Skip to main content
All Posts By

Shane Coughlan

Shane Coughlan is an expert in communication, security and business development. His professional accomplishments include spearheading the licensing team that elevated Open Invention Network into the largest patent non-aggression community in history, establishing the leading professional network of Open Source legal experts and aligning stakeholders to launch both the first law journal and the first law book dedicated to Open Source. Shane has extensive knowledge of Open Source governance, internal process development, supply chain management and community building. His experience includes engagement with the enterprise, embedded, mobile and automotive industries.

OpenChain Project – Monthly North America and Europe Call – July – Full Recording

By Featured, News

We held our regular Monthly North America and Europe Call this week. The focus was on discussing the Public Comment period for our draft proposed updates to the licensing and security specifications.

Check Out The Recording

We keep all the slides from our monthly calls online and they can be a useful way to access direct links and more details:

Overview of the Public Comment Period

OpenChain Project Announces Public Comment Period for Draft Updates to Compliance and Security Specifications

Starting 2024-06-19 ~ Ending 2024-12-19

The OpenChain Project has announced the beginning of its six month Public Comment Period for proposed draft updates to the open source license compliance (ISO/IEC 5230:2020) and open source security assurance (ISO/IEC 18974:2023) specifications.

As per our specification development process outlined in the project FAQ, this Public Comment Period will run for six months, and it will be followed by a three month Freeze Period.

During the Public Comment Period everyone is invited to review and comment on the specifications. As an open project developing open standards, we host the draft documents on our GitHub repositories.

Learn More:

You can comment on this process by joining our monthly calls or via our Specification Mailing list. You can also leave comments via GitHub issues as detailed below.

OpenChain Steering Committee Meeting – 2024-06-27 – Outcomes and Recording

By News

The OpenChain Steering Committee is made up of voting members from our Governing Board + the chair of the Specification Work Group.

The Steering Committee will be moving to a regular quarterly meeting schedule, and as part of that I will be publishing the video minutes to ensure visibility during our Public Comment Period of potential future drafts of ISO/IEC 5230 and ISO/IEC 18974. 

This recording shows the first formal Steering Committee meeting since the Specification Work Group moved from community drafting into the formal Public Comment period. It is focused on considering the proposed changes and reviewing the process of public comments and future freeze period as per the FAQ:

View the Recording

OpenChain Monthly North America and Asia Call – 2024-06-18 – Full Recording

By News

The OpenChain Specification Work Group held its regular North America and Asia monthly call on the 18th of June. This call has a regular agenda of reviewing project news, working on our draft future specifications, looking at reference or education material, and opening the floor to other topics.

Watch The Recording

The following issues were closed during this call:

Security Assurance Review

License Compliance Review

We closed all open issues and formally moved into a Public Comment period for both draft specifications as potential updates to ISO/IEC 5230:2020 and ISO/IEC 18974:2023. Learn more:

Join Our Work

Everyone is welcome to be part of the Specification Work Group. You can join their mailing list here:
https://lists.openchainproject.org/g/specification/

You can find and be part of all OpenChain calls through our participation page here:
https://openchainproject.org/participate

OpenChain Webinar: Open Source Due Diligence for M&A

By legal, licensing, News, Webinar

This webinar features a speaker who has “been there” as we discuss best practices before, during, and after the due diligence phase to ensure post-close success. We cover:
(a) Why open source due diligence is key in tech transactions,
(b) Lessons learned on how to perform open source due diligence,
(c) How to leverage diligence findings in post-close integration.

Watch The Recording

Check Out The Slides

More About Our Webinars:

This event is part of the overarching OpenChain Project Webinar Series. Our series highlights knowledge from throughout the global OpenChain eco-system. Participants are discussing approaches, processes and activities from their experience, providing a free service to increase shared knowledge in the supply chain. Our goal, as always, is to increase trust and therefore efficiency. No registration or costs involved. This is user companies producing great informative content for their peers.

Check Out The Rest Of Our Webinars

This OpenChain Webinar was broadcast on 2024-06-17.

OpenChain Korea Work Group Meeting #22 – 2024-06-20 – Keynote Slides

By News

The OpenChain Korea Work Group meeting kindly hosted by CJ in Korea had a fantastic series of case studies presented by local community members. As usual, Shane Coughlan, OpenChina General Manager, gave a presentation on the overall state of our global community. You can find his keynote slides below.

Learn More About the OpenChain Korea Work Group

OpenChain AI Study Group – North America / Asia Sync – 2024-06-13 – Full Recording

By News

The OpenChain AI Study Group holds a two hour webinar at the beginning of each month for participants in North America and Europe. Around one week later, there is a one hour sync call for North America and Asia. This is a great way to get a summary of activity, and a great way to start getting involved in our work to consider AI Compliance in the supply chain.

Watch the Recording

Track This Work

You can follow and contribute to the work of the OpenChain AI Study Group through its dedicated mailing list. This is open to everyone regardless of industry vertical or speciality. You will find it here:

Attend Future Meetings

You can find and get the dial-in details for all future AI Study Group meetings from our participate page here:

OpenChain Project Announces Public Comment Period for Draft Updates to Compliance and Security Specifications

By Featured, News

Starting 2024-06-19 ~ Ending 2024-12-19

The OpenChain Project has announced the beginning of its six month Public Comment Period for proposed draft updates to the open source license compliance (ISO/IEC 5230:2020) and open source security assurance (ISO/IEC 18974:2023) specifications.

