Marco Germanò
Marco is a doctoral student at the University of Toronto and a Research Assistant with the Guarini Global Law & Tech team at NYU. He holds master's degrees from NYU (USA), Peking University (China), and the University of São Paulo (Brazil). Before joining UofT, Marco worked with various universities and policy think tanks internationally. His research focuses on the transnational regulation of emerging technologies, the agency of the Global South in shaping digital infrastructure, and the role of law in governing open-source environments.
Sessão
Over the past few decades, open artifacts have flourished across distinct yet interrelated domains: OSS, open data, open standards, and now open AI models. Each developed within its own set of cultures and communities, producing divergent governance approaches. Technical and business factors are increasingly melding these areas into partly-fused communities of practice. These artifacts now coexist within layered digital infrastructures, where each element reinforces and depends on the others: OSS powers data pipelines; open datasets train AI models; open models store/produce data and shape software development. Innovations and vulnerabilities propagate across these layers; interventions in one domain ripple through others. This paper examines how regulatory framings and legal requirements are consolidating these recursive infrastructures and drawing these domains under a shared governance optic. Regulatory pressure comes from both public and private actors. State-led interventions—often driven by national security and geopolitical priorities—are expanding the reach of cybersecurity, liability, and transparency obligations across software, data, and AI systems. Examples include the EU’s CRA and AI Act, and the U.S. NCS. Institutional and private-sector initiatives are reshaping legal architectures: the World Bank’s licensing framework for OSS formalizes software release as part of broader data governance; the OSI’s OSAI definition seeks to stabilize what “openness” means when applied to models. The paper argues these developments are not merely cumulative, but indicative of a deeper reconfiguration in how open artifacts are articulated. Communities once grounded in distinct rationales for openness now confront shared compliance environments and overlapping regulatory demands. Should they embrace this trajectory or preserve differentiation? Responses so far have been piecemeal. We argue this flux calls for a collective and systematic rethinking of how openness is defined and contested. Silo-specific governance mechanisms may prove unsuitable for managing cross-domain claims and interdependencies.