The PLD calls for software vendors to have a comprehensive understanding of their software’s makeup and the ability to recall software affected by vulnerabilities. While these measures can enhance software security, they could have unintended consequences for open source software. Holding all commercial activities indirectly resulting from open source liable could stifle innovation and discourage the use of open source code.
The dialogue between the EU and the open source community seems to be lacking, which has led to the inclusion of potentially harmful language in the PLD. To protect the open source ecosystem, it is crucial for governments to work closely with the community and develop policies that strike a balance between security and the benefits of open source software.
