Partnering with EU policymakers to ensure the Cyber Resilience Act works for developers
We’re looking forward to working with policymakers to improve cybersecurity and support developers.
At the Paris Peace Forum and the Internet Governance Forum, governments, companies, and civil society made commitments to building an internet of trust. Developers are central to making these commitments a reality.
GitHub represented developers at two events during Paris Digital Week: the Paris Peace Forum, coinciding with the 100th anniversary of the World War I Armistice, and the United Nations Internet Governance Forum (IGF), themed the “Internet of Trust.”
As part of our work there, we committed to a cybersecurity initiative and spoke about open source projects as a model for community governance. Developers have the most to gain from building an internet of trust—and the most to contribute.
On November 12, GitHub joined 370 governments, businesses, and civil society groups in the Paris Call for Trust and Security in Cyberspace—a commitment to support principles and norms to protect people and critical infrastructure.
We joined this effort recognizing that cyberspace is built by developers, and it’s susceptible to attacks in ways that developers can help prevent, anticipate, or combat. Coordinated efforts to protect people and the digital infrastructure they rely on from systemic or indiscriminate cyberattacks certainly benefit developers, who are on the front lines of these attacks. Developers can help by prioritizing security and resilience in their projects. This is not solely a technical task—cooperation is required, and to sustain cooperation, governance.
When he launched the Paris Call at the IGF on November 12, French President Emmanuel Macron spoke about a range of other internet-related topics, including content moderation. This is another area where open source project maintainers can help—by showing how community-run projects can be effective to create welcoming, inclusive, safe spaces for online collaboration.
GitHub strongly champions community self-management because communities can have the ability to be constructive and nuanced—contributing to rebuilding trust online, and lessening the need for other layers of regulation, from companies enforcing their Terms of Service to action by government regulators.
We presented on open source projects at IGF in a session on community governance. Open source communities are built on shared goals and objectives (like building software). Open source maintainers also share goals with the platforms they collaborate on: promoting positive participation and fending off abuse. We emphasized best practices:
We described resources, such as Open Source Guides, that GitHub provides for maintainers seeking ideas on how to write a Code of Conduct, build welcoming communities, and resolve conflicts. Participants were interested to hear about how open source projects work. Several left the discussion expressly recognizing how community moderation practices in open source could be used in other contexts.
We want to give a big thanks to Wikimedia for organizing and moderating the session, and to Collaboration on International ICT Policy for East and Southern Africa (CIPESA), Mozilla, and the United Nations Educational, Scientific, and Cultural Organisation (UNESCO) who joined GitHub as speakers.
We are also thankful to our community. We’re happy to see governments join companies in committing to peace, security, and trust on the internet. This couldn’t happen without you! Developers are central to making these commitments a reality: as programmers creating secure code, as leaders creating inclusive communities, and as citizens creating technically informed policy.