UK Gov's open source ‘mandate’ policy attacked
Lobbyists get paranoid, with some justification
The UK's proposed policy on the use of open source software within government has come under fire from the Institute for Software Choice, which claims the policy will make it "compulsory for public sector organisations to use Open Source Software as a default in R&D projects." The ISC, which has substantial backing from Microsoft, among other major IT companies, intends to challenge the proposals, which are currently subject to a consultation ending on 11 June.
Is the ISC crying wolf? The outfit has mounted a number of high-profile attacks on what it perceives as governments mandating the use of open source, and the UK's proposals are in themselves relatively mild, at least arguably simply establishing a level playing field between proprietary and open source software. Hugo Lueders, Brussels-based European director of public policy for CompTIA (effectively the ISC's parent body), however argues that it is the intent behind such policies that is important. Given that simply outlawing proprietary software would be illegal in both Europe and the US, pro-OSS forces in government are creating the conditions whereby it can be effectively outlawed in all but name.
A paranoid fantasy fueled by the paymasters? Up to a point, but he perhaps also has a point. The key areas in the UK's proposed policy are as follows:
"UK Government will consider OSS solutions alongside proprietary ones in IT procurements. Contracts will be awarded on a value for money basis.
"UK Government will only use products for interoperability that support open standards and specifications in all future IT developments.
"UK Government will seek to avoid lock-in to proprietary IT products and services.
"UK Government will consider obtaining full rights to bespoke software code or customisations of COTS (Commercial Off The Shelf) software it procures wherever this achieves best value for money.
"If no commercial or community shared exploitation route is used for publicly funded R&D software an OSS default will apply. Licences compliant with the OSI definition will be used."
This clearly does put forward a level playing field in some senses, with that last "OSS default" only coming in where no other possibilities exist. But clearly there is a greater probability that the UK will be able to hold onto its IP via OSS than proprietary, so the policy is a threat of sorts to proprietary companies, and you might reckon that's a jolly good thing too.
The preamble to the policy statement however holds far greater terrors for the proprietary world, and provides some justification for Lueders' reading of underlying intent: "OSS is indeed the start of a fundamental change in the software infrastructure marketplace, but it is not a hype bubble that will burst and UK Government must take cognisance of that fact.
"The Action Plan (June 2002) for the European Commission’s initiative eEurope 2005: An Information Society for all builds on the previous Action Plan (June 2000) which set the target 'to promote the use of open source software in the public sector and e-Government best practice through exchange of experiences across the Union'. The new plan requires the development of an agreed interoperability framework to support the delivery of pan-European e-Government, based on open standards and encouraging the use of open source software.
"The UK Government has supported this EC initiative by mandating open standards and specifications in its e-Government Interoperability Framework (e-GIF) and through the publication and updating of this OSS Policy."
Clearly UK.gov is working on the premise that there is a Europe-wide shift towards the use of OSS in government, and clearly there's evidence that this shift exists. And yes, you might reckon that's a jolly good thing too - but you can understand why many of CompTIA's members might not like it.
Although the ISC has voiced concern over several government OSS initiatives, Lueders is keen to stress that the opposition is not to OSS as such, more to the use of 'open standards' as a cover for the introduction of OSS. One can of course see how easily these might be confused, given that OSS by its nature will tend to conform more to open industry standards than certain other software one could mention. And given that this other software has all too frequently exhibited a flexible and evolving notion of what the standard might be, and at what level the APIs you can write to might lie.
Microsoft's no doubt richly-deserved and self-inflicted discomfiture does not however mean that there is not an issue regarding open standards and their definition here. It is perfectly reasonable and logical for governments to wish to promote open standards, says Lueders, but it's not just OSS that espouses them (hell, even Microsoft claims it does), and at the moment governments are busily espousing without figuring out what they are. Which is a fair point, and a perfectly reasonable tub for Lueders to thump. He'd be able to thump it a lot better if Redmond wasn't there as one of the major paymasters though. ®
Sponsored: The Nuts and Bolts of Ransomware in 2016