18 Amendments of Sandro GOZI related to 2022/0272(COD)
Amendment 66 #
Proposal for a regulation
Recital 10
Recital 10
(10) IResearch by the Commission shows that Open Source software contributes between €65 billion to €95billion to the Union’s GDP, and provides significant growth opportunities for the Union economy. Therefore, in order not to hamper innovation or research, freeware and open-source software developed or supplied outside the course of a commercial activity should not be covered by this Regulation. This is in particular the case for software, including its source code and modified versions, that is openly shared and freely accessible, usable, modifiable and redistributable. In the context of software, a commercial activity might be characterized not only by charging a price for a product, but also by charging a price for technical support services, by providing a software platform throughe core functionality of which relies on other services which the manufacturer monetises other services, or by the use of personal data for reasons other than exclusively for improving the security, compatibility or interoperability of the software.
Amendment 67 #
Proposal for a regulation
Recital 10 a (new)
Recital 10 a (new)
(10 a) Due to the permissive nature of open-source licences, open-source software can be used as a component in products without need for the consent or knowledge of the original author, allowing for manufacturers to build new products and services quickly, however open-source software developers are not compensated for this use and often work on the software in their free time. Therefore, when a manufacturer uses open-source software as a component in a product, they should be subject to the obligations of manufacturers for that component, unless otherwise agreed through the provision of commercial technical support either by the developer or a third-party.
Amendment 69 #
Proposal for a regulation
Recital 10 b (new)
Recital 10 b (new)
(10 b) Public open-source code and software repositories allow developers to access a wide range of resources for software development, and allow for developers to share their code with the wider open-source community. These repositories operate as a public good, and therefore should not be considered as providers, manufacturers, importers or distributors, nor should their activity be considered as commercial within the meaning of this Regulation.
Amendment 76 #
Proposal for a regulation
Recital 20
Recital 20
(20) Products with digital elements should bear the CE marking to visibly, legibly and indelibly indicate their conformity with this Regulation so that they can move freely within the internal market. Member States should not create unjustified obstacles to the placing on the market of products with digital elements that comply with the requirements laid down in this Regulation and bear the CE marking.
Amendment 120 #
Proposal for a regulation
Article 2 – paragraph 5 a (new)
Article 2 – paragraph 5 a (new)
5 a. This Regulation does not apply to freeware and open-source software unless: (a) the developer or a third-party has agreed to the provision of technical support services, either with a user, or with a manufacturer who wishes to use the software as a component in their own products. (b) the software is provided in the course of commercial activity, either by: (i) charging a price for a product; (ii) providing a software platform reliant on other services which the manufacturer monetises; (iii) using personal data generated by the software for reasons other than exclusively for improving the security, compatibility or interoperability of the software.
Amendment 129 #
Proposal for a regulation
Article 3 – paragraph 1 – point 6 a (new)
Article 3 – paragraph 1 – point 6 a (new)
(6 a) 'freeware' means proprietary software that is provided at no cost to the user, but cannot be distributed, studied, changed, improved, integrated into other products or provided as a service without the consent of the author;
Amendment 130 #
Proposal for a regulation
Article 3 – paragraph 1 – point 6 b (new)
Article 3 – paragraph 1 – point 6 b (new)
(6 b) ‘ open-source software’ means software distributed under a licence which allow users to run, copy, distribute, study, change and improve it freely, as well as to integrate it as a component in other products, provide it as a service, or provide commercial support for it;
Amendment 192 #
Proposal for a regulation
Article 11 – paragraph 1
Article 11 – paragraph 1
1. The manufacturer shall, without undue delay and in any event within 24 hours of becoming aware of it, notify to ENISA any actively exploited vulnerability contained in the product with digital elements. The notification shall include details concerning that vulnerability and, where applicable, any corrective or mitigating measures taken. ENISA shall, without undue delay, unless for justified cybersecurity risk-related grounds, forward the notification to the CSIRT designated for the purposes of coordinated vulnerability disclosure in accordance with Article [Article X] of Directive [Directive XXX/XXXX (NIS2)] of Member States concerned upon receipt and immediately inform the market surveillance authority about the notified vulnerability. Where a notified vulnerability has no corrective or mitigating measures available, ENISA shall ensure that information about the notified vulnerability is shared in line with strict security protocols and on a need-to-know-basis.
