Free/Libre and Open Source Software:

Survey and Study

FLOSS

Deliverable D18: FINAL REPORT

Part 2B: Open Source Software in the Public Sector:
Policy within the European Union

Rishab A. Ghosh

Bernhard Krieger

Ruediger Glott

Gregorio Robles

International Institute of Infonomics

University of Maastricht, The Netherlands

June 2002


Table of contents

 

1.    Summary. 3

2.    Proprietary and Open Source Software. 4

2.1.     Interoperability, proprietary standards and vendor lock-in. 4
2.2.     Costs and benefits. 5
2.3.     Security. 7
2.4.     Transparency and public right to information. 8

3.    Open Source in the Public Sector 9

3.1.     France. 11
3.2.     Germany. 12
3.3.     Spain. 15
3.4.     United Kingdom.. 17
3.5.     Belgium.. 19
3.6.     Austria. 21

4.    Public Policy Impact and Recommendations. 23

4.1.     International differences in open source development: US/EU.. 23
4.2.     Objectives and recommendations. 26

 

Table of Figures

Figure 1: Relationship between policy and developer activity. 10

Figure 2: Distribution of European developers as a percentage of the worldwide total 15

Figure 3: Regular contact among open source developers. 19

Figure 4: Leadership experience of developers. 21


 

1.      Summary

This part of the report will describe the current practices,  policies, and implementation strategies of governmental organizations within the European Union. We will thereby concentrate on the different incentives, pros and cont, as well as on possible and actual stumbling blocks for the replacement of proprietary software. [1] We will describe the current situation concerning open source software within the European Union. Towards the end of the paper we will give recommendations for a better realization of political aims in the context of open source software.

This paper is structured in three parts:

·        First of all we look why open source is content of the political discussion: What is the societal benefit of open source? Are there reasons for governments to support the dissemination of open source software and why should this not be left over to market forces? We will analyze to what extend governmental institutions should or should not use open source software to fulfill their public functions and responsibilities.

·        In a next step we will look at the European Union to learn more about the state of the art. Are there main countries for open source software development? How is the open source developers' scene distributed within Europe? In this context, findings from the open source software developers' survey of the FLOSS project will be scrutinized. We will also point towards the degree of dissemination of open source software in the public sector within the European countries. Thereby we will look at both, the fields of implementation within public sector organizations and institutions, as well as actual policy directives towards open source software. This will also include a perspective on future trends.

·        In the last part we will define possible goals governments in general should follow in the forthcoming years to develop a common European direction towards the topic. Concrete steps will be described to reach these goals.


2.      Proprietary and Open Source Software

Open source seems to become the most important alternative to proprietary software in several fields. Apache Web servers for instance hold worldwide the largest share on the market of webs server software. The operation system Linux is probably the most famous and symbolic example as an alternative to proprietary operating systems' market position. Even on the level of desktop software interfaces like Gnome or KDE seem to develop to competing substitutes for proprietary products. On the other side more and more software producers who earlier developed proprietary software decided for economic reasons to give away the source code to the public and often distribute their software free of charge. The most highlighting examples are probably the Web browser Netscape and the office suite Star Office. 

So it may look odd that more and more people are demanding governmental intervention in favor of the open source movement. On the other side, some proprietary software producers argue from an opposing position, but on a similar level, e.g. by ascribing "characteristics of communism" towards Linux. (Ballmer 2000) [2] . They see open source as a political issue, too, as Microsoft's Jim Allchin clearly states:

"I'm an American, I believe in the American Way. I worry if the government encourages open source, and I don't think we've done enough education of policy makers to understand the threat" [3]

The debate about open source software brought a couple of problems back into discussion that the market alone cannot regulate. At the same time open source software seems to point to a possible dissolution of some of these problems and therefore should be discussed not only economically but also within the broader perspective of public welfare.

2.1.                        Interoperability, proprietary standards and vendor lock-in

Interoperability is for most institutions the main reason not to use open source software. Since the standards of proprietary software are normally not open, it is hard for competitors - be they for profit or non-profit, proprietary or open source - to ensure that their software is able to process data produced by proprietary software (e.g. graphs or tables in word processors). By their dominant market position, proprietary software vendors can thereby enforce a kind of de facto standard, e.g. on office software, which then - despite and because of the fact of being closed - enhances the vendors' market position.  This is of course a self-enforcing process.

Consequently one major argument against the implementation of proprietary software in the public sector is the subsequent dependency on proprietary software vendors. Whenever the proprietary standards are established the necessity to 'follow' them is given. Even in an open tender acquisition system, this requirement for compatibility with proprietary standards makes the system biased towards specific software vendors, perpetuating a dependency.

This basically is due to two reasons: First of all software owners have to upgrade the software, even if there is no internal reason or interest in doing so. Otherwise they risk facing a situation where their programs are not capable to process documents and files, created by newer versions of the same product. The second coercion to upgrade evolving from this dependant situation is the ending support of 'older' versions.  

