Internal Market: Orgalim comments on the final report of the impact assessment study on internet-connected radio equipment and wearable radio equipment

Orgalim, Europe’s technology industries, would like to provide its views on the findings and conclusions of the impact assessment study on internet-connected radio equipment and wearable radio equipment, in particular concerning the policy options proposed and the recommendations for the way forward.

Orgalim members acknowledge the increase in the number and demand for connected devices on the market and the need to assess emerging security vulnerabilities in a robust manner. The final report highlights that the activation of delegated acts, relative to the protection of data and privacy, as well as protection from fraud, is the preferred option to address existing regulatory gaps in terms of protection of data and privacy, as well as protection from fraud. Orgalim believes that the proposed delegated acts would not deliver the intended protection goals, and at the same time, be incomplete in covering the aspect of cyber-security. A more holistic solution, such as an EU wide horizontal legislation covering cyber-security would be more effective in addressing current regulatory gaps. This is because:

• RED delegated acts cannot address all cybersecurity issues being limited only to the aspects of personal data protection, privacy and protection from fraud. Moreover, they would not cover wired equipment in addition to wireless devices. A more holistic solution in the form of a horizontal Cybersecurity legislation is needed to cover all networkable products regardless of the technology used.
• Lack of clarity on the objectives of fraud prevention and misuse of network resources due to missing harmonised definitions. Furthermore, without clarity standardization has difficulties to support the regulatory objectives.
• Developing various delegated acts that address the same cybersecurity aspects creates legislative fragmentation and inconsistency with other pieces of legislation (such as the GDPR), which in turn creates legal uncertainty for manufacturers.
• The activation of the acts delegated to the Art. 3.3 d/e/f may be inconsistent with Article 2 of Decision 768/2008/EC, so, where products are already subject to other legislation, consistency of all legislation concerning the same product needs to be ensured.

These facts have the potential to negatively impact harmonisation in the European Economic Area, bring the Single Market at risk, lead to higher cost for the manufacturing industry and finally reduce the competitiveness of Europe.

The present position paper aims to focus on Orgalim’s arguments against the activation of delegated acts for Articles 3(3) (d), (e) and 3(3)(f), providing an alternative proposal (in line with option 5) as well as a brief analysis (in the annex of the paper), of the recommendations made in the final report of the impact assessment study. To read the position in full, please download the document above.