Bad News for Open Source: EU Committee Approves the Cyber Resilience Act

Reuters reports that the European Union’s Industry, Research, and Energy Committee (ITRE) has approved a draft of the Cyber Resilience Act, which aims to make software safer. However, many open-source organizations, including The Apache Software Foundation, Eclipse Foundation, GitHub, and Linux Foundation, argue that the act could stifle open-source development.

Joe Brockmeier, head of community at Percona, expressed concern that the legislation could be very damaging if enacted. The act is now moving into the “trilogue” phase, where it will be discussed with the EU Parliament before a vote. Critics argue that the act could impose increased legal and financial responsibilities on open-source contributors and potentially expose software vulnerabilities to a larger audience. Brockmeier warns that the act’s current draft poses a significant threat to open-source software development and could disadvantage smaller players in the market.