[OSGeo-Discuss] Cyber Resilience Act staying informed on updates
Jody Garnett
jody.garnett at gmail.com
Wed Dec 6 07:09:31 PST 2023
Follow up to November discussion and blog post
<https://www.osgeo.org/foundation-news/eu-cyber-resilience-act/> asking
OSGeo community to be informed.
1. At the end November Europe lawmakers agreed on something:
https://www.consilium.europa.eu/en/press/press-releases/2023/11/30/cyber-resilience-act-council-and-parliament-strike-a-deal-on-security-requirements-for-digital-products/
Free and open source was so far down the priority list that the press
release does not even mention it.
1. Next there were assurances that free and open-source community
concerns were addressed:
https://www.europarl.europa.eu/news/en/press-room/20231106IPR09007/cyber-resilience-act-agreement-with-council-to-boost-digital-products-security
The quote did indicate how our concerns were addressed:
> We have ensured support for micro and small enterprises and better
involvement of stakeholders, and addressed the concerns of the open-source
community, while keeping an ambitious European dimension.
1. This week I can find a articles providing clarifications that have
been added:
https://openforumeurope.org/eu-cyber-resilience-act-takes-a-leap-forward/
Two clarifications:
> the provision of free and open-source software products with digital
elements that are not monetised by their manufacturers is not considered a
commercial activity
> The mere circumstances under which the product has been developed, or
how the development has been financed should therefore not be taken into
account when determining the commercial or non-commercial nature of [making
free and open-source software available on the market].
—
Jody
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/discuss/attachments/20231206/46ed62db/attachment.htm>
More information about the Discuss
mailing list