The last draft clearly excludes open source software as long as there is no commercial activity associated. If voted in this state, it won't affect the vast majority of developers releasing some code under an Open Source license. But it will wipe out all small businesses: if you're a solo company selling support or feature development on some Open Source software you wrote, paperwork and liability are just not worth it.
And good luck selling anything relying on existing Open Source libraries, because you're now liable for them too. Given the cost of a security audit, you may as well stop trying and just sell SaaS (which is explicitely excluded from the bill, funny).
Larger companies of course won't care and will continue shipping buggy software riddled with security holes because they can afford the paperwork and absorb the legal risk.
My recollection, from previous discussion on HN, is that the definition of "commercial activity" is far more broad than the open source community would like it to be. And by "open source community", I mean the people that run various foundations and non-profits and things like that.
I don't think that throwing up a virtual tip jar on your Github page counts, but offering paid support would. If you collect telemetry and then sell "usage insights" that would also count as commercial activity. Advertising on the download page is commercial activity. If you have a Patreon account? I actually don't know about that. Anyone know?
With this new act, even selling 100€/month of support for a piece of software you are contributing to makes you subject to the full force of the bill (and the full force includes scary numbers, millions, with zero information on how precise amounts will be calculated).
We can only hope that it is not voted in this sorry state.
An acknowledgment that it costs some small amount of money to host a website for the code, or that you may from time to time want to hire someone to do something specialized (design a logo?) and need to raise some amount of money for that to happen.
By world-wide standards (though not necessarily by Silicon Valley standards) I am fairly wealthy and thus could afford to support a completely commercial-free open-source project out of my professional salary. And this would make my project liability-free in the EU. But someone else, who didn't grow up in the USA at a time when university tuition was cheap, would not be able to do the same and their otherwise-identical project is subject to legal liability.
How is that fair? Isn't this just going to further concentrate open source contribution and leadership in a handful of rich countries (that are mostly not in the EU)?