Impact/Action of GNOME on EU’s proposed Cyber Resilience Act

As the topic mentions, what is the impact on GNOME because of EU’s proposed Cyber Resilience Act. Also how can GNOME help in getting this law modified to exempt FOSS.

Adding a link with info from the European Commission: EU Cyber Resilience Act | Shaping Europe’s digital future

I think maybe GNOME is already exempt. The proposed regulation, page 15, says:

(10) In order not to hamper innovation or research, free and open-source software developed or supplied outside the course of a commercial activity should not be covered by this Regulation. This is in particular the case for software, including its source code and modified versions, that is openly shared and freely accessible, usable, modifiable and redistributable. In the context of software, a commercial activity might be characterized not only by charging a price for a product, but also by charging a price for technical support services, by providing a software platform through which the manufacturer monetises other services, or by the use of personal data for reasons other than exclusively for improving the security, compatibility or interoperability of the software.

A device manufacturer (or reseller) using an OS with GNOME installed on it would not be exempt. For example laptops from well known brands that have the option to preinstall a Linux OS. Canonical with their Ubuntu Pro | Ubuntu offering could play a major role for manufacturers to comply with this regulation.

It makes me question the work Flathub are doing to make it possible to pay app developers. That would seem to me would make both Flathub and those app developers subject to the proposed regulation.

I’m not a lawyer.

Is the law not detrimental to FOSS in general? If yes, shouldn’t GNOME do something about it, as a leading OSS project, even if it is not directly impacted?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.