zlacker

[parent] [thread] 2 comments
1. hgs3+(OP)[view] [source] 2023-12-30 23:55:34
> critical products

IANAL but Annex III Class 1.2 states: "Standalone and embedded browsers" which would implicate every electron app. Class 1.5 states: "Products with digital elements with the function of virtual private network (VPN)" is so vague it could apply to video game chat messages.

The problem with regulations like this is they're so vague and will be selectively enforced. They won't affect Big Corp but will affect small business and solo developers.

replies(2): >>dotand+i3 >>Larisc+d9
2. dotand+i3[view] [source] 2023-12-31 00:29:08
>>hgs3+(OP)
In my experience with the GDPR it's selectively enforced on large companies and not small mom and pop shops unless they are handling unusually sensitive data. The legal system can only handle a couple of cases at a time, spending that on small shops with inconsequential signal effects isn't their MO.
3. Larisc+d9[view] [source] 2023-12-31 01:40:20
>>hgs3+(OP)
With Electron you are not developing an embedded browser, it is a dependency of your product which means you are responsible to keep this dependency secure and up-to-date.

I don't follow how rules for software with VPN functions could apply to a video game chat, but as with all laws intend and interpretation matters. Successfully convincing a judge that your game chat is a Class I critical product is unlikely.

I also don't think that the CRA is too vague. Rules that are too specific will just be circumvented. Enforcement works like any other market rule. You can sell all sorts of non-compliant products in the EU but if you are found out you pay a fine. It won't be any different with the CRA.

[go to top]