At midnight on May 27, 2025, the European Commission closed its call for contributions on the activation of rules for reconfigurable radioelectric equipment, which aims to ensure that software updates do not compromise the safety and compliance of devices throughout their lifecycle. This consultation is part of the RED Directive (2014/53/EU), which regulates the marketing of radioelectric equipment in Europe.
A major issue for 450 million Europeans
With the proliferation of software capable of remotely modifying radio parameters (transmit power, frequencies used), a device that is compliant when first placed on the market can become non-compliant, or even dangerous, after a manufacturer’s update. This can lead, for example, to increased exposure to radiofrequency radiation (measured by the Specific Absorption Rate (SAR)), or to interference with other essential services.
The aim of the consultation is therefore to propose the activation of different levels of legal provisions (from 0 to 4) to provide a more or less strict framework for these updates, in order to guarantee consumer health and safety.
76% of contributions come from industry stakeholders vs. 24% from civil society
Of the 34 contributions received, the vast majority come from industry stakeholders, who are in favor of the status quo (option 0) or simple self-regulation (option 1), citing economic arguments and the need to preserve innovation.
On the other hand, consumer associations, national authorities and NGOs, including Phonegate Alert, are calling for tighter regulation (options 2 to 4) to prevent the abuses observed, notably the practice of bypassing SAR tests via embedded software.
Phonegate Alert for Option 4 proposed by the European Commission
Our contribution stresses the importance of taking into account the SAR, a key parameter for exposure to radio frequencies, and warns of the health risks associated with uncontrolled software updates. We call for the urgent adoption of the amended option 4, the only one capable of imposing a hardware lock on radio parameters, the implementation of reinforced controls and a public database.
Systemic risk of software fraud and circumvention of controls
Since our creation in 2018, we have been denouncing the use of embedded software and algorithms enabling cell phone manufacturers to vary the power of phones during compliance tests, in the image of the Dieselgate scandal.
Extract present in every cell phone test report carried out by ANFR since 2022
Our actions have led the French National Frequencies Agency (ANFR), since 2022, to require manufacturers to transmit deactivation keys for the main software (proximity sensor, motion sensors, time averaging) present in their smartphones or connected objects, prior to any testing. To our knowledge, the French regulator is the only one in Europe to implement this procedure.
For Dr. Marc Arazi, President of Phonegate Alert:
“We deplore the technical and non-transparent nature of this call for contributions organized by the European Commission, which excluded the majority of citizens and civil society. We call for a genuine public consultation and in-depth democratic debate on this crucial issue for the health and safety of Europeans. Such a development cannot and must not be at the mercy of industry and its lobbies alone”.
On the same subject :
