EU RED Article 3.3 cybersecurity provisions mandatory date postponed to August 1, 2025

On October 27, 2023, the European Union issued an official gazette to amend the RED Authorization Regulation (EU) 2022/30, in which the date description of the enforcement time in Article 3 was updated to August 1, 2025.  It was originally scheduled to take effect on August 1, 2024.

The RED Authorization Regulation (EU) 2022/30 is an official gazette issued by the European Union, which stipulates that manufacturers of related products must take into account the cybersecurity requirements of the RED Directive when involved and produced. Those are RED 3(3)(d), RED 3(3)(e) and RED 3(3)(f).

3(3) (d): It will not damage the network or abuse network resources;

3(3) (e): The personal data and privacy of users and consumers are protected;

3(3) (f): It has anti-fraud security features.

Applicable products of the regulations include most wireless terminal devices that can access the Internet, such as routers, cameras, smart door locks, smart home appliances, wearable devices and clothing, smartphones, tablets, toys and child care equipment, but  it does not include other equipment regulated by specific directives such as automobiles, medical devices, civil aviation and railway-related systems, etc.