European Union: Adopted EDPS Opinion on proposed Cyber Resilience Act

On 10 November 2022, the European Data Protection Supervisor (EDPS) published its Opinion on the Proposal for a European Cyber Resilience Act. The EDPS reiterated the appropriate level of security for the processing of personal data according to the EU General Data Protection Regulation (GDPR). In relation to the certification and standardisation of cybersecurity in the Proposal, the EDPS suggests clarifying the relations between the relevant governing bodies and that the proposed European cybersecurity certificate should not replace the GDPR certification. The EDPS also suggested that the relationship between the provisions of the Proposal and existing EU data protection laws should be clarified.