The Eclipse Foundation has launched the Open Regulatory Compliance Working Group (ORC WG) to address evolving global regulations aimed at improving software quality and security.
The working group’s formation follows Eclipse’s initial partnering with the Apache Software Foundation and other open source organizations in April. Announced September 24, the initiative looks to support participants globally across the open source community, including developers, enterprises, industries, and open source foundations, in navigating and adhering to evolving regulatory frameworks. In particular, the working group, with members such as the Python Software Foundation and the Rust Foundation, plans on helping companies navigate European Union regulatory requirements such as the Cyber Resilience Act (CRA), along with EU AI and data sovereignty measures.
CRA is a legal framework that describes cybersecurity requirements for hardware and software products with digital elements placed on the market of the EU. Plans call for the working group to engage with regulatory bodies and governments to enhance their understanding of the unique open source development model.
“The Open Regulatory Compliance Working Group was created to bridge the gap between regulatory authorities and the open source ecosystem, ensuring organizations and developers can leverage open source technologies while remaining compliant with evolving global regulations,” said Eclipse Executive Director Mike Milinkovich, in a statement.
The working group will formalize industry best practices and offer resources to help organizations navigate regulatory requirements across multiple jurisdictions. It also intends to assist government entities in providing greater legal certainty to the open source ecosystem and software supply chain. An overall objective is the elevation of software quality and security in open source projects.
As of September 24, participant organizations in the working group included:
Apache Software Foundation
Blender Foundation
Robert Bosch GmbH
CodeDay
The Document Foundation
FreeBSD Foundation
iJUG
Lunatech
Matrix.org Foundation
Mercedes-Benz Tech Innovation GmbH
Nokia
NLnet Labs
Obeo
Open Elements
OpenForum Europe
OpenInfra Foundation
Open Source Initiative (OSI)
Open Source Robotics Foundation (OSRF)
OWASP
Payara Services
The PHP Foundation
Python Software Foundation
Rust Foundation
SCANOSS
Siemens
Software Heritage
How to succeed with Kubernetes | InfoWorldRead More
