Shopping in the aisles of the supermarket for food or picking out a new smartwatch from the electronics shop have something in common: The consumer expects that food will not poison them and similarly that a smartwatch won’t suddenly catch fire.

Consumer protections in Europe have been around for decades, and they serve us by holding manufacturers accountable to standards and regulations. When products fail us, the regulator must step in to ensure that we are not only provided relief, but also that the producer must change their ways. Our health and safety are the guiding lights that protect us.

Over 20 years ago Europe’s “Blue Guide” about putting products on the single market was first written. Back then, we still lived in a world defined by supply chains of objects and the distribution of physical items. But as our lives have become increasingly lived in the digital domain, we have been exposed to new risks via social networks, chats, video calls, e-mails, and online shopping.

We have seen our credit cards stolen and our identities impersonated. Our digital safety has not been adequately protected by large multinational corporations because cybersecurity has taken a back seat to profits.

Thankfully, the European Commission has been busy drafting new regulations to protect us. With the advent of the Cyber Resilience Act (CRA) and its associated Product Liability Directive (PLD), the shopping aisles have been extended to include products with digital elements, or put simply: software.

Any system connected with a data interface will be required to comply with these new cybersecurity requirements; this includes downloadable software, mobile apps, SaaS websites, and even IoT. The norm is going to become: reporting breaches to regulators (and the users), maintaining a bill of materials and user instructions for at least 5 years, and potentially undergoing a compliance certification.

For consumers, this will usher in a new age of digital safety, in which we can finally put faith in the platforms upon which we live much of our lives. For businesses, there will finally be incentives to minimise risk and protect their users from potentially life-changing cyber-attacks.

If you are a business owner, and your products are touched by software, eventually, you are going to have to make tough decisions about your cyber resilience, and the later you start working on it, the more expensive it will be.

If you are interested in getting in early to learn more about the regulatory, legal, and business perspectives of the CRA and PLD, you are warmly invited to register to join CrabNebula’s free ”Software as a Product” seminar at the Malta Chamber on July 24, 2024.

If you can’t attend the in-person event, there will also be a livestream.

Sign up to our free newsletters

Get the best updates straight to your inbox:
Please select at least one mailing list.

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.