Open Source for the Government?Why and how

● http://techblog.bozho.net

● @bozhobg

● Senior Software Engineer @ TomTom

● Board member of Obshtestvo.bg (Society dot bg) foundation

● realistic idealist

Vanity slide

“You can’t make the ladies behind the desks use OpenOffice and

Linux!!

Open Source for the Government??

● “...but in Munich”

● Microsoft Office is a de-facto standard, for good or for bad

● That’s a different story...

It’s not about Linux...

● The government is constantly placing orders for both specific and generic

software

● The government ignores the “rule”

o if the problem is widespread - use open source software

o if the problem is rare - use an existing commercial solution

o if the problem is unique - order a new piece of software

● The government doesn’t have the personnel to adapt and implement even

ready-to-use open source projects.

Custom software

● Vendor lock-in

● Abandonware

● Low-quality software

● Bugs and security holes

o egov.bg

o (forest) logging registry (?the_wife_of_my_cousin=1)

o ...who knows what else?

● Most of that software is owned by the government

o ...and sits on CDs in basements

● Even projects using WordPress, Drupal, Joomla are de-facto closed source

Status quo

● Websites of ministries/agencies/municipalities/programmes

● Registries

● General clerk software

● Specific information systems

● Accountancy software

● egov - middleware, registries, portal, e-services

Types of government software

● oh…

● what’s the relation between “government software” and “electronic

governance”

● The problems of electronic governance

o 90% law and administrative и 10% technical

o “political will” (cliche alarm)

Electronic governance

(almost) all new projects must be open-sourced

A solution?

● Reusability

● Easier extension and support

o from a government “system integrator”

o from other companies

o from NGOs and even citizens

● Transparency

o “but...nobody will be watching those projects!” - there are people that

will be watching them, don’t worry :)

Why?

● UK- http://github.com/alphagov (330 projects)

● US - http://www.govcode.org/ (2000 projects)

● Estonia - e-voting, egov, X-Road

o “All our key projects become open source, including the systems for health care, police, business portals

and document exchange” Siim Sikkut, ICT Policy Adviser

● Switzerland

Experience around the world

● Every company, implementing software, ordered by the government,

supplies a URL to a public SCM repo

o git or mercurial; preferably GitHub or Bitbucket

o must use it actively (and not just synchronize an internal repo with it)

● Public documentation

● Stable master

● The government published the URL of the repo

● The licence used must be approved by FSF or OSI

Procedure

● no difference for the company writing the software - even now the product

is owned by the government in most cases

● no difference for the government - 10 lines more in the requirements

● total cost of ownership is the same in the worst case [citation needed]

● new business models

Why would that work?

“Are you listening to yourself, the government can’t open their

systems?!”

● Only the source is publicly available; not the server passwords

● A small portion of the government software is highly critical; a small

portion even have a publically-facing interface.

● WordPress is more secure than any website that any company will build.

● Open-source software is more secure

o ...except for openssl, bash and small, unpopular projects … :)

Security

● not applicable to existing closed-sourced software

● hardly applicable to software that is already developed (even if owned by

the government)

● good code != good software

● not every project can be monitored carefully by society

● won’t solve the problems of e-governance, corruption, energy prices or

ebola

● can see opposition in the face of malicious companies

No silver bullet...

...but if we do something, only in case it

solves all problems, then we will never do

anything

● (L)GPL, EUPL, MIT, BSD, Apache?

● permissive vs copyleft

● Using closed-sourced components

● Licence can be selected by the implementing company?

Licences

“That’s bullshit, it can’t happen!!”

“You aren’t helping...”

● Wide support for our NGO’s campaign - by citizens, companies, NGOs

● http://opendata.government.bg - the open data portal of Bulgaria. It’s a

project by obshtestvo.bg, based on CKAN, open-sources, and developed

together with two government institutions.

● we are constantly communicating with multiple agencies and ministries

● we are successfully pushing for standard government software

requirements that explicitly require open-source

So far...

If you are competent and adequate, even in the administration

there are people that can accept your opinion.

How?

(изображение от http://exequiel09.github.io/symposium-presentation/)

Questions?