Dear Reader,
A LinkedIn contact recently asked me in a private message: “Do you consult legal advice to get this clear understanding, or do you research this on your own?”
I haven’t consulted any legal advice for the EU CRA yet. I’ll probably do this in the future, as I have done for tricky licensing questions. As many of you probably know, I advise companies on license compliance for embedded Linux systems.
My work on FOSS licenses (especially, using Qt under LGPL) makes it easier for me to find my way through the EU CRA. In the end, my understanding of the EU CRA comes from a lot of research, from discussions with other people and from feedback on my posts. It’s a learning process for me. I will get things wrong on the way, but I am happy to correct my mistakes. So, keep your questions, comments and criticism coming.
In this newsletter, I want to give you some pointers to my resources for the EU CRA. The most important resource is unsurprisingly the legal text of the EU CRA. If I don’t understand a term or concept of the EU CRA, I’ll have a look at the Blue Guide. Germany’s Federal Office for Information Security has a lot of useful information about the EU CRA and cyber security topics. Last but not least, there are the blog posts, the LinkedIn posts and the newsletter of Sarah Fluchs. She is an invaluable source about the EU CRA and the bigger picture of worldwide cyber security regulations.
I’m sure that I’ll find more resources over time. I’ll let you know.
Have a great summer,
Burkhard 💜