There widespread concern and worry in the free and open source ecosystem that, despite the longstanding support for and focus on FOSS from the European Commission, the Cyber Resilience Act misunderstands how FOSS is developed and consequently there could be serious unintended impacts to those who openly share and collaborate as part of their software development process. As a result, the transparency and openness that make free and open-source software valuable could lead to excessive and duplicate CRA obligations for the developer, non-profit foundations and code repositories that do not place software on the market for profit.
This event will outline the role of FOSS in Europe and the world today, why the proposed CRA misses the target when trying to take it into consideration, and what the co-legislators can do about it.
Free and open source software (FOSS) is estimated to make up 70-90% of all software in existence. The pervasiveness of FOSS means that the unintended consequences wouldn’t only negatively affect a small part of our economy. Rather, everything from the telecommunications industry, the growing OSS SME sector and the financial sector to the IT-systems that our governments run on would be negatively affected.
There is broad support from the co-legislators and the European Commission that the CRA should achieve its goals while avoiding unintended consequences for the FOSS innovation model. We hope this event can clear up misconceptions of what FOSS is today, and what risks we need to avoid.
