Companies that create connected devices will have to fix cyber vulnerabilities as soon as they become aware of them under the EU Cyber Resilience Act, which was finalized during the trilogue process 30 Nov., Euractiv reports. The parties also agreed that nonprofit groups that sell open-source software and reinvest those funds into nonprofit activities would be excluded from certain documentation standards.
EU groups reach agreement on connected products law
RELATED STORIES
Notes from the IAPP Canada: Privacy and access to information, art
A view from DC: The proposed AI Civil Rights Act would require audits all the way down
A conversation with privacy pioneer Harriet Pearson
FTC's Wiseman discusses groundbreaking report on platforms' privacy, data security practices
Notes from the IAPP Europe: DSA, DMA, CSAM, data spaces and DPA news