Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [open-regulatory-compliance] A more positive take on CRA FAQs and flowcharts

On 1/3/2025 11:23 AM, Dick Brooks via open-regulatory-compliance wrote:
Ilu,

This working group is not about your company. It's about the ecosystem as a whole and about formulating general advice on how to comply for everybody to follow.
Is it possible that my situation is exemplary of others ( a common use case)  and the answers would be the same for all the others "doing the same thing"?

As someone with their name actually on the open source code (e.g. some project leads/committers/contributors at EF), my answer is 'yes'...we do want to hear answers to these specific questions, as we know that we could personally be legally exposed...sometimes by orgs that have more resources to hire lawyers.  This will remain true even with lots of new tools/processes that *we* have to use, or requirements that *we* most likely will have to implement.

Yes there are other constituencies and complexities (e.g. vague definitions of 'steward' or 'manufacturer', or other terms)...that's understood.  But there is a reason why there is a crisis at the same time that people are expecting and requiring (legally now) greater security guarantees.  Feel free to google 'open source crisis' for more.

Scott



Back to the top