I'm amazed that there has been zero coverage of this:
EU's new Product Liability Directive got voted through last thursday.
No later than two years from now, software, stand-alone, cloud or embedded are subject to "no-fault liability" (ie: doesn't matter how or why, only that it is defective.)
Here's the directive:
https://data.consilium.europa.eu/doc/document/PE-7-2024-INIT/en/pdf
Gentlemen, start your panic…
PS: Yes, there is a FOSS exemption, but only "outside commercial activity". (Ie: The guy in Nebraska but not RedHat)
@bsdphk Did I get this right? Any commercial entity / company / freelancer who currently contributes to FOSS can be sued by anyone using the Software?
This does not seem like a good idea.
The crucial criteria is "outside commercial activity"
If you make money making something, isn't it fair to hold you accountable if it is defective ?
The exception seems somewhat contradictorily described: point 14 on page 7 first says that the exception applies to software developed _or_ supplied outside of commercial activity and then says that the exception does not apply if the software is supplied commercially, regardless of how it's distributed. I expect that the intended reading is the latter (it's also what I would a priori expect), so am somewhat confused by the "(...) this Directive should not apply to free and open-source software developed or supplied outside the course of a commercial activity (...)" passage.
@robryk @bsdphk Tangentially: I often considered to write a kind of IDE for people working on legal texts, but I can’t be sure that e.g. it does not accidentally use the wrong color of a font in a stupid place caused by a bug in some library.
I guess writing and publishing software that may be used by legal experts will become … interesting.