In the United States and under English common law, those giving away something for free are only liable for 'gross' negligence, which is a significantly lower bar than the implied warranties of merchantibility that will arise if you start charging. All these warranties can simply be disclaimed, by licensing the software correctly.

> I'm not sure why people think software meant for use by a broad audience, however cheap, should not be subject to basic safety, security and privacy regulations.

There is a major difference between cheap and free. There is an especially major difference between cheap and open-source, because most open-source licenses include specific text to disclaim any implied warranty. Without contractual consideration, the author's words don't form any kind of contract with those who choose to use his software.

This is not a difficult concept to grasp. If the author made any money off his project, then yes, a very strong warranty is implied, but without that, the warranty is rather weak. Under common law, those giving things away for free can only be held liable for 'gross negligence', which is different from the automatic warranties that arise when you sell things, regardless of price.

Right... which is why this guy has decided this is no longer going to be his hobby in the EU. While the EU has every right to say 'those who do X for a hobby must do Y to comply' they cannot say 'everybody must have X for a hobby' or 'Bob must continue doing X for a hobby' .

He's not in the EU.