Hello dear Jan,
Thank you for spreading the word about it! I was not aware of this!
Homo Digitalis would like to sing!
Many-many thanks for your work!
Best,
Eleftherios
On 6/6/2023 2:29 μ.μ., Jan Penfrat (EDRi) wrote:
Dear EDRis,
Thank you for allowing me to cross-post this so everyone has seen it:
While the overall work on the Cyber Resilience Act
<https://edri.org/our-work/the-cyber-resilience-act-how-to-make-europe-more-digitally-resilient/>
is going rather well (as compared to other legislative dossiers I
assume), one of the problems that still persists: The EP wants to
compel manufacturers of connected devices to notify the EU's Agency
for Cybersecurity ENISA
<https://en.wikipedia.org/wiki/European_Union_Agency_for_Cybersecurity>
about details of unpatched security vulnerabilities.
Given EU member states' track record of state-sanctions hacking, we
believe it's a bad idea to create government-run databases full of
zero-day exploits.
I have therefore drafted an open letter to lawmakers working on the
CRA <https://cloud.edri.org/index.php/s/aK6BJD2DpTs2JkF> to fix that
problem and would like to kindly ask you to *co-sign it individually
if you can _by Monday, 12 June at noon_*.
Please also let me know should you have any major concerns with the
draft letter.
Thanks a lot!
Jan
--
JAN PENFRAT
SENIOR POLICY ADVISOR
EUROPEAN DIGITAL RIGHTS
Rue Belliard 12, B-1040 Brussels
Matrix: @jan:penfrat.net
Phone: +32 2 274 25 76
www.edri.org <https://www.edri.org>| Mastodon
<https://eupolicy.social/@ilumium>| PGP
<https://edri.org/files/pgp-keys/janpenfrat.asc>
Subscribe to the EDRi-gram to become a digital rights connoisseur!
<https://edri.org/take-action/edri-gram/>
Subscribe to the EDRi-gram. <https://edri.org/take-action/edri-gram/>