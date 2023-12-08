The content is also reassuring for the open-source community. Europe will hold manufacturers responsible for making products more secure. If this manufacturer starts working with open-source code in a product, this code becomes part of the product for which the manufacturer is responsible. This is made clear through an important specification about who must comply with the law. Any development that takes place outside the goal of commercialization will now be allowed to ignore the rules. Open-source developers often cannot respond as quickly to a security incident as a company acting from commercial interests.

Manufacturers may, therefore, continue to shop the open-source community for software. This is common, by the way: “Open-source software represents more than 70 percent of the software present in products with digital elements in Europe.” This statement comes from an open letter that several open-source organizations sent to the Commission earlier this year to express their concerns. But where manufacturers could previously choose to adopt the code in its entirety, security controls will now be required.