Negative Impacts of the Cyber Resilience Act on Open Source in Higher Education

  1. Home
  2. Negative Impacts of the Cyber Resilience Act on Open Source in Higher Education

Hello Apereo Community Members and Colleagues,

Apereo's recent MicroConfernece, Public Policy Impacting Open Source Projects and Communities (video link[1]), introduced widespread concern and worry across the open source ecosystem (OSS) that, despite the longstanding support for and focus on OSS from the European Commission, the proposed Cyber Resilience Act misunderstands OSS development and consequently there could be severe unintended impacts to Institutions of Higher Education who have invested in OSS as developers, project maintainers, or even commercial consumers. As a result, the transparency and openness that make free and open source software valuable could lead to excessive and duplicate CRA obligations for campuses, non-profit foundations, and code repositories that do not place software on the market for profit (e.g., academic and research institutions).

Just last week, Open Forum Europe (OFE) hosted a Policy Breakfast, "Cyber Resilience Act and Open Source Software" (video link [2]), outlining the role of OSS in Europe and the world today, why the proposed CRA misses the target, and what the co-legislators can do about it. There is broad support from the co-legislators and the European Commission that the CRA should achieve its goals while avoiding unintended consequences for the OSS innovation model. We hope this event clears up misconceptions about what OSS is today and what risks we must avoid.

Please review the OFE policy discussion and the recent Apereo MicroConference, to better understand the CRA's impact on Apereo projects, open-source software, and higher education. Apereo will continue to monitor and communicate updates regarding the CRA (and other recent regulatory and legislative developments) to keep our membership and community current. Apereo is ready to answer questions and support our membership regarding the CRA or other policy-related topics currently under consideration; feel free to contact Apereo's Executive Director, Patrick Masson, directly at ed[at]apereo[dot]org.

Thank you,
The Apereo Board of Directors

-----

 

1. Apereo Foundation, MicroConference, "Public Policy Impacting Open Source Projects and Communities:" https://www.youtube.com/watch?v=Nedn2T06auI

 

2. Open Forum Europe, Policy Breakfast, "Cyber Resilience Act and Open Source Software:" https://www.youtube.com/watch?v=mNkNFW9JdlQ