[OSGeo-Discuss] EU Cyber Resilience Act - potential impacts on open geospatial software?

Torsten Friebe friebe at lat-lon.de
Thu Aug 17 07:38:51 PDT 2023 

Dear all,

I would like to share with you the press release and statement of the 
Open Source Business Alliance (OSBA), a non-profit organisation based in 
Germany, which represents companies and organizations developing, 
building and using Open Source Software. The German Local Chapter of 
OSGeo, the FOSSGIS e.V. is member of the OSBA organisation since 2022.

Press release: 
https://osb-alliance.de/english/statement-on-the-cyber-resilience-act

Statement: 
https://osb-alliance.de/wp-content/uploads/2023/01/OSB-Alliance-Statement-on-the-CRA.pdf

As the current CRA is still under discussion and there are still 
opportunities to address the issues towards the EU and EU member states 
I would like to propose that (all) European OSGeo local chapters develop 
a joint declaration/statement and share this within the local communities.

Cheers

Torsten

Am 09.08.23 um 00:02 schrieb Jody Garnett via Discuss:
> Dear all,
>
> A lot of very good thoughts on this thread (and online).
>
> I have been thinking a bit more on this. As Luís highlights while 
> there are steps to take to be clear with our license the result would 
> end up not being useful / legal in Europe (which defeats OSGeo vision 
> of empowering everyone with free and open source geospatial goodness).
>
> a) The CRA treating everything as a supplier arrangement is a problem. 
> It is disrespectful to be treated as a supplied rather than a 
> respected commons (or even labour.)
>
> If we borrow a tool from labour - what would adopting a work-to-rule 
> practice for Europe?
>
>   * Delay downloads by two weeks (simulation of anticipated
>     certification overhead)
>   * Release source code to Europe but not the digital downloads
>     (respect Free and Open Source license and provide a taste of VPN
>     future)
>
>
> Aside: I use the word disrespectful to help indicated the violation of 
> the social norms asserted with our community. We should be offended 
> that after creating so much value for Europe regulation is being setup 
> to require more from our community.
>
> b) The proposed CRA certification SME to declare technology used. This 
> technically sets up a "dependency list" showing the open-source used 
> by each organization.
>
> Could this be used in a Robbin Hood manner to direct funding where needed:
>
>   * Use such insight to support projects that are underfunded for
>     their level of importance to European Economy
>   * Use tax dollars, or certification fees from industry, to scale
>     funding to match use of free and open source technologies
>
>
> Aside: This is what I mean about seeking economic solutions for the 
> root cause (underfunded open-source projects used in critical or 
> economically important systems).
>
> --
> Jody Garnett
>
>
> On Aug 3, 2023 at 12:43:59 AM, Luí­s Moreira de Sousa via Discuss 
> <discuss at lists.osgeo.org> wrote:
>> Dear all,
>>
>> hours ago, Wordpress, Joomla, Drupal and TYPO3 published an open 
>> letter on the CRA painting a scenario similar to the worst case I put 
>> forth here last week. Not only are FOSS projects threatened, 
>> thousands of European SMEs will either perish or move on to wholesale 
>> commercial software in the wake of this legislation. Essentially, we 
>> are speaking of the companies that contribute to fund OSGeo and 
>> sponsor the FOSS4G.
>>
>> https://wordpress.org/news/files/2023/08/Open_Letter_on_the_Significance_of_Free_and_Open_Source_Software_in_the_EU_s_Proposed_Cyber_Resilience_Act.pdf
>>
>> I am becoming increasingly concerned by this. I would exhort every 
>> charter member in Europe to get thoroughly informed and seek advice 
>> from trade guilds or unions and enterprise associations or federations.
>>
>> Regards,
>>
>> Luís
>> _______________________________________________
>> Discuss mailing list
>> Discuss at lists.osgeo.org
>> https://lists.osgeo.org/mailman/listinfo/discuss
>
> _______________________________________________
> Discuss mailing list
> Discuss at lists.osgeo.org
> https://lists.osgeo.org/mailman/listinfo/discuss

-- 

l a t / l o n  GmbH
Im Ellig 1                           53343 Wachtberg, Germany
phone ++49 +228 24 333 784
http://www.lat-lon.de                 http://www.deegree.org

lat/lon gesellschaft für raumbezogene informationssysteme mbH
Registergericht: Amtsgericht Bonn, HRB 13042
Geschäftsführer: Jens Fitzke und Torsten Friebe
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/discuss/attachments/20230817/1ce81f92/attachment.htm>

More information about the Discuss mailing list