As per our specification development process outlined in the project FAQ, this Public Comment Period will run for six months, and it will be followed by a three month Freeze Period.

During the Public Comment Period everyone is invited to review and comment on the specifications. As an open project developing open standards, we host the draft documents on our GitHub repositories.

You can comment on this process by joining our monthly calls or via our Specification Mailing list. You can also leave comments via GitHub issues as detailed below.


Current Published Specifications




Proposed Draft Updates to the Specifications


More Details On The Process

Full details can be found in the specification development process outlined in the project FAQ.

A brief outline of our current steps is that the project will:

  • Open a Public Comments Period nine months before our target completion date. This runs for 6 months and only accepts minor updates such as typos or grammar corrections that do not change the requirements of the content. We do not accept any material changes during this period. All other feedback and recommendations are queue for consideration during the next version release cycle.
  • Open a Freeze Period three months before our target completion date to allow a 3 month review of any changes made during the Public Comments Period.
  • If a consensus expresses concerns over any changes made during the Public Comments period we would
    • i) make changes to accommodate those concerns followed by
    • ii) an additional 14 day Public Comments period; followed by
    • iii) another 14 day Freeze period. Anyone with significant reservations on the final draft should state their position/concerns via the spec mailing list. The changes will be accepted once we achieve consensus for the final draft.
  • In the event we do not have consensus on the final version – we would repeat the following cycle until we have consensus:
    • i) accommodate changes to address majority concerns;
    • ii) 14 day Public Comments period; followed by
    • iii) a 14 day Freeze period cycle.
  • Send the completed draft specification to the OpenChain Steering Committee for formal review and a vote on whether to accept the community recommendations for an updated or new specification.
  • In principle, we target updates to our ISO standards once every five years

Please Note: the final decision on content and release of OpenChain Project specifications lies with the OpenChain Steering Committee.

Policy Briefing Series: EU Cyber Resilience Act, AI Act and the Product Liability Directive

By Featured, News

The OpenChain Project collaborated with OpenForum Europe (OFE) on a three-part series of webinars covering European policy matters that impact open source, business processes and risk management. These webinars took place between May and June 2024, and are intended to provide a simple, clear and unbiased look at the impact recent European Union policy will have on companies in the open source supply chain.

Our Speaker is Ciarán O’Riordan, Senior Policy Advisor at OFE. His background is as a free software / open source software policy and communications expert.

The EU Cyber Resilience Act

More Details

“The proposal for a regulation on cybersecurity requirements for products with digital elements, known as the Cyber Resilience Act, bolsters cybersecurity rules to ensure more secure hardware and software products. Hardware and software products are increasingly subject to successful cyberattacks, leading to an estimated global annual cost of cybercrime of €5.5 trillion by 2021.”
https://digital-strategy.ec.europa.eu/en/library/cyber-resilience-act

The EU AI Act

More Details

“The AI Act is the first-ever legal framework on AI, which addresses the risks of AI and positions Europe to play a leading role globally. The AI Act aims to provide AI developers and deployers with clear requirements and obligations regarding specific uses of AI. At the same time, the regulation seeks to reduce administrative and financial burdens for business, in particular small and medium-sized enterprises (SMEs).” 
https://digital-strategy.ec.europa.eu/en/policies/regulatory-framework-ai

The EU Product Liability Directive

More Details

“European Union reached provisional (political) agreement on the text for the proposed revision of the EU’s Product Liability Directive 85/374/EEC (PLD). The PLD establishes a strict liability (i.e., no fault) regime to enable claimants to seek compensation for defective products across the EU, meaning claimants do not need to establish fault to claim successfully. As a result, it is the preferred way of making product liability claims in the EU. The revision is a significant development, as the PLD dates back to 1985 and has been virtually unchanged for nearly 40 years – with only very minor amendments in 1999.”
https://products.cooley.com/2023/12/21/new-product-liability-laws-one-step-closer-in-europe/

About OpenForum Europe (OFE), Our Partners in this Series

OFE is a not-for-profit, Brussels-based independent think tank which explains the merits of openness in computing to policy makers and communities across Europe. Originally launched in 2002 to accelerate and broaden the use of Open Source Software (OSS) among businesses, consumers and governments, OFE’s focus has since evolved to also cover issues related to Open standards, Cybersecurity, Digital Government, Public Procurement, Intellectual Property, Cloud Computing and Internet Policy.
https://openforumeurope.org/

More About Our Webinar Series

This event is part of the overarching OpenChain Project Webinar Series. Our series highlights knowledge from throughout the global OpenChain eco-system. Participants are discussing approaches, processes and activities from their experience, providing a free service to increase shared knowledge in the supply chain. Our goal, as always, is to increase trust and therefore efficiency. No registration or costs involved. This is user companies producing great informative content for their peers.

