On Thursday, 10 October 2024, the Council of the European Union announced that it had adopted the Cyber Resilience Act (CRA).
The CRA aims to ensure that any products with digital components meet stringent cybersecurity requirements before being introduced onto the market. The CRA will address the design, development, production, and availability of hardware and software products in order to avoid conflicting requirements from different legislations within EU member states. For consistency, products that meet the CRA's requirements will be identified with the CE marking, indicating compliance with high safety, health, and environmental protection standards. The CE labelling is already known to consumers and will help them to identify products with appropriate cybersecurity features.
The CRA will now be signed by the Presidents of the Council and of the European Parliament and then published in the Official Journal of the EU. Following its publication, the CRA will enter into force 20 days after publication and will take full effect 36 months after its entry into force.
Access the full Cyber Resilience Act legislation.
What is this page?
You are reading a summary article on the Privacy Newsfeed, a free resource for DPOs and other professionals with privacy or data protection responsibilities helping them stay informed of industry news all in one place. The information here is a brief snippet relating to a single piece of original content or several articles about a common topic or thread. The main contributor is listed in the top left-hand corner, just beneath the article title.
The Privacy Newsfeed monitors over 300 global publications, of which more than 5,750 summary articles have been posted to the online archive dating back to the beginning of 2020. A weekly roundup is available by email every Friday.