Euractiv reports the European Commission will soon introduce the Cyber Resilience Act, which lays out cybersecurity requirements for connected devices. The draft framework will cover digital products and their data processing solutions with exemptions for products covered by sector-specific regulations. Proposed security requirements for product design and development processes include ensuring confidentiality of data, encryption and purpose limitation principles. If passed, the proposal would apply 24 months after its entry into force while manufacturer reporting obligations would apply one year after enactment.
8 Sept. 2022
European Commission to introduce IoT cybersecurity rules
RELATED STORIES
Free speech battles and age-appropriate balance: Unpacking the Ninth Circuit NetChoice decision
Data privacy and protection in the US: A sign of bipartisan progress
Controllers, processors and subprocessors in chains
Notes from the IAPP Canada: Recommendations, calls to reform Privacy Act 'a good start'
A view from DC: Marriott and the minimum extent necessary