Feeds

UK Gov's open source ‘mandate’ policy attacked

Lobbyists get paranoid, with some justification

  • alert
  • submit to reddit

Beginner's guide to SSL certificates

The UK's proposed policy on the use of open source software within government has come under fire from the Institute for Software Choice, which claims the policy will make it "compulsory for public sector organisations to use Open Source Software as a default in R&D projects." The ISC, which has substantial backing from Microsoft, among other major IT companies, intends to challenge the proposals, which are currently subject to a consultation ending on 11 June.

Is the ISC crying wolf? The outfit has mounted a number of high-profile attacks on what it perceives as governments mandating the use of open source, and the UK's proposals are in themselves relatively mild, at least arguably simply establishing a level playing field between proprietary and open source software. Hugo Lueders, Brussels-based European director of public policy for CompTIA (effectively the ISC's parent body), however argues that it is the intent behind such policies that is important. Given that simply outlawing proprietary software would be illegal in both Europe and the US, pro-OSS forces in government are creating the conditions whereby it can be effectively outlawed in all but name.

A paranoid fantasy fueled by the paymasters? Up to a point, but he perhaps also has a point. The key areas in the UK's proposed policy are as follows:

"UK Government will consider OSS solutions alongside proprietary ones in IT procurements. Contracts will be awarded on a value for money basis.

"UK Government will only use products for interoperability that support open standards and specifications in all future IT developments.

"UK Government will seek to avoid lock-in to proprietary IT products and services.

"UK Government will consider obtaining full rights to bespoke software code or customisations of COTS (Commercial Off The Shelf) software it procures wherever this achieves best value for money.

"If no commercial or community shared exploitation route is used for publicly funded R&D software an OSS default will apply. Licences compliant with the OSI definition will be used."

This clearly does put forward a level playing field in some senses, with that last "OSS default" only coming in where no other possibilities exist. But clearly there is a greater probability that the UK will be able to hold onto its IP via OSS than proprietary, so the policy is a threat of sorts to proprietary companies, and you might reckon that's a jolly good thing too.

The preamble to the policy statement however holds far greater terrors for the proprietary world, and provides some justification for Lueders' reading of underlying intent: "OSS is indeed the start of a fundamental change in the software infrastructure marketplace, but it is not a hype bubble that will burst and UK Government must take cognisance of that fact.

"The Action Plan (June 2002) for the European Commission’s initiative eEurope 2005: An Information Society for all builds on the previous Action Plan (June 2000) which set the target 'to promote the use of open source software in the public sector and e-Government best practice through exchange of experiences across the Union'. The new plan requires the development of an agreed interoperability framework to support the delivery of pan-European e-Government, based on open standards and encouraging the use of open source software.

"The UK Government has supported this EC initiative by mandating open standards and specifications in its e-Government Interoperability Framework (e-GIF) and through the publication and updating of this OSS Policy."

Clearly UK.gov is working on the premise that there is a Europe-wide shift towards the use of OSS in government, and clearly there's evidence that this shift exists. And yes, you might reckon that's a jolly good thing too - but you can understand why many of CompTIA's members might not like it.

Although the ISC has voiced concern over several government OSS initiatives, Lueders is keen to stress that the opposition is not to OSS as such, more to the use of 'open standards' as a cover for the introduction of OSS. One can of course see how easily these might be confused, given that OSS by its nature will tend to conform more to open industry standards than certain other software one could mention. And given that this other software has all too frequently exhibited a flexible and evolving notion of what the standard might be, and at what level the APIs you can write to might lie.

Microsoft's no doubt richly-deserved and self-inflicted discomfiture does not however mean that there is not an issue regarding open standards and their definition here. It is perfectly reasonable and logical for governments to wish to promote open standards, says Lueders, but it's not just OSS that espouses them (hell, even Microsoft claims it does), and at the moment governments are busily espousing without figuring out what they are. Which is a fair point, and a perfectly reasonable tub for Lueders to thump. He'd be able to thump it a lot better if Redmond wasn't there as one of the major paymasters though. ®

Related link

UK consultation document

Beginner's guide to SSL certificates

More from The Register

next story
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
NSA SOURCE CODE LEAK: Information slurp tools to appear online
Now you can run your own intelligence agency
Microsoft: Your Linux Docker containers are now OURS to command
New tool lets admins wrangle Linux apps from Windows
Microsoft adds video offering to Office 365. Oh NOES, you'll need Adobe Flash
Lovely presentations... but not on your Flash-hating mobe
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
HTML5 vs native: Harry Coder and the mudblood mobile app princes
Developers just want their ideas to generate money
prev story

Whitepapers

10 ways wire data helps conquer IT complexity
IT teams can automatically detect problems across the IT environment, spot data theft, select unique pieces of transaction payloads to send to a data source, and more.
The total economic impact of Druva inSync
Examining the ROI enterprises may realize by implementing inSync, as they look to improve backup and recovery of endpoint data in a cost-effective manner.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.