Also, to avoid "dangerous" not yet professional amateurs having a chance against big editors.
Courts and regulators, particularily European ones, understand when there's a "will" to follow the law. It's one of the differences between "rules-based" and "principles-based" regulations.
- If you run a commercial kitchen on your own (or, let's say, with a staff of 2-3 people), can you ignore the food safety regulations? The fire regulations?
- If you run a one-man plumbing company, can you ignore safety regulations? Water regulations? Sewage regulations?
etc.
Why is it than when it comes to "commercial software" it is inevitably "oh my god these laws are so hard, why should I as one-man company be forced to comply with them". Because that is literally your job.
Regulations can make sense for software that could cause physical harm - like the software in an implanted medical device - but most software doesn't fall in that category. The CRA is about "security" not about "physical harm" - they are two different things. Regulations for the latter would likely receive less pushback.
Your distinction is without meaning
A recall was issued therefore there is already regulatory oversight where it counts. The CRA is at best redundant and at worst a prime example of regulatory capture [1].
Just because a recall was issued doesn't imply that there's a regulatory oversight. And even that oversight exists in that particular case doesn't mean it is applicable to other areas.
What it does mean is that you're weak attempt to paint software being exempt because it "doesn't lead to food poisoning" is weak and uninformed at best.
> The CRA is at best redundant
It's not
> at worst a prime example of regulatory capture
Again, it's not.
Just because you engage in FUDing, doesn't make your words true.