Article 29 Regulation (EU) 2024/2847 · Chapter III 法規 (EU) 2024/2847 · 第三章
General principles of the CE marking CE 標示之一般原則
The shortest article in the CRA. One sentence — pointing at the existing CE marking framework. The implication is bigger than it looks: a single CE on a product now silently asserts compliance with the CRA on top of every other Union act that already applies. CRA 中最短的條文。一句話,指向既有的 CE 標示框架。意涵比看起來大:產品上的單一 CE 標示、現在無聲地宣告符合 CRA、外加產品所適用的其他所有聯盟法規。
Block 1 · Official text 區塊 1 · 官方條文
What the Regulation actually says 條文實際怎麼寫
Source. Consolidated text from Regulation (EU) 2024/2847 as published in OJ L 2024/2847, 20 November 2024. Translation is unofficial; refer to EUR-Lex for binding text in all 24 EU languages. 來源。條文自《法規 (EU) 2024/2847》整合文本,發布於 OJ L 2024/2847,2024 年 11 月 20 日。此處中文為非官方翻譯;強制適用的條文請依 EUR-Lex 公告之 24 種歐盟官方語言版本。
The single substantive sentence 本條的唯一實質規定
Article 29
The CE marking shall be subject to the general principles set out in Article 30 of Regulation (EC) No 765/2008.
CE 標示應遵循 Regulation (EC) No 765/2008 第 30 條所定的一般原則。
Block 2 · Plain-language reading 區塊 2 · 白話解讀
What this clause is really doing 這其實在說什麼
Article 29 contains one sentence. The CRA does not invent a new CE marking; it points at the general CE marking framework that has existed since 2008 and says: that framework applies here too.
In practice this means three things for a manufacturer.
One — there is one CE per product, not one CE per regulation. A product subject to RED, Machinery Regulation, LVD and CRA simultaneously gets a single CE marking. The marking is unitary. The legal stack underneath it is plural.
Two — affixing CE asserts compliance with every applicable act at the same time. When the manufacturer puts CE on the product, that single mark asserts that every Union act that applies to the product has been complied with. The EU Declaration of Conformity behind the marking has to list each one.
Three — failure under any one act invalidates the whole marking. Because the EU DoC covers every applicable act in one document, a CRA non-compliance invalidates the DoC, which invalidates the CE marking the DoC underwrites — even if the underlying RED, Machinery, LVD compliances are intact. The single mark is the load-bearing artefact.
第 29 條只有一句。CRA 沒有發明新的 CE 標示,它指向 2008 年就存在的水平 CE 標示框架,說:這個框架在這裡也適用。
對製造商來說,這實務上代表三件事。
第一,一個產品一個 CE 標示,不是一部法規一個 CE 標示。同時受 RED、Machinery Regulation、LVD、CRA 規範的產品,只有一個 CE 標示。標示是單一的、底下的法律堆疊是複數的。
第二,貼上 CE 等於同時宣告符合所有適用法規。製造商把 CE 貼上產品時,這個單一標示宣告所有適用聯盟法規的合規。標示背後的 EU Declaration of Conformity 必須列出每一份。
第三,任一法規下的合規失效會讓整個標示無效。因為 EU DoC 在同一份文件裡涵蓋所有適用法規,CRA 不合規會讓 DoC 無效、進而讓 DoC 支撐的 CE 標示無效,即使底下的 RED、Machinery、LVD 合規本身完好無缺。這個單一標示是支撐 CE 合規的主結構。
Block 3 · APAC perspective 區塊 3 · APAC 觀點
How the CRA’s CE marking sits on top of every other Union mark you already carry CRA 的 CE 標示怎麼疊在你既有的其他聯盟標示之上
A worked example: the smart oven 一個情境:智慧烤箱
An APAC manufacturer of connected home appliances places a smart oven on the EU market. The product carries a CE marking already, and that CE marking is the result of having complied with three different Union acts: the Radio Equipment Directive 2014/53/EU for the wireless connectivity, the Machinery Regulation 2023/1230 for the heating safety, and the Low Voltage Directive 2014/35/EU for the electrical safety. The CRA arrives, and the regulatory affairs team asks an obvious question: do we now need a fourth CE marking for cybersecurity? Article 29 answers that question, and the answer is structurally cleaner than most readers expect — one CE marking, plural underlying acts, all asserted simultaneously.
