The aim is to improve protection against cyberattacks.
The European Commission wants to impose stricter rules on manufacturers of connected objects.
“Computers, phones, household appliances, cars, toys…Each of these hundreds of millions of connected products is a potential entry point for a cyberattack.
And yet, today, most hardware and software products are not subject to any cybersecurity obligation,” noted Internal Market Commissioner Thierry Breton, who initiated the project with Commission Vice-President Margaritis Schinas. .
“By introducing cybersecurity by design, the legislation (…) will help protect the European economy and our collective security,” he explained.
The draft regulation on cyber resilience must still be negotiated for several months by MEPs and Member States.
Ultimately, the Commission hopes to make this new legislation an international reference, beyond the single market.
Fine of up to 15 million euros
According to this project, products and software can only be marketed if they meet security criteria.
Are concerned “all products connected directly or indirectly to another object or network”.
The text introduces an obligation of transparency on any flaws or incidents observed.
Companies will need to document them and report on how they are handled.
In the event of non-compliance with the rules, fines of up to 15 million euros or 2.5% of their turnover are foreseen.
The correct application of the rules will be the responsibility of the Member States.
They will appoint an authority in charge of market surveillance, able to order, for example, a recall or withdrawal of products.
By the Web
Cybersecurity: And if it was the end of the password?
high tech
Corbeil-Essonnes: Russian hackers claim responsibility for the cyberattack on the hospital and demand a ransom
high tech
cyberattack
Connected objects
European Union (EU)
European Commission
Cybersecurity