At its core it tries to mimic the qualities of the "CE" mark on physical products, that shields the EU consumer from a wide range of abuses, but the obvious problem is that software is not a physical product. At least the ethereal nature of software could be an alarm signal by itself.

What it will instead accomplish we think is more likely to be in the lines of:

  • enact an unnecessary and unjust financial burden on Open Source projects;
  • force the Open Source markets into noncompetitive corners via unnecessary certifications;
  • it will undermine exactly what the European Union should stand for and what it aims to promote: creativity, innovation, freedom, equal opportunities in and transparency;
  • throw the OSS developers into the bottomless pit of bureaucracy;
  • collateral good effects will be minimal and mostly insignificant: like the cookie nightmare that protects users from tracking, but no one gets prompted to accept being manipulated by an AI on a social media platform;
  • it will be sometimes impossible to get certified, as there is no corporate entity behind all Open Source projects; or even if there is one, by its nature, it will have external dependencies by using for example, different libraries, from another project.

Maybe the hope is that it will gain some momentum, and transform into a domino effect where all of the parties involved will become certified. Which is wishful thinking at best because the reverse is also true: most of the projects won't and the supply chain will be broken leading to developers abandoning their projects.

The human factor is: instead of focusing on your beloved life-time project, you are forced to deal with bureaucracy simply for people, companies and institutions to be able to benefit what you create for free. We know what the choice will be: you will take your stuff elsewhere, ignore any extras expected from you, or simply drop it, because you are a developer and not a paper pusher, with no intention of becoming one.

Most Open Source projects will simply not have the manpower, time, financial incentives or the personal interest (which is hugely important, being the driven factor behind most Open Source software) to chase certifications. But surely the big proprietary software corporations will. This begs the question: who exactly is helped by such an initiative?