一家 APAC 連網家電製造商把一台智慧烤箱投入歐盟市場。產品已經帶著 CE 標示,這個 CE 標示是同時遵循三份聯盟法規的結果:Radio Equipment Directive 2014/53/EU(無線連接)、Machinery Regulation 2023/1230(加熱安全)、Low Voltage Directive 2014/35/EU(電氣安全)。CRA 來了,法規事務團隊問一個明顯的問題:我們現在需要為網路安全多貼一個 CE 標示嗎?第 29 條回答這個問題、答案在結構上比多數讀者預期的乾淨,一個 CE 標示、複數底層法規、同時宣告。
Error 1 — the “we already CE-marked it” reflex 錯誤 1:「我們已經貼 CE 了」這個慣性思維
A manufacturer that has been placing CE-marked products on the EU market for years sometimes treats the existing CE marking as having absorbed the CRA. It has not. Existing CE marking represents compliance with whichever Union acts applied at the time it was affixed. The CRA adds a new act to the list, and from the moment the CRA becomes applicable, the existing marking becomes structurally insufficient. Re-affixing the same physical CE mark is fine, but the EU DoC behind it must be re-issued to add the CRA, and the underlying conformity assessment work must have been done. The marking is the same; the assertion the marking now makes is wider.
多年來把 CE 標示產品投入歐盟市場的製造商,有時會把既有 CE 標示當成已經吸納了 CRA。它沒有。既有 CE 標示表示對它被貼上時所適用的聯盟法規的合規。CRA 在清單上加了一份新法規,從 CRA 開始適用的那一刻起,既有標示在結構上就不足。重新貼同一個物理 CE 標示沒問題,但其後的 EU DoC 必須重新發行以加入 CRA,且底層的 conformity assessment 工作必須已經完成。標示一樣;標示現在所做的宣告變廣了。
Error 2 — EU DoC version drift across product lines 錯誤 2:EU DoC 版本在不同產品線之間漂移
An APAC manufacturer with multiple product lines often has multiple EU DoCs being maintained in parallel by different product teams. When the CRA is added to the obligations covered by each DoC, the version-control discipline becomes critical — and is often the weakest link. A product team that updates its EU DoC to reference CRA but does not align the DoC version with the firmware version actually shipping, or that has the SBOM out of step with the DoC’s declared support period, has produced a document that asserts something inconsistent with reality. In a market surveillance context, an inconsistent EU DoC is treated as an unreliable EU DoC. The CE marking sits on top of an unreliable artefact.
有多條產品線的 APAC 製造商,常由不同產品團隊平行維護多份 EU DoC。當 CRA 被加進每份 DoC 涵蓋的義務時,版本控制紀律變得至關重要,而它常是最脆弱的一環。一個產品團隊更新 EU DoC 加入 CRA 引用,但 DoC 版本沒對齊實際出貨的韌體版本、或 SBOM 跟 DoC 宣告的 support period 不同步,這個團隊產出的文件、所宣告的內容跟實際狀況對不上。在市場監督情境下,不一致的 EU DoC 會被當作不可信的 EU DoC。CE 標示坐在一個不可信的成品上。
Error 3 — assuming RED conformity covers CRA conformity 錯誤 3:假設 RED 合規就涵蓋 CRA 合規
The Radio Equipment Directive’s cybersecurity requirements (in particular RED Article 3.3 (d), (e), (f), as activated by Delegated Regulation 2022/30 from August 2025) cover specific cybersecurity outcomes for radio products, and the harmonised standards under it include EN 18031. Some APAC manufacturers, having complied with RED for the radio function of a product, conclude that the CRA layer has been absorbed. It has not. The two regimes overlap in subject matter but not in scope. RED applies only to the radio aspects of products that fall within RED. CRA applies to the entire product as a PwDE, regardless of whether it has a radio. The harmonised standards may end up converging in practice, but the legal stack of obligations does not. Each act must be discharged on its own terms, and the EU DoC must reference both.
RED 的網路安全要求(特別是 RED Article 3.3 (d)、(e)、(f),由 2025 年 8 月生效的 Delegated Regulation 2022/30 啟動)涵蓋無線產品的具體網路安全成果,其下的 harmonised standards 包括 EN 18031。一些 APAC 製造商在產品的無線功能遵循 RED 後,得出結論認為 CRA 層已被吸納。沒有。兩套機制在主題上對應,但在適用範圍上不對應。RED 只適用於落入 RED 範圍的產品中的無線面向。CRA 適用於整個 PwDE 產品,不論有無無線功能。Harmonised standards 在實務上可能會趨同,但法律義務堆疊不會。每一份法規必須以它自己的條件履行,EU DoC 必須同時引用兩者。
CE marking is a present-tense statement, not a historical record CE 標示是現在式聲明、不是歷史紀錄
A point that follows directly from the structure above: because the CE marking on a product is a unitary assertion covering every applicable Union act, the moment something changes that affects the underlying conformity, the assertion becomes potentially inaccurate. The Article 3(30) substantial modification framework feeds directly into this. A firmware update that constitutes a substantial modification under the CRA does not just trigger a fresh CRA conformity assessment — it potentially also affects the EU DoC, the EU DoC potentially affects the CE marking, and the CE marking is the visible artefact on every unit shipped. Treating CE marking as a one-time act of affixing is the structural error. Treating it as a present-tense compliance statement that has to be re-validated whenever any underlying conformity changes is closer to how the legal stack actually works.
