Recently I wrote about discussions I’ve experienced about a year ago, where lawyers and open source practitioners wondered what the reporting obligations of the Cyber Resilience Act meant in edge cases. In the meantime the EU has published a draft of a guidance document for manufacturers. I had already read it, but did not connect it with the article I wrote in my mind. And it turns out, the EU answers those questions! Let’s see what it says: It is not entirely clear whether this means that t...
No comments yet. Log in to reply on the Fediverse. Comments will appear here.