Cooperate with market surveillance authorities
- 対象者
- Open-source steward
- 出典引用
- Art. 24(3)
- 製品クラス
- default, important-class-i, important-class-ii, critical
わかりやすい説明
If a national market surveillance authority contacts you about the open-source software you steward, you must cooperate and provide the information they need. This is a general cooperation obligation — you are not routinely monitored, but you must respond constructively if an authority investigates a product that uses your software.
Legal text
Article 24(3) of Regulation (EU) 2024/2847 provides that open-source software stewards shall cooperate with the market surveillance authorities, at their request, and shall provide those authorities with all information required for the performance of their tasks.
Where an open-source software steward identifies that a product with digital elements incorporating the open-source software component does not comply with the requirements of this Regulation, it shall inform the relevant market surveillance authority and, where possible, the manufacturer of that product.
Key requirements
- Respond to requests — provide information and documents requested by national market surveillance authorities
- Proactive notification — if you identify that a downstream product incorporating your OSS is non-compliant, notify the relevant authority and (where possible) the manufacturer
- Scope of cooperation — covers information about the software component, its security properties, and known vulnerabilities
- No routine inspection — market surveillance of OSS stewards is request-based, not routine; but you must respond when contacted
Evidence you may need
- Log of authority requests and responses
- Process for identifying and reporting downstream product non-compliance
- Contact procedure for market surveillance authorities