Thursday, August 2, 2012

A petition to release government-developed software to the OSS community

In July 2012, a petition was created to mandate that U.S. federal government-developed software be released to the open source community. I think this is a fantastic idea, and I'd like to elaborate on some of the points made in the petition (highlighting is mine):
Openness: Open Sourcing ensures basic fairness and transparency by making software and related artifacts available to the citizens who provided funding, consistent with the President’s 2009 declaration that “Information maintained by the Federal Government is a national asset.”
If you pay taxes in the United States, then you are paying for the software developed by the government; taxpayers can reap maximum value for their investment by releasing that software to the open source community.

There's even a logical precedent for this; a "work of the United States government" is not entitled to copyright protection (essentially public domain). An excellent example is photos taken by the federal government, which are public domain and freely available.
Supports the Federal “Shared First” Agenda: Maximizes value to the government by significantly increasing reuse and collaborative development between federal agencies and the private sector...
I think this collaboration could result in a few interesting scenarios:

  • Software developed by the government (which costs taxpayers a significant sum of money) could be leveraged by private sector developers, just as software developed by the private sector and then open sourced has driven so many fantastic projects. In fact, the National Security Agency has already given their Accumulo NoSQL database to Apache.
  • Private sector developers could actually improve the software the government has developed! Imagine what some of those sharp Google Summer of Code developers could do for a summer project! That sounds to me like democracy for the 21st century.
  • Open sourcing the software could be an important bridge to opening up the wealth data our government collects. Obviously there would be privacy and security concerns, but far more data would be released if private sector developers were contributing new APIs to open sourced government software.

What you can do

The easiest thing you can do is sign the petition and get the word out through whatever channels you prefer (Twitter, Facebook, your own blog, whatever). 

Unfortunately, the petition needs 25,000 signatures by August 16 to receive a White House response; with less than 700 signatures as of August 2, this seems unlikely. However, this petition could just be the beginning of a movement. The more publicity it gets, the more likely it will be that the effort will take off.


  1. This is an interesting idea, with several potential benifits, though I would like to raise this three counter arguments:

    1. Some systems contain sensitive information. This would make them excelent targets for criminal orginizations and conmen. Take for example a law enforcement system. A conman would analyze the source code for legal and procedural loopholes that can be exploited to get avoid prosecution.

    2. Inter organizational politics: If one company wins a government tender to build a system (these tend to be quite big as you probably know) making the soure code availible opens up the possibility to discredit the winning organization by finding security loopholes or showing that the implemented system does not satisfy the given tender conditions.

    3. The press: I agree that press freedom is a good thing (if such a thing as press feedom exists) however journalists tend to look for sensation rather than truth. Add the volatile mess that is politics to this and the source code may turn into a political issue.

    1. "Some systems contain sensitive information."

      I totally agree. Were this petition to turn into law, I imagine there would be provisions for national security. I think "open source by default" with a process for obtaining security waivers would be important. The key would be, of course, to give the law enough teeth that every system doesn't just obtain a waiver.

      "Inter organizational politics"

      While petty inter-organizational fights are a reality, I wouldn't want to legislate around them. And if there are security loopholes, best to have them in the open where they can be publicly found and collectively fixed; otherwise, malicious hackers will find them anyway and exploit them.

      "The press"

      Again, a sensationalistic press is a problem, but not something on which we should base our laws.

      Thanks for the comments!

  2. I like the idea of open source but all the good intentioned white hat hackers working for free in their spare time will make professional software engineers redundant.

    In all of this you have to ask "what's in it for me?"