Patryk Kosmider - stock.adobe.co
The challenges of open source in government
Public sector bodies may find their policy decisions are stymied due to the inflexibility of the software they deploy. Is open source the answer?
OpenUK’s State of Open Con 24 London conference has highlighted the challenges governments face when procuring software to support policymaking.
Whether it’s central or local government, public sector bodies have tended to be cautious when procuring technology platforms that need to be built to support their strategy. However, delegates attending the government stream at Open Con 24 heard from two speakers who discussed why a more open and collaborative approach to public sector software projects is needed.
Jan Ainali, codebase steward at the Foundation for Public Code Infrastructure, noted that even if the software is built on open source packages, it may contain layers of proprietary technology. “We think that it’s an absolute necessity of public sector governance to have technological sovereignty, so that policymakers can shape the function of public software just like they can shape legally formulated policies,” he said.
Giving a hypothetical example of how software can curb government policies, Ainali said that in a democracy, a majority of citizens may agree that car parking fees should be higher at weekends to discourage people from driving into the city at that time. “That’s what people say they want,” he said.
The local government gets the majority to push through the bureaucracy to make the policy change, but Ainali said that when they ask the provider of the parking software to enable the change in their software, they are told it’s out of scope for their business.
Looking at a real example, Ainali said: “Two years ago in the Netherlands, the parliament decided that it wanted to remove value-added tax on fruits and vegetables to promote a more healthy lifestyle.”
The legislative change was sent to the tax authority, which tried to put zero in the relevant VAT field of the tax software it uses. “The software didn’t accept it,” he said. “It was proprietary software and it wasn’t very easy for [the tax authority] to get this change through. This should be a no-brainer. The software that public organisations use must be able to reflect the values that society expects.”
Open collaboration
While every city evolves the software they need in very different ways, Ainali believes there are plenty of opportunities to collaborate. “There are some recurring design patterns and emerging needs,” he said.
While cities build out digital infrastructure, even where open technologies are used, he pointed out that there is little opportunity for reuse. “We need to collaborate here because there’s enormous potential,” said Ainali.
As an example, he said the Netherlands has about 340 municipalities. “Imagine if they all collaborated on the same code base,” he said, explaining that there would be potential savings in terms of coding, expertise and user experience. If cities across Europe also joined in, there would be thousands of public sector organisations that could benefit, leading to potentially the largest collaborative open source code base to date.
Open source offers a big opportunity in government to share know-how and code, to speed up delivery and lower the cost of building and deploying digitally enabled government initiatives.
Mike Schwartz, founder of Gluu, used his presentation to talk about digital public infrastructure. Schwartz is CEO of the Linux Foundation Janssen Project, an open source enterprise digital identity platform recognised as a “digital public good”.
While such initiatives are designed to help poorer countries build out technology infrastructure cost-effectively, such projects have the potential to benefit richer nations, he said, adding: “In the European Union, we’re trying to figure out digital identity and wallets. I feel Western countries are still in a learning phase.”
Read more about open source in government
- Europe’s cyber security policy on open source is lagging behind the US, and despite growing government awareness of the issues, that poses a problem.
- Two years and three months after Joe Biden mandated new standards in supply chain security, over 40% of UK respondents to a survey say they have implemented new SBOM policies in direct response.
Schwartz noted that the government’s role is to govern, not operate. This means governments are unlikely to have domain expertise to implement and deploy digital public infrastructure. He said that an ecosystem of local technology partners are needed, especially in areas such as deployment using the software.
When asked whether offering code templates would help public sector bodies to benefit from collaborative efforts, he said: “I’m very sceptical of the idea that we’re going to give boilerplates to public sector organisations to implement in every country.”
Schwartz said public sector bodies have to manage legacy code and technical debt. “Giving them templates isn’t going to help,” he added. Instead, Schwartz said public sector organisations need to be provided with high-level guidance on the standards they should use and best practices.
Beyond layers of technical debt, the challenge richer countries face is the way government procurement is run, making it impossible for open source projects to bid.
Although an organisation like the UN’s Digital Public Goods Association facilitates the discovery and deployment of open source technologies, Schwartz said the tender process favours large IT providers and system integrators. “We can’t forget the concerns of the government as an enterprise customer are legitimate,” he said. “They need to know that they’re going to get support for five to 10 years if a software emergency happens. They need the terms and conditions and the contract in order to run the business of government.”
However, while government procurement favours big business, Schwartz said: “Sometimes there needs to be more flexibility in these bids to enable small companies to bid.”
While the two presentations offered delegates an opportunity to see how the public could collaborate and build sophisticated systems by using open source to support public policy, there are numerous barriers. But there is one big takeaway: the public sector needs a strategy for technical sovereignty, to avoid being tied into highly restrictive IT contracts.