Have your say – ICT product certification
You can also get involved in forming EU laws. The European Commission would like to hear your views on laws and policies currently in development. They offer a platform “Have your say” with the list of all new EU initiatives open for public consultation. You need to register to write your feedback. https://ec.europa.eu/info/law/better-regulation/have-your-say
There are always 5 stages of each EU initiative, each stage is open for public consultation for a specific time frame:
- In preparation
- Call for evidence
- Public consultation
- Draft act
- Commission adoption
Cybersecurity – security requirements for ICT product certification
About this initiative: The voluntary scheme will introduce a set of security requirements for ICT security products (e.g. firewalls, encryption devices, electronic signature devices) and ICT products with an inbuilt security functionality (i.e. routers, smartphones, bank cards).
Feedback period: for stage 4 it is 03 October 2023 – 31 October 2023
Feedback from Europeans for Safe Connections
“Europeans for Safe Connections” suggest that the certification takes into account also insecurity of the wireless connections. Wireless transmissions from credit cards, mobile phones, smart watches, fitness trackers, pacemakers and personal wearables pose a risk of data misuse.
We have particular concerns about private banking data and data covered by medical confidentiality. Dangerous threats regarding wireless medical devices violate confidentiality of these devices. Hacking of medical devices could create a backdoor into hospital networks.
Also the wearable industry is booming nowadays. Users themselves contribute to privacy and device security breaches as they are not aware of different threats and vulnerability of the devices.
Minimization of data transmitted wirelessly is crucial for the security of medical patients. The principle of data minimization involves limiting data transmission and storage to only what is required to fulfil specific purposes.
Examples:
- 465,000 pacemakers recalled due to cybersecurity vulnerabilities.
- The wireless communication between medical devices or other smart devices is not secure.
- Fitness data is an attractive target for health insurance companies
Many experts point out that 5G and connected objects and bodies will dramatically increase the dangers of data loss and cybercrime:
- many transmissions will be over wireless connections, multiplying the risk of “eavesdropping”
- much more data will be transmitted over these devices, including sensitive data. We have particular concerns about data covered by medical confidentiality (medical watches, hearing aids).
We suggest that this certificate helps to protect citizens against the increasing vulnerability to cybercrime by evaluating the data minimization to collection via wireless (such as medical and banking data).
ESC is an alliance of European organisations that strives to reduce the impact of modern communications and electricity use on health and the environment. We are not against technology, but we are pro safe technology and safe connections.
Europeans for Safe Connections
This feedback was sent from a wired internet connection
– No use of harmful radiation
– Less electricity consumption
– Increased data security
Link to our feedback: https://ec.europa.eu/info/law/better-regulation/have-your-say/initiatives/13382-Cybersecurity-security-requirements-for-ICT-product-certification/F3441047_en
Facebook post available for sharing: https://www.facebook.com/permalink.php?story_fbid=318305947603236&id=100082714988907