As concerned cybersecurity experts who have dedicated our lives to improving the security of the online environment, we urge you to reconsider the vulnerability disclosure requirements under the proposed EU Cyber Resilience Act (CRA). While we appreciate the CRA’s aim to enhance cybersecurity in Europe and beyond, we believe that the current provisions on vulnerability disclosure are counterproductive and will create new threats that undermine the security of digital products and the individuals who use them.
Download Full Text Below
Read Next
Trump EO Starts the Next Phase of AI, Cybersecurity Policy
President Trump’s Executive Order, Promoting Advanced Artificial Intelligence and Security, on frontier AI systems frames these advanced models through the lens of cybersecurity, infrastructure resilience, and national security.
Yet Another Blog About “Cyber Operations:” The Trump II Administration’s National Cyber Strategy and Private Sector Collaboration
The recently released National Cyber Strategy provides some insight into questions about the Administration’s approach to offensive cyber policy, and particularly the private sector’s role.
Beyond Buzzwords: What Public Views on Scanning and Encryption Mean for Policymakers
Public support for content scanning and encryption backdoors drops when tradeoffs are made clear. This survey of Nordic countries shows people prioritize privacy and security over harm detection, and lack trust in institutions to govern access.
