Hello Bart, Bart Martens dijo [Wed, Nov 22, 2023 at 07:16:48PM +0100]: > Hello, I hereby welcome seconds for adding this text to 2023/vote_002 > as a separate proposal. Thanks for your contribution to this discussion! As I said in another thread, I believe that in a voting system such as the one we use in Debian, more versions is unambiguously better, and options should only be merged together in the case they are semantically equivalent. > Debian Public Statement about the EU Cyber Resilience Act (CRA) and the > Product Liability Directive (PLD) > > The CRA includes requirements for manufacturers of software, followed > up by the PLD with compulsory liability for software. The Debian > project has concerns on the impact on Free and Open-Source Software > (FOSS). > > The CRA makes the use of FOSS in commercial context more difficult. > This goes against the philosophy of the Debian project. The Debian Free > Software Guidelines (DFSG) include "6. No Discrimination Against Fields > of Endeavor - The license must not restrict anyone from making use of > the program in a specific field of endeavor." A significant part of the > success of FOSS is its use in commercial context. It should remain > possible for anyone to produce, publish and use FOSS, without making it > harder for commercial entities or for any group of FOSS users. > > The compulsory liability as meant in the PLD overrules the usual > liability disclaimers in FOSS licenses. This makes sharing FOSS with > the public more legally risky. The compulsory liability makes sense for > closed-source software, where the users fully depend on the > manufacturers. With FOSS the users have the option of helping > themselves with the source code, and/or hiring any consultant on the > market. The usual liability disclaimers in FOSS licenses should remain > valid without the risk of being overruled by the PLD. > > The Debian project asks the EU to not draw a line between commercial > and non-commercial use of FOSS. Such line should instead be between > closed-source software and FOSS. FOSS should be entirely exempt from > the CRA and the PLD. My issue with your text is that I read it –bluntly over-abridged– as «The CRA+PLD will make it harder to meaningfully develop Debian, because we are compelled by our own foundation documents not to distringuish between free and commercial. Many people use Debian in commercial settings. If you enact this legislation, some of our users be at risk of getting in trouble for using our fine intentions for their economic benefit, as they will be covered by your regulation. Please formally except us fully from your rules!» That is, it basically means: "European Parliament/Council: Our foundation documents are at unease with the CRA and PLD". That is true, but a fair answer from them (if we warrant it!) could be "We represent more people and wider interests than yours. Your SC is over a quarter of a century old. Update your SC to comply with the changing times". Which could even make sense! (although it would make Debian stop being Debian!) This reading is the main reason I'm not endorsing it, and still prefer our original proposal instead. Greetings, - Gunnar.
Attachment:
signature.asc
Description: PGP signature