BETA

24 Amendments of Andrus ANSIP related to 2022/0272(COD)

Amendment 76 #
Proposal for a regulation
Recital 20
(20) Products with digital elements should bear the CE marking to visibly, legibly and indelibly indicate their conformity with this Regulation so that they can move freely within the internal market. Member States should not create unjustified obstacles to the placing on the market of products with digital elements that comply with the requirements laid down in this Regulation and bear the CE marking.
2023/04/28
Committee: IMCO
Amendment 97 #
Proposal for a regulation
Recital 34 a (new)
(34 a) ENISA should be responsible for publishing and maintaining a database of known exploited vulnerabilities. Manufacturers should monitor the database and notify vulnerabilities found in their products.
2023/04/28
Committee: IMCO
Amendment 139 #
Proposal for a regulation
Article 3 – paragraph 1 – point 40 a (new)
(40 a) 'partly completed products with digital elements' means a tangible item which is unable to function independently and which is only produced with the aim of be incorporated into or assembled with a product with digital elements or other partly completed product with digital elements, and which can only be effectively assessed for its conformity taking into account how it is incorporated into an intended final product with digital elements;
2023/04/28
Committee: IMCO
Amendment 141 #
Proposal for a regulation
Article 4 – paragraph 1
1. Member States shall not impede, for the matters covered by this Regulation, the making available on the market of products with digital elements or partly completed products with digital elements which comply with this Regulation.
2023/04/28
Committee: IMCO
Amendment 145 #
Proposal for a regulation
Article 4 – paragraph 2
2. At trade fairs, exhibitions and demonstrations or similar events, Member States shall not prevent the presentation and use of a product with digital elements or a partly completed product with digital elements which does not comply with this Regulation.
2023/04/28
Committee: IMCO
Amendment 152 #
Proposal for a regulation
Article 6 – paragraph 2 – point b
(b) the intended use in sensitive environments, including in industrial settingcritical applications in sensitive environments or by essential entities of the type referred to in the Annex [Annex I] to the Directive [Directive XXX/XXXX (NIS2)];
2023/04/28
Committee: IMCO
Amendment 163 #
Proposal for a regulation
Article 8 – paragraph 1
1. Products with digital elements or partly completed products with digital elements classified as high-risk AI systems in accordance with Article [Article 6] of Regulation [the AI Regulation] which fall within the scope of this Regulation, and fulfil the essential requirements set out in Section 1 of Annex I of this Regulation, and where the processes put in place by the manufacturer are compliant with the essential requirements set out in Section 2 of Annex I, shall be deemed in compliance with the requirements related to cybersecurity set out in Article [Article 15] of Regulation [the AI Regulation], without prejudice to the other requirements related to accuracy and robustness included in the aforementioned Article, and in so far as the achievement of the level of protection required by those requirements is demonstrated by the EU declaration of conformity issued under this Regulation.
2023/04/28
Committee: IMCO
Amendment 169 #
Proposal for a regulation
Article 9 – paragraph 1
Machinery products under the scope of Regulation [Machinery Regulation proposal] which are products with digital elements or partly completed products with digital elements within the meaning of this Regulation and for which an EU declaration of conformity has been issued on the basis of this Regulation shall be deemed to be in conformity with the essential health and safety requirements set out in Annex [Annex III, Sections 1.1.9 and 1.2.1] to Regulation [Machinery Regulation proposal], as regards protection against corruption and safety and reliability of control systems, and in so far as the achievement of the level of protection required by those requirements is demonstrated in the EU declaration of conformity issued under this Regulation.
2023/04/28
Committee: IMCO
Amendment 192 #
Proposal for a regulation
Article 11 – paragraph 1
1. The manufacturer shall, without undue delay and in any event within 24 hours of becoming aware of it, notify to ENISA any actively exploited vulnerability contained in the product with digital elements. The notification shall include details concerning that vulnerability and, where applicable, any corrective or mitigating measures taken. ENISA shall, without undue delay, unless for justified cybersecurity risk-related grounds, forward the notification to the CSIRT designated for the purposes of coordinated vulnerability disclosure in accordance with Article [Article X] of Directive [Directive XXX/XXXX (NIS2)] of Member States concerned upon receipt and immediately inform the market surveillance authority about the notified vulnerability. Where a notified vulnerability has no corrective or mitigating measures available, ENISA shall ensure that information about the notified vulnerability is shared in line with strict security protocols and on a need-to-know-basis.
