↳ In-reply-to » One of the biggest problems I have with the currently proposed EU laws is that there is no distinction being made between "Free, non-Paid, Open Source" vs. "Commercial Software Products built from Open Source".

It is only until after that company has a breach, with harm caused to its end-users does the company do anything about it. I’m not really convinced that’s happening either, because the current laws scream and cry out “OMG! 😱 We need to fix the Open Source supply chain!” by companies that refuse to take any financial liability for freely using other people’s hard work that they didn’t get paid for.

Companies that use open source component freely without paying for them or contributing back should absolutely be held liable when things go wrong, NOT the open source developers. Why? Because those companies are often exploiting their end-users and often making them pay for something that is largely otherwise free (-some conveniences added on top).