Maintainers read the CRA: Kickoff

​This event is part of a series. Check out the other events here.

All money raised through this event will contribute to buying membership to the Eclipse Foundation Open Regulatory Compliance Working Group. Membership is not required to participate, but we think it'd be really cool to have a representative seat have a full membership.

-/-

In this week's session we'll introduce the CRA and discuss both the motivation and structure for the future reading events. In general, every week will we do a loose read-through as well as a panel discussion with invited guests about approximately one chapter (there are eight in total). You can find a copy of the act in a variety of languages here, the event discussion will be in English. The Linux Foundation folks wrote a great explainer in detail on who might care and why it likely matters to you.

-/-

The Cyber Resilience Act (CRA) is an EU regulation proposed in 2022 by the for improving cybersecurity and cyber resilience through common cybersecurity standards, for products with hardware and software whose intended and foreseeable use includes a data connection to a device or network.

Do you love reading obscure legislative text about upcoming tech policies that may affect your open source work?

​Find your people here with a new online event series hosted by Ashley(@ag_dubs) and Tracy(@hackygolucky)! "Maintainers read the CRA" is what is says on the tin: a read-through of the CRA for open source builders and maintainers. We're talking line by line about what it could mean for you, and bringing in some guests who could help shed light and throw in a good and terrible pun along the way. We'll also be taking detailed notes, and bringing feedback to the Eclipse Foundation Open Regulatory Compliance Working Group that is charged with standardizing the implementation of this critical legislation.

Formally, we have about 2 years to get ahead of the requirements- but the work that will dictate what happens has already started. We’d love to talk through the potential burdens and opportunities for projects: the possible work being asked for by companies that are consumers of your projects, and most optimistically, the potential for the projects to make the money instead of third party vendors around the upcoming “obligations”.