EU Releases RED Directive on Cybersecurity Requirements
Bay Area Compliance Lab Corp Shenzhen
Quality Control, Testing, Certification, and Inspections
On July 20, 2023, the European Commission issued Authorization?Regulation C (2023) 4823, amending the mandatory implementation date of the Authorization Regulation 2020/30 of the RED Directive 2014/53/EU on network information security, privacy protection, and fraud prevention requirements for radio equipment, extending the mandatory implementation date of the new network security requirements added to the RED Directive to August 1, 2025.
The Internet of Things is constantly present in our work, life, and learning. Therefore, the European Commission must review the legislation on radio and telecommunications terminal equipment to effectively manage the network security of products, to fully protect user privacy and network information security, and to avoid fraud and damage caused by network security.
EU RED Directive cyber security requirements:
In January 2022, the European Union issued the RED Directive Supplementary Authorization Act (EU) 2022/30, which updates the network security and?emergency service Location functions of Article 3.3 of the Radio Equipment Directive (RED) 2014/53/EU. Manufacturers of related products must consider the network security requirements of the RED Directive in their design and production:
First: 3 (3) (d), ensure that the network will not be damaged or misused, that is, radio equipment will not damage the network or its functions, nor abuse network resources, resulting in ?unacceptable service degradation;
Second: 3 (3) (e), ensure that personal data and privacy are protected, that is, radio equipment contains safeguards to ensure that user's personal data and privacy are protected;
Third: 3(3) (f), ensure fraud protection, that is, support certain currency payment and transaction functions for radio equipment to ensure that users are protected from fraud;
Types of products covered by the cyber security requirements of the EU RED Directive:
The applicable products specified in the EU Act include most wireless terminal devices that can access the Internet, such as routers, cameras, smart door locks, smart appliances, wearable devices and clothing, smartphones, tablets, toys, and child care devices, but do not include other devices regulated by specific directives, such as automobiles, medical devices, civil aviation, and railway-related system.
Links to original EU regulations:
Response Measures to the EU Cyber Security Act:
With the emergence of new technologies such as Wi-Fi, Bluetooth, and NFC, more and more products are interconnected. The European Union has begun considering increasing compliance assessments for wireless communication products in network security, network protection, currency fraud, and personnel data. The Radio Equipment Directive (RED) was amended and updated as Article 3.3, which now covers the safety of radio interfaces. The amendment to Article 3.3 shall enter into force on February 1, 2022, and shall be enforced from August 1, 2025.?
From the specified mandatory date, radio equipment placed on the market must meet the requirements to receive the CE mark. Manufacturers should?consider assessing their products in advance according to the most advanced existing standards. RED also provides clearer requirements and compliance responsibilities, providing a smoother assessment and certification process.?
The one-year extension of the EU Cyber Security Act to August 1, 2025, provides manufacturers with sufficient time to understand the impact of the new regulations, effectively implement the requirements of the new regulations, and begin to develop product compliance plans during the research and development phase to conduct compliance assessments as soon as possible.
If you have any questions, please feel free to contact our sales window!
BACL radio frequency laboratory has a senior and efficient team of wireless communication technology engineers, especially with many years of rich testing experience in Bluetooth, WiFi, Walkie-talkie, GSM / WCDMA / LTE, and other fields. It is always close to the future development trend of electronic products and masters the first-hand information of industry development. The laboratory is equipped with German R & S The radio frequency testing equipment of international well-known manufacturers such as Keysight and Aeroflex in the United States currently has nine FCC, ISED, and other authorized testing laboratories in the United States, Shenzhen (Futian / Guangming / Bao'an), Dongguan, Taiwan (Xizhi / Linkou), Chengdu and Kunshan, which can provide customers with one-stop testing and certification solutions. BACL, as one of the FCC TCB institutions recognized by A2LA in the United States, can directly issue FCC ID certificates and network access numbers for communication products. At the same time, it is also the highest level NB notification institution of EU CE EMCD & RED, UK UKCA, Canada ISED, Australia NATA RTA, Japan MIC, Singapore IMDA, Hong Kong OFCA, Egypt NTRA & GOEIC, South Korea KC, China CNAS& CMA and other accredited laboratories, which can help the electronic products of many enterprises at home and abroad quickly gain global market access.