Check Out The Rest Of Our Webinars

Coming Soon: OpenChain China Work Group – Regular Meeting #1 – 2024-06-28

By News

Our OpenChain China Work Group is moving from occasional workshops to a regular meeting schedule in June 2024. Regular Meeting #1 will take place on the 28th of June at the ByteDance offices. Full details and registration link below.

Date and Time:

2024-06-28, 14:00 to 16:00
(doors open 13:30)

Agenda:

  • Informal discussion about how ByteDance manages open source IP.
  • Informal discussion about how Honor manages open source IP.
  • Networking break.
  • Guided discussion about the EU Cyber Resiliency Act

Location:

北京市朝阳区太阳宫地区七圣中街12号院融中心A座B1- 培训室02
(ByteDance Offices, B1-Training Room 02, Building A, Rongzhongxin, No. 12, Qisheng Middle Street, Chaoyang District, Beijing)

Register here:

More about the OpenChain China Work Group:

These community meetings focus on:

  • what standards help with managing open source?
  • how do we use multiple standards to solve multiple challenges?
  • apart from standards, what business processes can help?
  • what are my implementation choices?
  • what did other people do? (Case studies, lessons learned, informal discussion)

Description in Simplified Chinese:

将于 6 月 28 日举行,请在下面注册:

OpenChain 中国工作组会议 #1

日期和时间:
2024-06-28,14:00 至 16:00
(13:30 开门)

议程:

  • 非正式讨论字节跳动如何管理开源 IP。
  • 非正式讨论荣耀如何管理开源 IP。
  • 社交休息。
  • 关于欧盟网络弹性法案的指导讨论

地点:
北京市朝阳区太阳宫地区七圣中街12号院融中心A座B1- 培训室02

在此处注册:
https://cvent.me/x1WMe2

有关 OpenChain 中国工作组的更多信息:

这些社区会议的重点是::

  • 哪些标准有助于管理开源?
  • 我们如何使用多种标准来解决多个挑战?
  • 除了标准之外,哪些业务流程可以提供帮助?
  • 我的实施选择是什么?
  • 其他人做了什么? (案例研究、经验教训、非正式讨论)

Coming Soon: OpenChain Japan Work Group Meeting #31 – 2024-06-27

By News

The OpenChain Japan Work Group will host its 31st regular meeting on the 27th of June at the Kioxia Corporation Head Office. As always, everyone is invited to attend this meeting. Additionally, on the 28th of June there will be a meeting co-hosted for the OSPO Sub-Work Group Local Meetup.

Register to Attend

Event Details in Japanese

大変長らくお待たせいたしました、次回の全体会合に関する正式のご案内です。

ちょっといろいろあってご案内が遅くなってしまいましたが、
既にスケジュールは押さえていただいているでしょうから大丈夫ですよね!
お待たせした分、内容的には大充実のアジェンダになっております。
サイボウズの武内さんによる基調講演、トヨタ自動車の遠藤さんによる先進事例紹介、
キオクシアの關さんによるOSPOの取組事例紹介、BOF、ライトニングトークなど、
いずれも「ここでしか聞けない」大変貴重なお話ばかりです。
是非ご参加ください!できれば現地で!!(一部コンテンツはオンライン配信無し)
以下、詳細です。

【第31回OpenChain Japan全体会合(第6回ハイブリッド会合) 】
・日時:2024年6月27日(木) 13:30 – 17:15 (13:00開場)
・場所:キオクシア株式会社本社(田町ステーションタワーS 10階)
・アジェンダ:添付のご案内をご覧ください。 (頑張って作ったので見て欲しいだけ)
・参加方法
 現地参加の方は、添付のご案内の「全体会合への参加方法」から事前登録をお願いします。
 オンライン参加の方は、事前登録は不要です。(zoomのURLも、添付のご案内に記載)

★ライトニングトーク資料作成・発表のお願い★
 全体会合では、各社の事例を共有いただいて議論する「ライトニングトーク」をおこないます。
 添付「第7回 ライトニングトーク (LT) 資料作成・発表のお願い」をご参照の上、
 貴社の事例を共有いただけましたら幸いです。
 多くの事例が集まることで、より詳しい傾向分析やディスカッションができますので、
 当日ご参加予定の方もそうでない方も、是非、事例のシェアをお願いします!
 (資料の提出はこちらまで→openchain-jp-lt-office@ml.jp.panasonic.com)

【OSPO SWGローカルミートアップ(Co-Located Event)】
・日時:2024年6月28日(金) 10:00 – 11:30
・場所:キオクシア株式会社本社(全体会合と同じ会場)
・参加方法
 現地参加の方は、添付のご案内の「全体会合への参加方法」から事前登録をお願いします。
 オンライン参加の方は、事前登録は不要です。(zoomのURLも、添付のご案内に記載)

さて、早いもので明日から6月。
OpenChain Japanのクラフトビール部の活動が活発になる時期ですね、と書いたところで、
奴らは通年活発だったわ、と考えなおしました。
(OSSと同じくらいクラフトビールが好きな方、どうぞご一緒に。)

では、次回全体会合でお会いしましょう! お楽しみに。

OpenChain Japan Planning 渡邊