Edri-cra-discussion October 2023

edri-cra-discussion@mailman.edri.org

3 participants
2 discussions

by Diego Naranjo

Dear all, As you have not doubt noticed, there has been less engagement on the Cyber Resilience Act (CRA) from EDRi office side these past weeks. The first reason is that in order to stem the attention required for the *large number of policy processes Jan is currently following* (DMA and DSA enforcement, Health Data Spaces, Net Neutrality and EDRi IT needs). In addition to our workload, there is a *larger number of stakeholders working on CRA compared to other pieces of legislation*, especially in the areas of free software exemption, vulnerability handling, and security patch periods... Because of both reasons, we decided to de-prioritise our work on the CRA for the time being. Jan will participate in one last speaking event on a Microsoft-led panel on vulnerability handling on Thursday morning at 9am and then *he will be on parental leave in November and December*. In the meantime, please contact me directly for any immediate questions or actions EDRi should be involved in regarding the CRA. Once Jan is back from his leave in January, and following the (upcoming EDRi) office and EDRi network discussions on the EDRi office 2024 work plan, we can re-discuss what kind of priority we can allocate to this file. I hope this will work for you. Jan and I thank you for your understanding for this kind of difficult decisions. Any feedback is of course most welcome! Best regards, Diego -- DIEGO NARANJO Head of Policy EUROPEAN DIGITAL RIGHTS www.edri.org <https://www.edri.org>| @_DiegoNaranjo <https://twitter.com/_DiegoNaranjo>| Phone: +32 489 229 779 (Signal/WhatsApp) *From July 2023 EDRi is trialing a four-day week. Our working days are Monday-Thursday*

1 year, 1 month

Vrijschrift to Dutch Parliament: EU Cyber Resilience Act will harm competitiveness

by Ante Wessels

Dear all, Vrijschrift to Dutch Parliament: EU Cyber Resilience Act will harm competitiveness The EU Cyber Resilience Act (CRA) proposal aims to make products containing software and software itself more secure. [1] This objective is endorsed by Vrijschrift. The Minister of Economic Affairs and Climate has written to the Senate that concerns regarding open source software have been “extensively addressed” by means of a recital. However, recitals do not have independent legal force; the amendments of the Council of the EU are ineffective. The CRA, if adopted in this form, will seriously harm the open source ecosystem and the competitiveness of the European economy. https://www.vrijschrift.org/serendipity/index.php?/archives/262-Vrijschrift… kind regards, Ante

1 year, 2 months