Amendment 224 #
Proposal for a regulation
Article 22 – paragraph 1
Article 22 – paragraph 1
1. The CE marking shall be affixed visibly, legibly and indelibly to the product with digital elements. Where that is not possible or not warranted on account of the nature of the product with digital elements, it shall be affixed to the packaging and to the EU declaration of conformity referred to in Article 20 accompanying the product with digital elements. For products with digital elements which are in the form of software, the CE marking shall be affixed either to the EU declaration of conformity referred to in Article 20 or on the website accompanying the software product. In the latter case, the relevant section of the website shall be easily and directly accessible to consumers.
Amendment 225 #
Proposal for a regulation
Article 22 – paragraph 3
Article 22 – paragraph 3
3. The CE marking shall be affixed before the product with digital elements is placed on the market. It may be followed by a pictogram or any other mark indicating to consumers a special risk or use set out in implementing acts referred to in paragraph 6.
Amendment 226 #
Proposal for a regulation
Article 22 – paragraph 5
Article 22 – paragraph 5
5. Member States shall build upon existing mechanisms to ensure correct and harmonised application of the regime governing the CE marking and shall take appropriate and coordinated action in the event of improper use of that marking. Where the product with digital elements is subject to other Union legislation which also provides for the affixing of the CE marking, the CE marking shall indicate that the product also fulfils the requirements of that other legislation.
Amendment 227 #
Proposal for a regulation
Article 22 – paragraph 6
Article 22 – paragraph 6
6. The Commission may, by means of implementingdelegated acts, lay down technical specifications for labelling schemes, including harmonised labels, pictograms or any other marks related to the security of the products with digital elements, and mechanisms to promote their use. Those implementing among businesses and consumers and to increase public awareness about security of products with digital elements. Those delegated acts shall be adopted in accordance with the examination procedure referred to in Article 51(2)0.
Amendment 229 #
Proposal for a regulation
Article 22 – paragraph 6 a (new)
Article 22 – paragraph 6 a (new)
6 a. A partly completed product with digital elements shall not be marked with the CE marking under this Regulation without prejudice of marking provisions resulting from other applicable Union legislation.
Amendment 256 #
Proposal for a regulation
Article 41 – paragraph 3
Article 41 – paragraph 3
3. Where relevant, the market surveillance authorities shall cooperate with the national cybersecurity certification authorities designated under Article 58 of Regulation (EU) 2019/881 and exchange information on a regular basis. With respect to the supervision of the implementation of the reporting obligations pursuant to Article 11 of this Regulation, the designated market surveillance authorities shall effectively cooperate with ENISA. The market surveillance authorities may request ENISA to provide technical advice on matters related to the implementation and enforcement of this Regulation, including during investigations in accordance with Article 43.
Amendment 259 #
Proposal for a regulation
Article 41 – paragraph 7
Article 41 – paragraph 7
7. The Commission shall facilitate the regular and structured exchange of experience between designated market surveillance authorities, including via a dedicated administrative cooperation group (ADCO) established under paragraph 11 of this Article.
Amendment 261 #
Proposal for a regulation
Article 41 – paragraph 11
Article 41 – paragraph 11
11. A dedicated administrative cooperation group (ADCO) shall be established for the uniform application of this Regulation, pursuant to Article 30(2) of Regulation (EU) 2019/1020. This ADCOto facilitate structured cooperation in relation to the implementation of this Regulation and to streamline the practices of market surveillance authorities within the Union, pursuant to Article 30(2) of Regulation (EU) 2019/1020. This ADCO shall have, in particular, the tasks referred to in Article 32(2) of Regulation (EU) 2019/1020 and shall be composed of representatives of the designated market surveillance authorities, ENISA and, if appropriate, representatives of single liaison offices. The ADCO shall meet at regular intervals and, where necessary, at the duly justified request of the Commission or ENISA or a Member State and shall coordinate its action with other existing Union activities related to market surveillance and consumer safety and, where relevant, shall cooperate and exchange information with other Union networks, groups and bodies. The ADCO may invite experts and other third parties, including consumer organisations, to attend its meetings.
Amendment 288 #
Proposal for a regulation
Article 49 a (new)
Article 49 a (new)
Amendment 294 #
Proposal for a regulation
Chapter VII a (new)
Chapter VII a (new)
CHAPTER VIIa MEASURES IN SUPPORT OF INNOVATION: Article 53a Regulatory sandboxes 1. The Commission and ENISA, shall establish a European regulatory sandbox with voluntary participation of manufacturers of products with digital elements to: (a) provide for a controlled environment that facilitates the development, testing and validation of the design, development and production of products with digital elements, before their placement on the market or putting into service pursuant to a specific plan; (b) provide practical support to economic operators, including via guidelines and best practices to comply with the essential requirements set out in Annex I. (c) contribute to evidence-based regulatory learning.