40 new ways the CRA can accidentally harm open source

A presentation at FOSDEM 2024 in February 2024 in Brussels, Belgium by Tobie Langel

Slide 1

Slide 1

40 new ways the CRA can accidentally harm open source Tobie Langel, UnlockOpen β€œOpen Source In The European Legislative Landscape” devroom Tobie Langel (@tobie) FOSDEM 2024 Principal, UnlockOpen

Slide 2

Slide 2

πŸ˜… The CRA has landed. It could have been catastrophic. It isn’t. πŸ§‘πŸ’» Open source community rose to the occasion πŸ—³ Policymakers paid attention & considered community input ❌ Avoided harming open source πŸ‡ͺπŸ‡Ί Avoided harming EU’s ability to leverage open source

Slide 3

Slide 3

πŸ‘“ We now have (a lot more) clarity* βœ… Responsibility falls where it rightfully belongs: with the entities monetizing the software (manufacturers) πŸ‘‰ Interesting new role: open source stewards (smart alignment with EU ambitions to leverage open source to regain tech sovereignty)

Slide 4

Slide 4

🌊 Industry & ecosystem-wide impact 🏭 Companies will be more cautious projects move to foundations (the stewards) β›“ Conformance requirements move up dependency trees ecosystem-wide impact πŸ’° Who’s going to bare the cost of this overhead?

Slide 5

Slide 5

πŸ”Œ 40+ harmonized standards 2 options to meet the requirements of the CRA: πŸ•΅ Demonstrate conformity (burden of proof is on you) β˜‘ Follow a set of standards (provides presumption of conformity) πŸ‘‰ Standards become de facto way the CRA impacts open source

Slide 6

Slide 6

πŸ€• 40+ way things can go wrong 😱 40+ standards = 40+ ways things can go wrong πŸ“‹ Notoriously opaque standardization processes πŸ’° Open source adoption requires open & royalty free standards 🎭 Huge diversity of open source stakeholders (stewards, hobbyist, COSS, EU SME ecosystem, etc.) 🀝 Interop with other jurisdictions

Slide 7

Slide 7

πŸ™ Thank you! Tobie Langel, UnlockOpen β€œOpen Source In The European Legislative Landscape” devroom Tobie Langel (@tobie) FOSDEM 2024 Principal, UnlockOpen