True, the employment status is irrelevant. However, in this example Microsoft will actually have the liability of
providing the security assurances and support for systemd and related systems, because they are providing
images of such systems as part of their commercial offering on the Azure cloud platforms. And that will be
true regardless of the employment status of a few developers.
A company that does not provide any Linux system services to EU customers, like some integrator operating
just in Canada, would not have such exposure and thus would not incur any such obligations.
On Mon, 13 Nov 2023 at 12:20, Simon Richter <sjr@debian.org> wrote:
>
> Hi,
>
> On 13.11.23 19:54, Aigars Mahinovs wrote:
>
> > So a commercial company releasing open source
> > software that is *not* part of their commercial activity (for example a
> > router manufacturer releasing an in-house written Git UI) would be
> > "supplied outside the course of a commercial activity" and thus not
> > subject to this regulation.
>
> That's why I mentioned systemd in my other email, perhaps I should
> elaborate on that.
>
> The lead developer is employed by Microsoft (who have a certain history
> with the EU) and pretty obviously working on it full time.
Employment statuses are irrelevant, as said development is not done as
part of any commercial product as per relevant legislation as
explained already by Aigars, so these points are moot. Mere employment
of a developer is not enough to make an open source software a
commercial product available on the market.
Best regards,
Aigars Mahinovs