The European Commission (EC) has published an initiative intended for internet-connected radio equipment and wearable radio equipment that includes smartwatches and connected toys.
The overall objective of this initiative is to ensure an adequate level of security for internet-connected radio equipment and wearable radio equipment at the moment of placing on the market. The following policy options are:
- Option 0, baseline scenario: a situation in which manufacturers are not obliged to implement any specific measures as it is currently the case.
- Option 1, a situation whereby the industry self-regulates to implement the existing legislation which protects personal data, the confidentiality of telecommunications, security and protection against fraud.
- Option 2, adoption of a delegated act pursuant Article 3(3)(e) of the Radio Equipment Directive (RED). This will require that radio equipment incorporate safeguards to ensure that the personal data and privacy of the user and of the subscriber are protected, also as a tool to enhance the cybersecurity of these products, and this requirement will have to be demonstrated for the purposes of market access.
- Option 3, adoption of a delegated act pursuant Article 3(3)(f) of RED. This will require that radio equipment incorporates certain features ensuring protection from fraud, also as a tool to enhance the cybersecurity
- Option 4, adoption of a delegated act pursuant both Articles 3(3)(e) and (f) of RED. In this case, both requirements in Options 2 and 3 will have to be demonstrated for the purposes of market access.
Feedback period for the initiative was open from January 28 to March 3, 2019. Public consultation is set to open on the second quarter of 2019.