2023/04/28
Committee: IMCO
Amendment 196 #
Proposal for a regulation
Article 11 – paragraph 2
2. The manufacturer shall, without undue delay and in any event within 24 hours of becoming aware of it, by means of an early warning, notify to ENISA of any incident having a significant impact on the security of the product with digital elements. The manufacturer shall without undue delay and in any event within 72 hours of becoming aware of the significant incident related to the product with digital elements further notify ENISA more details on the significant incident. ENISA shall, without undue delay, unless for justified cybersecurity risk-related grounds, forward the notifications to the single point of contact designated in accordance with Article [Article X] of Directive [Directive XXX/XXXX (NIS2)] of the Member States concerned and immediately inform the market surveillance authority about the notified incidents. The incident notification shall include information on the severity and impact of the incident and, where applicable, indicate whether the manufacturer suspects the incident to be caused by unlawful or malicious acts or considers it to have a cross-border impact.
2023/04/28
Committee: IMCO
Amendment 222 #
Proposal for a regulation
Article 20 – paragraph 2
2. The EU declaration of conformity shall have the model structure set out in Annex IV and shall contain the elements specified in the relevant conformity assessment procedures set out in Annex VI. Such a declaration shall be continuously updatedupdated as appropriate. It shall be made available in the language or languages required by the Member State in which the product with digital elements is placed on the market or made available.
2023/04/28
Committee: IMCO
Amendment 223 #
Proposal for a regulation
Article 20 a (new)
Article 20 a EU Declaration of Incorporation for partly completed products with digital elements 1. The EU declaration of incorporation shall be drawn up by manufacturers in accordance with Article 10(7) and state that the fulfilment of the relevant essential requirements set out in Annex I has been demonstrated. 2. The EU declaration of incorporation shall have the model structure set out in Annex IVa (new). Such a declaration shall be updated as appropriate. It shall be made available in the language or languages required by the Member State in which the partly completed product with digital elements is placed on the market or made available. 3. Where a partly completed product with digital elements is subject to more than one Union act requiring an EU declaration of incorporation, a single EU declaration of incorporation shall be drawn up in respect of all such Union acts. That declaration shall contain the identification of the Union acts concerned, including their publication references. 4. The Commission is empowered to adopt delegated acts in accordance with Article 50 to supplement this Regulation by adding elements to the minimum content of the EU declaration of incorporation as set out in Annex IVa (new) to take account of technological developments.
2023/04/28
Committee: IMCO
Amendment 224 #
Proposal for a regulation
Article 22 – paragraph 1
1. The CE marking shall be affixed visibly, legibly and indelibly to the product with digital elements. Where that is not possible or not warranted on account of the nature of the product with digital elements, it shall be affixed to the packaging and to the EU declaration of conformity referred to in Article 20 accompanying the product with digital elements. For products with digital elements which are in the form of software, the CE marking shall be affixed either to the EU declaration of conformity referred to in Article 20 or on the website accompanying the software product. In the latter case, the relevant section of the website shall be easily and directly accessible to consumers.
2023/04/28
Committee: IMCO
Amendment 225 #
Proposal for a regulation
Article 22 – paragraph 3
3. The CE marking shall be affixed before the product with digital elements is placed on the market. It may be followed by a pictogram or any other mark indicating to consumers a special risk or use set out in implementing acts referred to in paragraph 6.
2023/04/28
Committee: IMCO
Amendment 226 #
Proposal for a regulation
Article 22 – paragraph 5
5. Member States shall build upon existing mechanisms to ensure correct and harmonised application of the regime governing the CE marking and shall take appropriate and coordinated action in the event of improper use of that marking. Where the product with digital elements is subject to other Union legislation which also provides for the affixing of the CE marking, the CE marking shall indicate that the product also fulfils the requirements of that other legislation.
2023/04/28
Committee: IMCO
Amendment 227 #
Proposal for a regulation
Article 22 – paragraph 6
6. The Commission may, by means of implementingdelegated acts, lay down technical specifications for labelling schemes, including harmonised labels, pictograms or any other marks related to the security of the products with digital elements, and mechanisms to promote their use. Those implementing among businesses and consumers and to increase public awareness about security of products with digital elements. Those delegated acts shall be adopted in accordance with the examination procedure referred to in Article 51(2)0.
2023/04/28
Committee: IMCO
Amendment 229 #
Proposal for a regulation
Article 22 – paragraph 6 a (new)
6 a. A partly completed product with digital elements shall not be marked with the CE marking under this Regulation without prejudice of marking provisions resulting from other applicable Union legislation.
