The EU is reportedly preparing to announce a new proposal that is aimed at smart devices with cybersecurity risks, in order to cut the cost of cyber incidents in the European Union. Manufacturers of smart devices that are connected to the Internet will have to ensure their devices are secure, or risk their products being banned and face fines as high as EUR 15 million (roughly Rs. 120 crore) or up to 2.5 percent of their total global turnover.
On September 13, the European Union executive will announce the Cyber Resilience Act, a proposal that could eventually become law, according to a Reuters report. The proposed regulation covers Internet connected devices such as smart TVs, refrigerators, and smart speakers, proposing stringent rules requiring manufacturers to shore up their security.
According to the report, the EU’s proposal will expect smart device manufacturers to assess the cyberscurity risks of their products and ensure that flaws and issues are resolved, and notify the European Union Agency for Cybersecurity (ENISA) of cybersecurity-related incidents within 24 hours.
The proposal also recommends that companies who do not follow the proposed rules be fined as much as EUR 15 million (roughly Rs. 120 crore), or up to 2.5 percent of their total global turnover, whichever amount is higher. As per the report, this fine could be reduced for smaller offences.
Similarly, the proposed Cyber Resilience Act also allows national surveillance authorities to restrict a product from the European market by ordering that it be withdrawn or recalled, if it does not comply with the rules. The proposed legislation could eventually become law once EU countries provide input, according to the report.