Dropsafe

by Alec Muffett

EU Post-Pegasus Report, drawing on EDRi paper (?) calls for regulation of vulnerability disclosure

2022/11/26 03:03:43 GMT

I don’t know who needs to hear this, but this (in the current report draft) is a very, very bad idea.

https://www.europarl.europa.eu/doceo/document/PEGA-PR-738492_EN.pdf

> Sophie in ‘t Veld
Vulnerabilities

151. Without vulnerabilities in software, it would be impossible to install and deploy spyware. Therefore, in order to regulate the use of spyware, the discovery, sharing and exploitation of vulnerabilities have to be regulated as well [290]. Despite the strengthening of the defence of digital systems required and encouraged by the NIS2 Directive and the proposal for the Cyber Resilience Act, it is nearly impossible to develop systems without vulnerabilities.

…

290 Ot van Daalen, intervention in PEGA 27 October 2022; EDRi Paper: Breaking encryption will doom our freedoms and rights
https://edri.org/wp-content/uploads/2022/10/EDRi-Position-Paper-Encryption.pdf
https://www.enisa.europa.eu/news/enisa-news/coordinated-vulnerability-disclosure-policies-in-the-eu

⊞

Dropsafe

EU Post-Pegasus Report, drawing on EDRi paper (?) calls for regulation of vulnerability disclosure

Comments

Leave a Reply Cancel reply

More posts

UK Government King’s Speech proposes “Cyber ASBO” with obvious risk of scope creep into censorship

Don’t take away our freedom to play games when we want | 38 Degrees

‘Von der Leyen Announces the EU’s New Age Verification App Claiming it is “Completely Anonymous” & users “Cannot be Tracked”’ | …the EU is about to have its ‘Clipper’ moment

From 2019: ‘If there were 5 million “bad people” on Facebook – terrorists, criminals, drug-dealers, whatever – that would be 0.2% of the userbase’