI EN 303 645 CVD Workflow for IoT Vulnerability Reports](/artifacts/global/etsi-en-303-645/vulnerability-disclosure-cvd-workflow.md): Source-linked workflow for ETSI EN 303 645 vulnerability disclosure: public policy contents, reporting contact, acknowledgement and status timelines, timely action, and TS 103 701 evidence. - [ETSI EN 303 645 Data Protection Provisions](/artifacts/global/etsi-en-303-645/data-protection-provisions.md): source-linked guide to ETSI EN 303 645 data protection provisions for consumer IoT: personal data security, telemetry transparency, consent, and deletion evidence. - [ETSI EN 303 645 default passwords: what must consumer IoT teams do?](/artifacts/global/etsi-en-303-645/faq/default-passwords.md): ETSI EN 303 645 default password guidance for consumer IoT: unique or user-defined passwords, pre-installed password generation, change mechanisms, brute-force controls, and TS 103 701 evidence. - [ETSI EN 303 645 FAQ: Consumer IoT Security Questions](/artifacts/global/etsi-en-303-645/faq.md): source-linked answers to common ETSI EN 303 645 questions on consumer IoT scope, associated services, default passwords, updates, vulnerability disclosure, telemetry, deletion, and TS 103 701 evidence. - [ETSI EN 303 645 ICS and IXIT Evidence Template](/artifacts/global/etsi-en-303-645/ics-and-ixit-evidence-template.md): Build a source-linked ICS and IXIT evidence template for ETSI EN 303 645 consumer IoT assessments, with clear separation between EN provisions and TS 103 701 test information. - [ETSI EN 303 645 implementation checklist](/artifacts/global/etsi-en-303-645/implementation-checklist.md): Use this ETSI EN 303 645 implementation checklist to scope a consumer IoT product, record Annex B support statuses, map IXIT evidence, and avoid weak conformance claims. - [ETSI EN 303 645 Implementation Evidence Guide](/artifacts/global/etsi-en-303-645/implementation-evidence.md): Build ETSI EN 303 645 implementation evidence from Annex B support/detail records, TS 103 701 ICS and IXIT inputs, test verdicts, and scoped external evidence. - [ETSI EN 303 645 IoT Applicability Workflow](/artifacts/global/etsi-en-303-645/iot-applicability-workflow.md): Decide whether ETSI EN 303 645 applies to a consumer IoT product, what associated services belong in scope, and how to record justified non-applicability. - [ETSI EN 303 645 personal data deletion FAQ for consumer IoT](/artifacts/global/etsi-en-303-645/faq/personal-data-deletion.md): What ETSI EN 303 645 says about deleting user data and personal data from consumer IoT devices, associated services, apps, and evidence records. - [ETSI EN 303 645 requirements: consumer IoT provision map](/artifacts/global/etsi-en-303-645/requirements.md): Map ETSI EN 303 645 consumer IoT requirements to product scope, Annex B ICS entries, TS 103 701 evidence, and implementation owners. - [ETSI EN 303 645 Secure Update Evidence Workflow](/artifacts/global/etsi-en-303-645/secure-update-evidence-workflow.md): Build secure-update evidence for ETSI EN 303 645 using provision 5.3, Annex B support/detail records, and TS 103 701 ICS, IXIT, and test-plan inputs. - [ETSI EN 303 645 Secure Update Workflow](/artifacts/global/etsi-en-303-645/secure-update-workflow.md): Map ETSI EN 303 645 secure-update provisions into a practical workflow for consumer IoT update mechanisms, support-period disclosures, and TS 103 701 evidence. - [ETSI EN 303 645 Secure Updates and Vulnerability Disclosure](/artifacts/global/etsi-en-303-645/secure-update-and-vulnerability-disclosure.md): source-linked guide to ETSI EN 303 645 clauses 5.2 and 5.3 for consumer IoT vulnerability disclosure, security updates, support periods, and TS 103 701 evidence. - [ETSI EN 303 645 support period: what must consumer IoT teams publish?](/artifacts/global/etsi-en-303-645/faq/support-period.md): ETSI EN 303 645 support-period guidance for consumer IoT: defined security-update support periods, user-accessible publication, constrained-device replacement support, model designation, and TS 103 701 evidence. - [ETSI EN 303 645 test evidence: what should consumer IoT teams keep?](/artifacts/global/etsi-en-303-645/faq/test-evidence.md): ETSI EN 303 645 test evidence guidance for consumer IoT teams: ICS support claims, IXIT detail, TS 103 701 test plans, verdicts, and external evidence checks. - [ETSI EN 303 645 vs EU CRA for Consumer IoT](/artifacts/global/etsi-en-303-645/etsi-en-303-645-vs-eu-cra.md): Use ETSI EN 303 645 and ETSI TS 103 701 evidence when preparing consumer IoT cybersecurity work that may also need a separate EU CRA legal mapping. - [ETSI EN 303 645 vs RED Cybersecurity Delegated Act](/artifacts/global/etsi-en-303-645/etsi-en-303-645-vs-red-cybersecurity-delegated-act.md): Compare ETSI EN 303 645 consumer IoT security evidence with RED cybersecurity planning without treating the ETSI baseline as a substitute for RED legal scope. - [ETSI EN 303 645 vs UK PSTI: Evidence Crosswalk](/artifacts/global/etsi-en-303-645/etsi-en-303-645-vs-uk-psti.md): Compare ETSI EN 303 645 evidence with UK PSTI review needs without assuming the same scope, legal trigger, or assurance route. - [ETSI EN 303 645 vulnerability disclosure requirements for consumer IoT](/artifacts/global/etsi-en-303-645/faq/vulnerability-disclosure.md): What ETSI EN 303 645 requires for consumer IoT vulnerability disclosure policies, report handling, status updates, timely action, and TS 103 701 evidence. - [ETSI TS 103 701 Test Evidence Workflow for EN 303 645](/artifacts/global/etsi-en-303-645/ts-103-701-test-evidence-workflow.md): Build an ETSI TS 103 701 test evidence workflow for EN 303 645 consumer IoT assessments: DUT identification, ICS, IXIT, test plans, verdicts, and external evidence. - [How should teams handle constrained devices under ETSI EN 303 645 for consumer IoT products?](/artifacts/global/etsi-en-303-645/faq/constrained-devices.md): ETSI EN 303 645 constrained-device guidance: what counts as constrained, when non-applicability can be justified, and what evidence should support update and authentication decisions. *Recommended next step* *Placement: after practical guidance* ## Operationalize ETSI EN 303 645 telemetry evidence Use this guidance to map telemetry categories, security anomaly checks, personal-data references, consumer notices, IXIT fields, and owner actions before an assessment or customer review. - [Build the telemetry evidence pack](/solutions/assessment.md): Turn provisions 5.10-1, 6-4, and 6-5 into product-scoped IXIT entries, checks, and owner tasks. - [Check a telemetry claim](/solutions/research-copilot.md): Review whether a proposed telemetry statement is narrow enough for the ETSI sources and evidence. - [Talk through implementation](/contact.md): Review telemetry scope, anomaly checks, personal-data references, and consumer notices with Sorena. --- [Privacy Policy](https://www.sorena.io/privacy) | [Terms of Use](https://www.sorena.io/terms-of-use) | [DMCA](https://www.sorena.io/dmca) | [About Us](https://www.sorena.io/about-us) (c) 2026 Sorena AB (559573-7338). All rights reserved. Source: https://www.sorena.io/artifacts/global/etsi-en-303-645/faq/telemetry