[gdal-dev] Fwd: [Qgis-psc] European CRA and its implications
Even Rouault
even.rouault at spatialys.com
Wed Jul 19 11:28:19 PDT 2023
Hi,
FYI: relaying the following exchanges about the topic of the Cyber
Resilience Act which is in development in the EU and has strong and
worrying implications for all open source software distributed in Europe
and/or with European contributors. Cf
https://en.wikipedia.org/wiki/Cyber_Resilience_Act for an intro on the topic
Even
-------- Message transféré --------
Sujet : Re: [Qgis-psc] European CRA and its implications
Date : Wed, 19 Jul 2023 10:40:12 +0200
De : Marco Bernasocchi via QGIS-PSC <qgis-psc at lists.osgeo.org>
Répondre à : Marco Bernasocchi <marco at qgis.org>
Pour : Andreas Neumann <andreas at qgis.org>
Copie à : QGIS PSC List <qgis-psc at lists.osgeo.org>
Hi Andreas, I understand that sentence also for paid developments. If a
client asks OPENGIS.ch (or any other company) to add an new QGIS
feature, for us it is a commercial activity. so that formulation is
really tricky.
I escalated already to OSGeo.
Marco Bernasocchi
QGIS.org Chair
OSGeo.org Board member
OPENGIS.ch CEO
On Wed, 19 Jul 2023, 10:32 Andreas Neumann, <andreas at qgis.org> wrote:
Hi again,
Here is an excerpt from the proposed regulation (source
https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:52022PC0454 ):
/*(10) " In order not to hamper innovation or research, free and
open-source software developed or supplied outside the course of a
commercial activityshould not be covered by this Regulation. This
isin particular the case for software, including its source code and
modified versions, that is openly shared and freely accessible,
usable, modifiable and redistributable. In the context of software,
a commercial activity might be characterized not only by charging a
price for a product, but also by charging a price for technical
support services, by providing a software platform through which the
manufacturer monetises other services, orby the use of personal data
for reasons other than exclusively for improving the security,
compatibility or interoperability of the software." */
So it seems to be primarily an issue for companies selling
"technical support" around Open Source software - and not so much
for the project itself.
Of course, these companies are very important for the QGIS and OSGeo
ecosystem - and therefore PSC should make an effort here as well.
Andreas
On Wed, 19 Jul 2023 at 10:25, Andreas Neumann <andreas at qgis.org> wrote:
Hi,
I wasn't aware about it - ideally, our umbrella organizations
(OSGeo, FOSSGIS e.V. or counterparts in other countries, in
Switzerland maybe CH-Open) could react - and not all of the
individual projects separately.
Of course, we can do our part to support the umbrella
organization - and maybe the more "user visible" and popular
projects (like QGIS, PostGIS, GeoServer, MapServer, OpenLayers,
etc.) could use their visibility to support the efforts of the
umbrella organizations - but it should be somehow coordinated.
You, Marco, can discuss this with OSGeo - this is the link to
the "steering committee" of FOSSGIS:
https://fossgis.de/verein/vorstand/
Andreas
On Wed, 19 Jul 2023 at 10:06, Marco Bernasocchi via QGIS-PSC
<qgis-psc at lists.osgeo.org> wrote:
Hi Vincent,
thanks a lot for the link. I had honestly missed this.
does not look good at all.
I ve also shared thid with the OSGeo board.
and will discuss with the psc what we can do.
cheers
Marco Bernasocchi
QGIS.org Chair
OSGeo.org Board member
OPENGIS.ch CEO
On Wed, 19 Jul 2023, 09:45 Vincent Picavet (ml) via
QGIS-PSC, <qgis-psc at lists.osgeo.org> wrote:
Hi PSC,
Should you not be aware already, there is an existential
and urgent risk on the OpenSource ecosystem coming from
the European commission, through the CRA text :
https://eclipse-foundation.blog/2023/02/23/cyber-resilience-act-good-intentions-and-unintended-consequences/
Mozilla has already taken action, and publicly reacted
also. So did a few other opensource organizations.
Given the strong impact it may have on the OpenSource
world, I think QGIS.org should :
- make a public announcement / blog article / press release
- directly contact MEPs to communicate about the
problems raised by the current version of the text
- coordinate with other OpenSource organization for actions
- optionnaly, make some stronger actions ( e.g. close
QGIS downloads as filezilla does, display a message on
the web site, display a message on QGIS start window...)
The ITRE commission is supposed to meet today, this is
therefore an urgent matter. The longer we wait, the more
difficult it will be to reestablish the text to an
acceptable version.
Best regards,
Vincent
_______________________________________________
QGIS-PSC mailing list
QGIS-PSC at lists.osgeo.org
https://lists.osgeo.org/mailman/listinfo/qgis-psc
_______________________________________________
QGIS-PSC mailing list
QGIS-PSC at lists.osgeo.org
https://lists.osgeo.org/mailman/listinfo/qgis-psc
--
--
Andreas Neumann
QGIS.ORG <http://QGIS.ORG> board member (treasurer)
--
--
Andreas Neumann
QGIS.ORG <http://QGIS.ORG> board member (treasurer)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/gdal-dev/attachments/20230719/d203b6cf/attachment.htm>
-------------- next part --------------
_______________________________________________
QGIS-PSC mailing list
QGIS-PSC at lists.osgeo.org
https://lists.osgeo.org/mailman/listinfo/qgis-psc
More information about the gdal-dev
mailing list