Drupal Association's Progress Update on EU Cyber Resiliency Act Response

The Drupal Association releases an update on the ongoing collaboration with other FOSS projects in response to the EU's proposed Cyber Resiliency Act (CRA). Engaging in weekly discussions hosted by Open Forum Europe, the association reports that EU legislators are currently reconciling multiple draft versions of the regulation, incorporating stakeholder feedback into a new draft for legislative advancement. 

Notably, the focus remains on ensuring that the CRA does not disproportionately burden individuals, non-profits, or smaller entities, aiming to prevent unintended consequences that may hinder corporate engagement in open-source projects. Key recommendations encompass criteria for obligation, defining commerciality, risk assessment, open source stewardship, and addressing collaborative/decentralized project concerns. The Drupal Association pledges to share the new text publicly once reconciled by the EU legislature, with subsequent attention shifting to standards and implementation specifics. 

Title: Update on Drupal’s response to the EU’s proposed Cyber Resilience Act
Byline: Drupal Association
Date of Publication: December 12, 2023
Organization: drupal.org
URL:https://www.drupal.org/association/blog/update-on-drupals-response-to-the-eus-proposed-cyber-resilience-act