Skip to content
Beltug
  • About
    • Our members
    • Beltug team
    • Contact
  • Agenda
  • Library
    • Papers
    • Presentations
    • Partner papers
  • Impact
  • News
  • Log in
  • Become a member

More results...

Generic filters
Beltug
  • About
    • Our members
    • Beltug team
    • Contact
  • Agenda
  • Library
    • Papers
    • Presentations
    • Partner papers
  • Impact
  • News
  • Log in
  • Become a member

Cyber resilience, product and AI liability, and more: the EU at work

The digital transformation is one of the European Union’s priorities. To keep the regulatory framework up to date, the European Commission is hard at work: revising the 1985 product liability directive and drafting new initiatives and laws on Artificial Intelligence liability and cyber resilience.

23 / 11 / 22

The Cyber Resilience Act for ‘products with digital elements’

On 15 September, the European Commission published a proposal for a Cyber Resilience Act for ‘products with digital elements’, which aims to bolster cybersecurity rules to ensure more secure hardware and software products. One key new shift is the inclusion of non-embedded software: this is the first time the EU legal framework has addressed the cybersecurity of those types of products.

As cybersecurity continues to be a top priority for our members, it is important that the voice of the business user be heard for this significant piece of legislation. Beltug participated in the public consultation for the draft regulation, which defines cybersecurity requirements for manufacturers, importers and distributors. It follows the current CE-marking system. Depending on the type of products, a party has to declare that the product conforms in terms of cybersecurity before it can enter the EU.

For example, companies cannot launch products on the market with a proven flaw, with a security configuration that the user doesn’t have to change, or with too many attack surfaces. Furthermore, manufacturers must ensure their products’ cybersecurity during the whole lifecycle.

Market surveillance and enforcement will be the responsibility of member states, including imposition of administrative fines that can be as high as 15 million euros or 2.5% of turnover. Beltug will collaborate with our sister CIO associations Cigref (France), CIO Platform (Netherlands) and Voice (Germany) to play a role in shaping the final text, which will now be discussed at the Member States and European Parliament level.

AI liability

The current liability framework dates from 1985: the year the famous Commodore 128 PC was introduced, delivering 128 kB of RAM and ROM. On 28 September, the European Commission published two proposals aiming to adapt liability rules for the digital age, by modernising the current requirements and ensuring that AI is included. To take only one example, who is liable when a self-driving car crashes: the driver or the software?

Beltug participated in the consultations opened by the European Commission on the draft regulation, including developing a position on the April 2021 proposal, together with Cigref, CIO Platform and Voice. AI has been a priority of Beltug members for many years and Beltug has organised several sessions on the topic, including key-note sessions (see below under ‘You may also like’).

The first proposed change tackles the issue of liability when a business substantially modifies a product that is already on the market or when a product has been directly imported from outside the EU by a consumer. Importantly, this includes defective software updates, defective machine learning algorithms, or defective digital services that are essential for a product to operate.

The second proposal adds an AI Liability Directive, targeting specific damages caused by AI. Member States have already begun to include AI in their product liability frameworks, and the current proposals seek to ensure that the same rules apply in the EU. The AI Liability Directive aims to provide uniform rules for certain aspects of non-contractual civil liability for damage caused with the involvement of AI systems.

  • Artificial Intelligence
  • security
  • Software

You may also like:

Anything but easy: in AI, preparation is key. Takeaways from the Beltug N-sight: 30 November 2021

Artificial Intelligence (AI) empowers organisations in many ways, especially when it comes to unleashing the potential of all the data a company owns. With the help of AI, processes can be automated, smart decisions made, repetitive...

The good, the bad and the ugly of AI. Takeaways from the Beltug N-sight: 02 March 2021

Artificial Intelligence (AI) and Machine Learning are fairly new technologies, and companies are seeking to define the optimal fields of application within their organisations. They need to uncover the opportunities where AI and Machine Learning can...

Beltug and sister associations issue joint Position on the EC’s AI regulatory framework proposal

Search engines, social media tag suggestions, Deep Blue’s 1997 victory over Garry Kasparov, your spam filter, facial recognition…do you see the common thread yet? The answer is artificial intelligence.

‘Artificial intelligence involves planning, deciding and reasoning’. Takeaways from the Beltug N-sight, 19 November 2019

Companies are finding it hard to grasp the tangible potential of Artificial Intelligence and Machine Learning, and to find ways to cash in on the opportunities. The technology remains rather enigmatic.

Return to impact
Beltug logo, white transparent

Belgian association of CIOs and digital technology leaders.

info@beltug.be +32 3 780 17 30 Contact us
  • Beltug team
  • Our members
  • Subscribe to our newsletter
© 2023 - Flux
Privacy Policy | Cookie Policy

Login

X
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking 'Accept', you consent to the use of ALL the cookies. However, you may visit 'Cookie Settings' to provide a controlled consent.

Read MoreCookie Settings Accept
Manage consent

Cookie policy and overview

This website uses cookies to improve your experience while you navigate through the website.

Out of these, the cookies that are categorised as necessary are stored on your browser as they are essential for the working of basic functionalities of the website.
We also use first-party cookies that help us analyse and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.

In our cookie policy you can read more about the most frequently used cookies and their usage.

Beltug is a not-for-profit association for its members and through its members. These analytical cookies related to our website help us to base our initiatives and your experiences on your preferences. So before refusing all cookies, would you consider accepting the analytical cookie category?

Third party cookies are activated with your consent only but are not processed by Beltug. Contents of these cookies is only processed by the third party that activates them.

Modifying cookie preferences

Cookie preferences are set when you visit our website for the first time through this pop-up window that is automatically displayed on your screen.

You can modify your preferences at any time by clicking the ‘Manage consent’ button in the bottom right corner of each page. Any modification has an immediate effect.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
_wordpress_test_cookie, test_cookiesessionWordPress sets this cookie when you navigate to the login page. The cookie is used to check whether your web browser is set to allow, or reject cookies.
CONSENTuntil you remove itThe cookie is set by the GDPR Cookie Consent WordPress plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. When Consent has been given the cookie is used to store the user consent for the cookies in the category 'Analytics'.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category 'Necessary'.
PHPSESSIDsessionThis cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed.
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
WordPress_clef_session, _wordpress_cleff_state1 yearThis WordPress cookie is necessary to use the administrator zone (only for administrators).
wp-settings-1, wp-settings-time-11 yearWordPress uses this cookie to customize your view of the admin interface, and possibly also the main site interface.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc and are only activated with your consent.
CookieDurationDescription
_ga2 yearsThe _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report.
_gat_gtag1 minuteSet by Google to distinguish users.
_gid1 dayInstalled by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit.
Third Party
Third-party cookies are those created by domains other than the one the user is visiting at the time, and are mainly used for tracking and online-advertising purposes. They also allow website owners to provide certain services, such as live chats and are only activated with your consent.
CookieDurationDescription
IDE1 year 24 daysUsed by Google DoubleClick to register and report the website user’s actions after viewing or clicking one of the advertiser’s ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.
VISITOR_INFO1_LIVE5 months 27 daysA cookie that YouTube sets that measures your bandwidth to determine whether you get the new player interface or the old.
YSCto be removed by youRegisters a unique ID to keep statistics of what videos from YouTube the user has seen. This cookie expires when you close your browser.
yt-remote-connected-devicesto be removed by youStores the user’s video player preferences using embedded YouTube video.
yt-remote-device-idto be removed by youStores the user’s video player preferences using embedded YouTube video.
Save & Accept