2023/04/28
Committee: IMCO
Amendment 234 #
Proposal for a regulation
Article 24 – paragraph 1 – point c a (new)
(c a) a European cybersecurity certification scheme adopted in accordance with Article 18(4) of Regulation (EU) 2019/881.
2023/04/28
Committee: IMCO
Amendment 236 #
Proposal for a regulation
Article 24 – paragraph 2 – point b a (new)
(b a) where applicable, a European cybersecurity certification scheme at assurance level ‘substantial’ or ‘high’ pursuant to Regulation (EU) 2019/881.
2023/04/28
Committee: IMCO
Amendment 256 #
Proposal for a regulation
Article 41 – paragraph 3
3. Where relevant, the market surveillance authorities shall cooperate with the national cybersecurity certification authorities designated under Article 58 of Regulation (EU) 2019/881 and exchange information on a regular basis. With respect to the supervision of the implementation of the reporting obligations pursuant to Article 11 of this Regulation, the designated market surveillance authorities shall effectively cooperate with ENISA. The market surveillance authorities may request ENISA to provide technical advice on matters related to the implementation and enforcement of this Regulation, including during investigations in accordance with Article 43.
2023/04/28
Committee: IMCO
Amendment 259 #
Proposal for a regulation
Article 41 – paragraph 7
7. The Commission shall facilitate the regular and structured exchange of experience between designated market surveillance authorities, including via a dedicated administrative cooperation group (ADCO) established under paragraph 11 of this Article.
2023/04/28
Committee: IMCO
Amendment 261 #
Proposal for a regulation
Article 41 – paragraph 11
11. A dedicated administrative cooperation group (ADCO) shall be established for the uniform application of this Regulation, pursuant to Article 30(2) of Regulation (EU) 2019/1020. This ADCOto facilitate structured cooperation in relation to the implementation of this Regulation and to streamline the practices of market surveillance authorities within the Union, pursuant to Article 30(2) of Regulation (EU) 2019/1020. This ADCO shall have, in particular, the tasks referred to in Article 32(2) of Regulation (EU) 2019/1020 and shall be composed of representatives of the designated market surveillance authorities, ENISA and, if appropriate, representatives of single liaison offices. The ADCO shall meet at regular intervals and, where necessary, at the duly justified request of the Commission or ENISA or a Member State and shall coordinate its action with other existing Union activities related to market surveillance and consumer safety and, where relevant, shall cooperate and exchange information with other Union networks, groups and bodies. The ADCO may invite experts and other third parties, including consumer organisations, to attend its meetings.
2023/04/28
Committee: IMCO
Amendment 288 #
Proposal for a regulation
Article 49 a (new)
Article 49 a Provision of technical advice 1. The Commission shall appoint by way of an implementing act an expert group to provide technical advice to market surveillance authorities on matters related to the implementation and enforcement of this Regulation. The implementing act shall specify, inter alia, the details related to the composition of the group, its operation and the remuneration of its members. In particular, the expert group shall provide non-binding evaluations of products with digital elements upon request by a market surveillance authority that is conducting an investigation under Article 43 and of the list of critical products with digital elements set out in Annex II, as well as on the possible need to update that list. 2. The expert group shall consist of independent experts appointed for a renewable three-year term by the Commission on the basis of their scientific or technical expertise in the field. 3. The Commission shall appoint a number of experts which is deemed sufficient to fulfil the foreseen needs. 4. The Commission shall take the necessary measures to manage and prevent any conflicts of interest. The Declarations of interests of the members of the expert group shall be made publicly available. 5. The appointed experts shall perform their tasks with the highest level of professionalism, independence, impartiality and objectivity. 6. When adopting positions, views and reports, the expert group shall attempt to reach consensus. If consensus cannot be reached, decisions shall be taken by simple majority of the group members.
2023/04/28
Committee: IMCO
Amendment 294 #
Proposal for a regulation
Chapter VII a (new)
CHAPTER VIIa MEASURES IN SUPPORT OF INNOVATION: Article 53a Regulatory sandboxes 1. The Commission and ENISA, shall establish a European regulatory sandbox with voluntary participation of manufacturers of products with digital elements to: (a) provide for a controlled environment that facilitates the development, testing and validation of the design, development and production of products with digital elements, before their placement on the market or putting into service pursuant to a specific plan; (b) provide practical support to economic operators, including via guidelines and best practices to comply with the essential requirements set out in Annex I. (c) contribute to evidence-based regulatory learning.
2023/04/28
Committee: IMCO