The proposals apply to “providers” of “hosting services“, of “interpersonal communications service”, and of “software application stores” (you can look up the definitions for yourself in the published texts). It’s hard to see how that would apply to purely P2P systems, except that distributing an app for it via app stores would likely require user age verification.
Flathub, the snap store, gnome software, etc. all technically meet the definitino of software application store.
Makes me wonder (and worry) if they can stretch the definition to apply to standard package repos as well. Are we going to be entering an era where you have to verify your identity & age to apt-get software?
I think that real danger is a very real possibility with legislation like this. Not in the way that you won't be able to buy "unlocked" devices, but that web services and government services just flat out won't be accessible to you if you aren't on a sanctioned device (with the sanctioned spyware).
Think things like requiring play integrity attestation to access banking, or an equivalent service baked into macOS, Windows, iOS. If you aren't on one of those proprietary and spied on OSes, you can't access most of the web.
So technically the hardware will remain relatively open, but they'll make it so you can't interact with the rest of society with it.
That would still be the relatively benign outcome. You can have one device for all the official stuff, and another device for your own software, “free“ OSs and the “free” internet. However, I could see a future where anything that accesses the internet is required to be an iPhone-like clamped down device.
