| Re: [open-regulatory-compliance] CRA: Online survey for Free Software Stewards, for Free Software projects and for manufacturers |
I agree with all of Daniel's critique of these surveys and have a few more:
Requiring Yes or No answers (without opportunity to answer) is poor design.
Most of the questions on the Free Software Projects questionnaire seem to be based upon the premise that Free Software Project maintainers (or leads or current team members) and 'stewards' as defined by CRA (in the future) are different groups of people. Why would that be the case? That's a very poor assumption when talking about infrastructure/library (most existing/depended upon/actual) open source projects.
e.g. https://lwn.net/SubscriberLink/1025971/73f269ad3695186d/
...and many, many, (most) others.
I have a similar perspective as Lars - some questions for manufacturers just cannot be answered yet. Additionally for open source, you have a situation where you conflate the natural personhood of the responder with the notion of “becoming a steward, which is something only a legal person can do.
Perhaps this is due to the translations?
Further, I think it would be important for me (or any other respondent) to know:
- who the “we” is in the context of the survey (FSF Europe acting alone…?)- what the “dialogue for cybersecurity” is all about (in English)- finally, your hope to “make sure the CRA implementation does not harm the open source ecosystem” seems like an impossible task and not something you should claim - but again, I am guess this is a language / translation issue…
And last but not least, I found it kind of hard to navigate between the three questionnaires…
On Sun, 13 Jul 2025 at 16:08, Alexander Sander via open-regulatory-compliance <open-regulatory-compliance@xxxxxxxxxxx> wrote:
Hi all
We created a CRA questionnaire as part of the "Dialogue for
Cybersecurity". The questionnaires were developed to gain important
insights into the EU Cyber Resilience Act (CRA) and its impact.
There are questionnaires for Free Software projects, manufacturers and
potential Free Software stewards.
The responses will help us understand what guidance is needed and this
will feed into our work across the Free Software ecosystem and with the
European Commission to support the CRA implementation.
Potential Free Software stewards (EN)
https://dialog-cybersicherheit.limesurvey.net/146965?lang=en
Free Software projects (EN)
https://dialog-cybersicherheit.limesurvey.net/241948?lang=en
Manufacturer (EN)
https://dialog-cybersicherheit.limesurvey.net/582853?lang=en
The questionnaire will be open for responses until August 31. Please
note that all responses received by July 30 will be included in an
initial evaluation. These preliminary results will be presented as part
of a presentation at FrOSCon [1]. Of course, any feedback received after
July 30 will also be considered in the final analysis. We appreciate
your participation and support! Note: The feedback will be published
anonymously. Thank you for your support.
Best
Alex
[1]
https://programm.froscon.org/froscon2025/talk/0a656836-cb27-4ef1-80e1-d64c553a96ca/
--
Alexander Sander - Senior Policy Consultant
Free Software Foundation Europe e.V.
Revaler Str. 19, 10245 Berlin |
+49 (0)30 2759 5290 |
Registered at Amtsgericht Hamburg, VR 17030 |
(fsfe.org/join)
_______________________________________________
open-regulatory-compliance mailing list
open-regulatory-compliance@xxxxxxxxxxx
To unsubscribe from this list, visit https://accounts.eclipse.org
_______________________________________________ open-regulatory-compliance mailing list open-regulatory-compliance@xxxxxxxxxxx To unsubscribe from this list, visit https://accounts.eclipse.org