As concerned cybersecurity experts who have dedicated our lives to improving the security of the online environment, we urge you to reconsider the vulnerability disclosure requirements under the proposed EU Cyber Resilience Act (CRA). While we appreciate the CRA’s aim to enhance cybersecurity in Europe and beyond, we believe that the current provisions on vulnerability disclosure are counterproductive and will create new threats that undermine the security of digital products and the individuals who use them.
Download Full Text Below
Read Next
UKs Investigatory Powers Act Could Negatively Impact Cybersecurity
The Center for Cybersecurity Policy & Law submitted comments to the United Kingdom’s open consultation on the updated codes of practice and notice regulations for the Investigatory Powers Act.
Virginia Supreme Court Expands Computer Crime Law, Raising Legal Issues for Ethical Hackers
The Virginia Supreme Court issued a pivotal ruling with significant implications for corporate security, ethical hacking, and everyday computer users, that greatly expands the scope of Virginia’s computer fraud law.
EU’s Cyber Resilience Act Enters Into Force
New product cybersecurity requirements are coming to the EU single market after years of intense debate and negotiation in Brussels, as the European Union’s Cyber Resilience Act officially enters into force.
