FOSS Backstage 2025

New Legal Developments on Open Source Liability 🛈
2025-03-10 –, Wintergarten

How are new software and AI-product liability laws affecting the way open source projects operate? Gain actionable insights on liability risks and certification requirements, work collaboratively on solutions, and explore ways to intervene in the fast-evolving global regulatory landscape in the EU, US, and elsewhere.


Open Source projects are being impacted by significant legal changes, with new liability regimes enacted or proposed in many key jurisdictions, and more documentation and certification requirements being established. These developments bring fresh challenges for developers, maintainers, distribution platforms, open source foundations, and organizations relying on open source software. How can projects meet growing certification requirements, manage liability risks, and ensure compliance without compromising their collaborative ethos? This interactive workshop will focus on major legal frameworks, such as the EU’s Cyber Resilience Act (CRA) and the U.S.’s National Cybersecurity Strategy (NCS), and their practical implications for open source projects. Participants will leave with a clear understanding of the new regulations and how these impact their work in open source. The workshop will be conducted in an interactive format, with speakers presenting the new rules on liability and certifications through practical examples and real-world scenarios. Participants will have opportunities to raise their own issues and queries, fostering a collaborative learning environment. By the end, attendees will gain practical tools, actionable steps, and a deeper understanding of how to effectively address these new regulatory challenges.

🛈 This workshop won’t be recorded and participation is only possible onsite.

Thomas Streinz is the Executive Director of Guarini Global Law & Tech at New York University School of Law and a Professor at the European University Institute in Florence. He works on digital infrastructure governance, the regulation of the global data economy, and global law and technology.

Marco Germanò is a graduate student at NYU Law School and a Research Assistant with the Guarini Global Law & Tech team. He holds an LLB from the Federal University of Rio Grande do Sul and master's degrees from Peking University and the University of São Paulo. Before joining NYU, Marco worked with various universities and policy think tanks internationally. His research focuses on the transnational regulation of emerging technologies, the agency of the Global South in shaping digital infrastructure, and the role of law in governing open-source software supply chains.