Translations:Cyber Resilience Act (CRA)/3/en
Aus RI Wiki
Zur Navigation springenZur Suche springen
```wiki
| Goals | Scope | Content[1] | Synergy | Consequences |
|---|---|---|---|---|
| Contain vulnerabilities in products. | Material: Products with digital elements (hardware or software products) whose use includes data connection with a device or network | Appropriate security level of products, absence of known vulnerabilities | Violation of Art 13 and 14 CRA; up to €15,000,000 or up to 2.5% of the worldwide annual turnover of the previous year. | |
| Ensure security throughout the entire lifecycle of a product. | Personal: Manufacturers, dealers, and importers | Restoration to factory condition must (generally) be possible. | Security of processing (Art 32 GDPR), data protection by design and by default (Art 25 GDPR) | Violation of other obligations; up to €10,000,000 or 2% of the worldwide annual turnover of the previous year. |
| Create conditions enabling users to consider cybersecurity. | Security assessments depending on security class | Requirements of the AI Regulation (Art 6 in conjunction with 15) for high-risk AI systems | Incomplete information; up to €5,000,000 or 1% of the previous year's turnover | |
```
