The Eclipse Foundation has announced that it has formed the Open Regulatory Compliance Working Group to help the open source community navigate upcoming global regulations.
“Given the impact of software technology on the global economy, it’s no surprise that governments around the world are enacting new regulations to protect privacy, security, and accessibility,” said Mike Milinkovich, executive director of the Eclipse Foundation. “The Open Compliance Working Group was created to bridge the gap between regulatory authorities and the open source ecosystem, ensuring that organizations and developers can take advantage of open source technologies while complying with ever-evolving global regulations.”
To begin with, the Working Group will focus on the European Union. Cyber Resilience Act (CRA), which will likely be implemented later this year.
Current initiatives include:
- Develop cybersecurity best practices that align with CRA requirements
- Collaborate with European authorities to better understand legislative deadlines
- Develop relationships with European and national standards organisations (already has links with the European Committee for Standardisation and the European Committee for Electrotechnical Standardisation) to contribute to regulatory standards.
- Hosting a Webinar Series with European Commission staff
- Develop a central information hub for the CRA, including webinars, glossaries, flowcharts, and FAQs
According to the Eclipse Foundation, several organizations have already agreed to participate in this new working group. Current participants include the Apache Software Foundation (ASF), Blender Foundation, Robert Bosch GmbH, CodeDay, The Document Foundation, FreeBSD Foundation, iJUG, Lunatech, Matrix.org Foundation, Mercedes-Benz Tech Innovation GmbH, Nokia, NLnet Labs, Obeo, Open Elements, OpenForum Europe, OpenInfra Foundation, Open Source Initiative (OSI), Open Source Robotics Foundation (OSRF), OWASP, Payara Services, The PHP Foundation, Python Software Foundation, Rust Foundation, SCANOSS, Siemens, and Software Heritage.
“Compliance with the Cyber Resilience Act and other upcoming laws poses a new challenge for the open source community,” said Stefano Maffulli, CEO of OSI. “The Open Compliance Working Group gives us the opportunity to find solutions together and work with lawmakers and regulators to help them better understand open source. We look forward to contributing to the working group.”
