Digital services offered and used by public administrations are the critical infrastructure of 21st-century democratic nations. To establish trustworthy systems, government agencies must ensure they have full control over systems at the core of our digital infrastructure. This is rarely the case today due to restrictive software licences.
Today, 31 organisations are publishing an open letter in which they call for lawmakers to advance legislation requiring publicly financed software developed for the public sector be made available under a Free and Open Source Software licence.
Good initiative, and a complete and utter no-brainer. Public money, public code.
For some time I had this idea about copyright protection of closed software: that it can be protected by copyright only if full source code to it is kept in “source vault”, to be released when copyright period ends.
This would restore to software the original spirit of copyright: to benefit the society by granting a temporary protection, after which members of society can remix etc. the work however they see fit. That was easy with books (they are their own “source code” after all), but became harder with music and films, and almost impossible with compiled closed software… And actually, this idea could apply also to music (“pre-mixing tracks must be kept in the vault”) or films (“pre-edited footage must be kept in vault”)
Edited 2017-09-15 22:30 UTC
This is largely the reason why CSRG released BSD under the newly created BSD license. Its the genesis of open source. DARPA funded a lot of it, so release it freely redistributable. (This is far from the only example of this).
Its far from absolute but the vast majority of DARPA, AFRL, ORN funded computer science (that is not otherwise considered a military secret etc) is released under a permissive free software license.
I am european, but I’ve worked with some people related to several darpa sponsored projects. I was surprised to know that it was a requisite to have the resulting code released with a permissive license (in their case it was BSD-like). Then you read the rationale: “funded with public money so it should be open to the public.” It makes absolute sense. Kudos for that to the US administration.
OK so from the article, this is the future Armageddon that open source is supposed to prevent:
By aligning public funding with a Free Software requirement — “Free” referring to public code availability, not cost — we can find and fix flaws before they are used to turn the lights out in the next hospital.”
And they want governments to legislate on this.
Personally, I’m not against open source, but I’d like to pose a few questions:
Software development of complex systems is difficult and expensive. If there is no open source alternative for software that controls air traffic at a new airport, for example, then you have a choice, either spend 1 million euros on commercial closed software, or spend 100 million on developing your own custom software and then open source it. Good use of public money would be to go with cheaper commercial software (assuming you are not planning on building 100 new airports in the near future).
Open source quite often means “you can take it free of charge and not pay anything”. There are companies out there that make money out of such software, but that’s because they are so big, it is difficult to compete with them. They like open source, because they can take something for free, re-package it and sell it with their services/products. Yes they sometimes contribute something back, but they often take more than they give and they don’t pay their taxes. The idea that tax payers should pay for new open source software development and then give it away to Google or Facebook to increase their profits, is rather grotesque.
It is a myth that open source software is better and more secure. If you have one million monkeys review open source code, this will not make it any more secure. There are software engineering techniques that ensure software is designed correctly and free of bugs, but quite often they are not used for the majority of software, because they are too expensive or time consuming, or require software developers to change their old habits, well good luck with that when somebody is coding for fun in their spare time.
It seems you are not familiar with publicly funded software development. In practice this software is developed and used for specific purposes within a governmental organization. When I asked at me previous job “why don’t we publish everything as free software?” the main response was “yes, actually why not?”.
In the past there would sometimes be parties in between (like Cap Gemini) that would arrange contracts in such a way that only they would be able to improve the software which was developed (any paid for) by the government. At some point the government became smart enough to prevent this by law which puts the ownership of publicly funded software with the government. They might as well release this source for everybody to look at. In practice this will mainly enable different governmental organizations to share their development more easily with each other because the amount of infrastructure needed will be reduced.
Bringing in external consultants to do the job for you is not the best idea either, and in some countries, mostly due to personal data access concerns, this tactic is no longer accepted by the regulatory organisations, requesting for companies to have in-house development and support for this kind of projects.
The idea of having public code inside government is to have a team of specialists paid by the government to maintain the developed code and for others that have proper qualification to see it and come up with solutions in case problems are detected.
This however triggers the fact that all projects have to be made public (i.e there will no longer be any special deal done by companies to take on development for themselves).
This is where the politics usually come in. For many it’s a nice source of money that will have to go away for the good of the country.
Edited 2017-09-17 09:36 UTC
Why don’t we publish everything as free software? Well for the same reason that you wouldn’t pay a mortgage on your house for 25 years and then give the house away into public domain. It is about ownership and control.
So “publicly funded software” can imply different things:
1. Commercial “off the shelf” software packages are already available, no need to develop and debug anything, support is also available. Public money is used to purchase such software, which may be much cheaper and quicker than developing your own from scratch. Access to source code can also be available via NDAs, etc. so governments can use their own independent consultants to verify software is free of bugs and back doors.
