How Government Policy can affect Open-soruce

Securing Open Source Software Act

Have you heard of

On 21st September 2022, U.S. Senators ... and Ranking Member of the Senate Homeland Security and Governmental Affairs Committee, introduced bipartisan legislation, the Securing Open Source Software Act (the “Act”), to help protect federal agencies and critical infrastructure systems by strengthening the security of software.

European Union
Cyber Resilience Act

Have you heard of

Remember GDPR?

Government regulations WILL affect us

There's no geographical boundaries in Open-Source

And

Who is maintaining an OSS?

Who has contributed to an OSS?

Who is using an OSS (almost) every day?

European Union
Cyber Resilience Act

TL;DR - putting 

On your software

It's a good thing... right?

It aims to protect the users and make publishers of software be responsible of it's security

However...
in open-source

bit.ly/oss-dragons-scypy2023-slides

We may not be able to demonstrate compliance

Or it's very expensive...

Non-commercial activities are exempted, right?

But... what is a commercial activity?

  • Can I accept donations?
  • Should I open-source my project in my company?
  • Should I let my employee to work on open-source in office hour?
  • Can I provide a paid service based on an OSS?

What should I do?

Get more information and voice out concerns

How Government Policy can affect Open-soruce