A New Delegated Act to the Radio Equipment Directive (2014/53/EU) has been Adopted

Today, we are facing constant development in smart devices, mostly called IoT. They are usually wirelessly connected and are due to this vulnerable to various attacks since there is often no sufficient protection provided to prevent this. In October 2021, a new Delegated Act to the Radio Equipment Directive (2014/53/EU) was adopted by the European Commission.

The Radio Equipment Directive establishes a set of rules to ensure compliance of IoT equipment with the requirements of the European market. The delegated act to the Radio Equipment Directive lays down new legal requirements covering some additional aspects in certain devices, which include technical features to ensure privacy, protection of data, and protection against fraud. Additional aspects also cover interoperability, emergency services, and the combination of radio equipment and software and its compliance. The intention of the mentioned Act is to further protect smart devices against unauthorised access from third persons, which would lead to data leaks or some other form of misuse.

The proposed transition period between its adoption and its mandatory use was set to 30 months. Compliance with the mentioned Articles 3.3 d, e, and f will be mandatory to ensure that products contain protection and are safe for use.

Which devices fall under which Article?

The essential requirements set out in Article 3.3 (d) and Article 3.3 (e) of Directive 2014/53/EU shall apply to devices that are connected to the Internet and devices which are capable of processing data, such as:

• Radio devices;
• Toy devices;
• Wearable devices.

The above mentioned devices have to comply not only with the new set of rules in Article 3.3., but also with Articles 3.1 (a), 3.1 (b) and 3.2.

More information:

Luka Tosetto
E-mail: luka.tosetto@siq.si
Tel.:  +386 1 4778 177