[PublicPolicy] EU Cyber Resilience Act
Simon Phipps
simon.phipps at opensource.org
Fri Jan 27 19:34:51 UTC 2023
List members will be aware that the European Commission has proposed text
for a new Cyber Resilience Act
<https://ec.europa.eu/info/law/better-regulation/have-your-say/initiatives/13410-Cyber-resilience-act-new-cybersecurity-rules-for-digital-products-and-ancillary-services_en>
in
an attempt to address fitness-for-use of software in critical applications
and has sent the draft to the European Parliament for adoption. Many
experts believe the draft will have serious detrimental effects on the
software market in Europe if adopted as-is.
Open source voices have been especially critical because, while the
Commission has attempted to carve an exception so that the legislation does
not affect open source, the exception is faulty as it is based on a poor
understanding of open source (derived we think from academic papers that
address the supply chain of embedded industrial use of open source and not
the whole field).
OSI submitted its own comments
<https://blog.opensource.org/what-is-the-cyber-resilience-act-and-why-its-important-for-open-source/>
on the exception and also co-signed more extensive work co-ordinated by
Open Forum Europe. a wide range of other voices joined a chorus of concern;
I have excerpted their comments on my blog
<https://the.webm.ink/reactions-to-the-cyber-resilience-act>. Open source
software is made everywhere, so the impact of broad reaching legislation
like this (and there is more in the pipe) touches us all.
Given the text is now before the Parliament, this will be an issue that
will only grow in profile. I'd be pleased to hear from you if you intend to
engage in Brussels, as we need to help European legislators grasp the
realities of open source before they write more legislation.
Best regards
Simon
--
Simon Phipps*, Standards & Policy Director, The Open Source Initiative*
www.opensource.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensource.org/pipermail/publicpolicy_lists.opensource.org/attachments/20230127/3154c1f7/attachment.html>
More information about the Publicpolicy
mailing list