As concerned cybersecurity experts who have dedicated our lives to improving the security of the online environment, we urge you to reconsider the vulnerability disclosure requirements under the proposed EU Cyber Resilience Act (CRA). While we appreciate the CRA’s aim to enhance cybersecurity in Europe and beyond, we believe that the current provisions on vulnerability disclosure are counterproductive and will create new threats that undermine the security of digital products and the individuals who use them.
Download Full Text Below
Read Next
Congress’ Proposed Chip Security Act Threatens to Create New Cyber Vulnerabilities in U.S. Semiconductors
As the U.S. races toward global AI dominance, a new bill aimed at preventing diversion of innovative U.S. semiconductors to China could inadvertently make those very same chips less secure.
Japanese Regulator Balances Cybersecurity, Competition Concerns In MSCA Implementation Guidelines
Promoting robust competition in the digital space while ensuring cybersecurity protections is challenging. The Japan Fair Trade Commission strikes a crucial balance between these priorities in its May 2025 guidelines.
Protecting Mobile Security in a Competitive Ecosystem
In an amicus brief filed in Epic Games v. Apple Inc., the Center for Cybersecurity Policy and Law urges the 9th Circuit to ensure that competition remedies do not undermine security.
