Source: OJ L 2024/2847, 20.11.2024
EN- Cyber resilience for products with digital elements
Basic legislative acts
- CRA regulation
Article 63 Confidentiality
All parties involved in the application of this Regulation shall respect the confidentiality of information and data obtained in carrying out their tasks and activities in such a manner as to protect, in particular:
intellectual property rights and confidential business information or trade secrets of a natural or legal person, including source code, except the cases referred to in Article 5 of Directive (EU) 2016/943 of the European Parliament and of the Council (37)Directive (EU) 2016/943 of the European Parliament and of the Council of 8 June 2016 on the protection of undisclosed know-how and business information (trade secrets) against their unlawful acquisition, use and disclosure (OJ L 157, 15.6.2016, p. 1).;
the effective implementation of this Regulation, in particular for the purposes of inspections, investigations or audits;
public and national security interests;
integrity of criminal or administrative proceedings.
Without prejudice to paragraph 1, information exchanged on a confidential basis between the market surveillance authorities means a market surveillance authority as defined in Article 3, point (4), of Regulation (EU) 2019/1020; and between market surveillance authorities means a market surveillance authority as defined in Article 3, point (4), of Regulation (EU) 2019/1020; and the Commission shall not be disclosed without the prior agreement of the originating market surveillance authority means a market surveillance authority as defined in Article 3, point (4), of Regulation (EU) 2019/1020;.
Paragraphs 1 and 2 shall not affect the rights and obligations of the Commission, Member States and notified bodies means a conformity assessment body designated in accordance with Article 43 and other relevant Union harmonisation legislation; with regard to the exchange of information and the dissemination of warnings, nor the obligations of the persons concerned to provide information under criminal law of the Member States.
The Commission and Member States may exchange, where necessary, sensitive information with relevant authorities of third countries with which they have concluded bilateral or multilateral confidentiality arrangements guaranteeing an adequate level of protection.
Springlex and this text is meant purely as a documentation tool and has no legal effect. No liability is assumed for its content. The authentic version of this act is the one published in the Official Journal of the European Union.