2. Bespoke software is needed, so governments use public money to develop new software from scratch. They own the software and source code. Sharing code within the same government is not an issue. Instead of putting source code into public domain for everyone to use and abuse, government can commercialize it and sell various IP to private firms and foreign governments. So instead of giving away freebies to Google and Facebook, government compete with them and make a lot of money which goes back to public services.
So for example, if UK government spend billions of euros on developing AI algorithms and infrastructure for driverless cars and is 10 years ahead of everyone else, why give it all away to other rich countries like US? UK should patent and export this technology and make money which will be used for the benefit of British tax payers.
No it can’t. It means software which is developed using tax money, so just your case 2.
Sharing softare between governmental organizations is not as easy as you think. It requires a complete security infrastructure if you want to do access control. I’ve never seen this in place.
I wonder what kind of software you imagine to be useful to Google and Facebook. We’re talking about software here for taxes, public infrastructure, city administration, etc.
Your example doesn’t make much sense, I’ve never heard of governments doing R&D and then filing patents for that. That’s not really their job.
Your example is unexportable – the rest of the world drives on the other/correct side ofthe road! ;D
(and… euros? Pounds!)
You have a bunch of criticisms that don’t take into account the alternative that we already see is worse.
How is software developed for public services “coding for fun in their spare time”? This is about source code developed under public contract. Now you’re just having your bone to pick with open source instead of coming up with a relevant argument.
Or replacing existing closed software with open source alternatives, some of which is developed by community for fun in their spare time, i.e. no dedicated test teams, or unit tests, etc.
You know there are such things as contracts, and there are such things in contracts where one party can stipulate the other party do certain things. In this context, there’s nothing stopping the government from stipulating that the contractor’s job is to also make whatever open source they’re using more tested.
With closed source software, you can’t even put that in a contract because that company can’t gain access to the third party library code without a huge cost.
From a practical perspective, there you have one of two cases for companies making money with open source software:
1. You’re purchasing support for that software and other services from them. THis is the case with Red Hat, SUSE, and Oracle.
2. You’re purchasing a complete system from them, and paying for hardware and proprietary software that uses the open source software. This is the case with many embedded systems, including smartphones that run Android.
In both cases, you often have totally free alternatives (CentOS for RHEL, openSUSE for SLES, AOSP for Android, etc), and there is absolutely nothing in any widely used open source license that prohibits such usage.
Oversimplification is never good.
There are lots of r&d projects that have large parts of public money in them, e.g., EU/Commission funded projects, but many others as well (e.g., some of ESA or EDA projects, etc.) that require a fairly high TRL level output, e.g., above tech demo. Which means you arrive to a level almost ready to market. Also, most of these projects are required to be led by some mid- or large industrial entity and have other industrial partners involved. Now, if developed sw solutions would always be required to be open, imagine how much these partners would be motivated to contribute. I’ve been involved in a number of such projects, and let me tell you, it wouldn’t work. Even without such requirements sometimes is still hard to get substantial contributions from such companies, especially if they are in the business of building and bringing solutions to market – which hopefully they are, otherwise their participation wouldn’t bring much to any table. Also, some projects having at least partial public funding can have secret outputs, especially defence- or force protection-related ones.
So, while in the general sense, I don’t have anything against open sourcing what can be opened – especially since I work in research myself -, I’m just saying it wouldn’t be a good solution to be overly broad in such regulation (or call simple solution ideas as no-brainers), since – as always – most issues are more complex than they seem, especially for outsiders.
Apple would disagree with oversimplifying things not being great business model.
Problem is most people hate bureaucracy. It just takes someone with huge PR potential skills to highlight the usefulness of a simplified model and some backup from government entities and you have a recipe for success.
History did prove over and over again that not simplifying this is not always the best bet in keeping yourself in the market, even if we’re talking about public funding.
l3v1,
Technically this requirement doesn’t conflict with open source licenses like GPL (*). The government, as the software recipient would explicitly have rights to the source code, but the GPL doesn’t create an obligation for the government to release it themselves. So there’s no conflict here.
* I’m not suggesting GPL would be the best license to use, but just using it as an example here.
Now I can imagine the US government not wanting foreign military allies to have the source code. They could prohibit private US companies from selling military equipment under open source licenses to other governments, which breaks the spirit of open source. I’m not sure how much merit there is to this since, if we’re being honest, it would be pretty stupid to assume that anyone buying the military systems couldn’t reverse engineer them anyways.
Ultimately while this is an interesting debate, I don’t believe the public interests are sufficiently represented in government to actually pull it off. For better or worse, many politicians are corrupted by ties to the business world and continue to represent private companies even in public office.
Edited 2017-09-18 14:05 UTC