Changes in EU legislation on cybersecurity

On November 20, 2024, the final version of the EU Cyber Resilience Act was published (Cyber Resilience Act). According to the new version of the Act, mandatory cybersecurity requirements are introduced for manufacturers and retailers of products and software containing digital components. This protection will apply throughout the entire lifecycle of the product.

On November 18, 2024, the final version of the EU Directive on Liability for Defective Products was published (EUDirective on Liability for Defective Products). This Directive aligns EU rules on product liability with the advancements in digital technologies and the circular economy. The update also addresses challenges faced by affected parties in gathering evidence to prove liability, especially in the context of new technologies.

These changes are significant for domestic manufacturers and retailers of products and software containing digital components. They are also important in the context of considering the new EU legislation in the field of consumer protection.