Phish and Chips: The regulatory approaches of the EU Cyber Resilience Act скачать в хорошем качестве

Phish and Chips: The regulatory approaches of the EU Cyber Resilience Act

This lecture aims to clarify the foundational regulatory choices of Regulation (EU) 2024/2847 (Cyber Resilience Act, CRA), concerning horizontal cybersecurity requirements for products with digital elements. Like other legal acts of the European Union, particularly those dealing with the regulation of the ‘digital’ sphere, the CRA combines several regulatory approaches, namely: (i) a horizontal approach; (ii) a risk-based approach; and (iii) a product safety approach. In addition, the European Commission’s Explanatory Memorandum accompanying the proposed Regulation explicitly states that the CRA contributes to the protection of fundamental rights. While the combination of certain approaches has a longer tradition within EU harmonized law (e.g., the risk-based and product safety approaches) and is therefore less problematic, the integration of a rights-based approach into the traditional structures of product safety legislation is a recent development in the EU’s legislative technique and thus deserves a deeper critical reflection. cyberpolicy.uni.lu