一個從上面結構直接推出的觀察:因為產品上的 CE 標示是涵蓋所有適用聯盟法規的單一宣告,任何改變底層合規的事情發生時,這個宣告就可能變得不準確。第 3(30) 條實質修改框架直接連到這裡。一次 CRA 下構成實質修改的韌體更新,不只觸發新的 CRA conformity assessment,它也可能影響 EU DoC,EU DoC 可能影響 CE 標示,而 CE 標示是每台出貨單元上可見的成品。把 CE 標示當成「一次性貼上」的動作是結構性錯誤。把它當成「現在式合規聲明、底層合規變動時必須重新驗證」更接近法律堆疊實際的運作方式。
Block 4 · Cross-regulation map 區塊 4 · 跨法規對照
Where Article 29 touches other EU regimes 第 29 條與其他歐盟法規的交集
Article 29 cross-references one foundational instrument and inherits its rules. The cards below show the foundational instrument plus three Union acts whose CE marking now sits inside the same physical mark as the CRA on a typical APAC connected product. 第 29 條交叉引用一份基礎工具、繼承它的規則。下方卡片列出這份基礎工具、加上一台典型 APAC 聯網產品上、CE 標示現在跟 CRA 共用同一個物理標示的三部聯盟法律。
Reg (EC) · 765/2008
Horizontal CE marking framework
水平 CE 標示框架
The framework Article 29 imports. Article 30 of Reg 765/2008 sets the general principles: only the manufacturer or authorised representative may affix CE; CE shall be visible, legible and indelible; Member States cannot prohibit the placing on the market of CE-marked products on grounds covered by harmonisation legislation. CRA imports this without modification.
第 29 條引入的框架。Reg 765/2008 第 30 條訂下一般原則:只有製造商或授權代表可張貼 CE;CE 必須可見、可讀、不可磨滅;會員國不得就調和立法所涵蓋的事由禁止已貼 CE 的產品在市場上流通。CRA 原樣引入、無修改。
RED · 2014/53/EU
Radio Equipment Directive
無線電設備指令
Same physical CE mark covers RED conformity. Cybersecurity requirements under Art 3.3(d)(e)(f) activated by Delegated Regulation 2022/30 from August 2025 — but RED DA is repealed on 11 December 2027, the same date the CRA becomes fully applicable. Cybersecurity transitions from RED DA to CRA on that date.
同一個物理 CE 標示涵蓋 RED 合規。Art 3.3(d)(e)(f) 下的網路安全要求由 Delegated Regulation 2022/30 從 2025 年 8 月啟動,但 RED DA 從 2027 年 12 月 11 日廢止,跟 CRA 全面適用同日。網路安全從那天起從 RED DA 過渡到 CRA。
Machinery · (EU) 2023/1230
Machinery Regulation
機械法規
Same physical CE mark covers Machinery conformity. Applies from 14 January 2027 — overlapping with CRA for high-risk machinery with digital controllers. Both acts must be discharged separately; one CE on the housing, two technical files behind it.
同一個物理 CE 標示涵蓋 Machinery 合規。從 2027 年 1 月 14 日起適用,對具數位控制器的高風險機械而言、跟 CRA 對應。兩部法規必須分別履行;外殼上一個 CE,背後兩份技術檔案。
AI Act · (EU) 2024/1689
AI Act conformity
AI Act 合規
High-risk AI systems carry the same physical CE mark covering AI Act conformity. CRA Article 12 sets the bridge: AI Act Article 43 conformity procedure for cybersecurity, with carve-back to CRA Article 32 for Important / Critical products. One CE marking; two acts to discharge.
高風險 AI 系統帶著同一個物理 CE 標示、涵蓋 AI Act 合規。CRA 第 12 條設橋接:網路安全走 AI Act 第 43 條 conformity 程序,重要 / 關鍵產品則由 CRA 第 32 條另作保留。一個 CE 標示;兩部法規要履行。