This situation has thus major consequences for the cost side of IT management. Additionally for the costs for new licenses and update implementation, software users constantly have to be trained in new program versions. User performance in the phase after the implementation of the software always decreases. On the hardware side this dependency leads to an increase of expenditure. Newer proprietary software, normally, requires better hardware performance. Not enough RAM memory or processor speed for instance then very often leads to new, unnecessary investments in that area. Therefore the lifetime for hardware is much shorter.

This has often been described as the typical lock-in situation: The system is working with proprietary standards and is as such in itself interoperable. Migration to another reliable and interoperable technology is requires much effort and a high cost. The longer the situation goes on, the worse it becomes. After a while the software vendor does not have to fear competition, since the client has to take its product anyway. A typical - at least de facto - monopoly situation evolves in which the vendor dictates prices, conditions, and quality. Consequently liberation from this situation is advantageous for the buyer.

2.2.                        Costs and benefits

Despite the possibly high costs of migration (which would also arise by migration to another proprietary technology) this shift should be gainful in any case. The situation after the migration to open source software will lead to lower life-cycle costs. Furthermore costs of service, support, and maintenance can now be contracted out to a range of suppliers, being placed in the competitive environment of a functioning market.  The costs of this more service-oriented model of open source are then also normally spent within the economy of the governmental organization, and not necessary to large multinational companies. This has a positive feedback regarding employment, local investment base, tax revenue, etc.

We do not agree with some studies [4] that call such a behaviour nationalistic, since it is a government's duty to increase the welfare of its citizens to a maximum extent.

The Audit Office of the German state of Bavaria, the "Bayerischer Oberster Rechnungshof" emphasized this monetary perspective in its detailed report for the year 2001. There it has been made quite explicit, that cost of usage of open source or proprietary software depends on much more than licensing and should therefore be better scrutinized. [5]

Considering the cost side of software usage we should distinguish between two major fields of expenditure:

·        Direct costs related with the software itself (licensing fees, installation costs, training, support, etc.)

·        Indirect costs evolving as a consequence of using the software (hardware upgrades, ensuring the accessibility to data in 'old' format, etc.) 

While performing a cost analysis within or outside a decision making process, all the above-discussed expenditures, which are sometimes quite hidden, should be considered on the basis of a longer period usage. The license costs are normally only a small part of these "Total Cost of Ownership" (TOC).

Apart from the cost reasons the decision for proprietary software and its consequent dependency on one vendor reduces the possibilities and scope for future decisions. The commission for usage of information and communication technology of the German Parliament, "Deutsche Bundestag", reflects this position in its recommendations for future computer equipment. Despite a solution with mixed servers, which would have lead in the short term to a better cost-outcome situation its advice was to implement Linux and OpenLdap on all servers to benefit from more freedom in future decisions and less dependency on specific vendors.

2.3.                        Security

Regarding the question of data security, open source software is believed to be less vulnerable than proprietary software due to a simple reason: the source code is available. Proprietary software hides the code. For administrators proprietary software is a "black box" they have to trust regarding its security. Not only intentionally created "backdoors", but also conventional bugs are not perceivable. For instance there are much more defacements of websites running on proprietary software than on open source software. [6] Open source software developers actively ask to check security gaps. If there is one, awareness of this security problem, and possible remedies, become public immediately.

Objections of proprietary software vendors that no open source software developer guarantees the security of the product are valid. However the license conditions of proprietary software generally excludes any liability resulting from damages arising from security gaps within the software. Normally just a substitution of the storage medium (e.g. the hard drive) is provided in case of harm causing defects of software. This scenario is hardly reported and results in any case only to comparatively low costs. The real damage, such as the loss of data, wrongly executed commands, or the loss of possible profits is not compensated. Producers or vendors of proprietary software do in general not give guarantees for the correct functioning of the programs. Indeed, most End-User Licence Agreements (EULAs) for proprietary software explicitly exclude any liability arising from security or other "bugs" in the software product.

In addition to the not excluded possibility of an open inspection of the source code by the scientific and developers' community, proprietary software producers in many cases include non-disclosure clauses in the license agreements. These contractual regulations prohibit the software owner from publicly revealing discovered bugs within the software. This non-communication situation then leads to a much less transparent and thereby to a much less secure condition under which the software is used. In general, this issue of "security versus obscurity" has been widely discussed by the academic and professional security and cryptography communities, with the universal conclusion that true security never arises from obscurity (i.e. the hiding of internal structures, such as source code).

Security concerns were major for the German Parliament's decision regarding the implementation of Microsoft Windows XP on workstations. Finally Microsoft agreed to present the source code if not publicly, but to a selected panel. [7]  

In its resolution "Deutschlands Wirtschaft in der Informationsgesellschaft" (Germany's Economy in the Information Society) the German Parliament pointed to the role of open source software in the question of security:

"Open-Source-Software setzt sich mehr und mehr gegen proprietäre Software durch. Sie eröffnet die Möglichkeit, stabilere und den jeweiligen Bedürfnissen der Benutzer besser angepasste Produkte zu erhalten. Insbesondere aber kommt diesen in Fragen der IT-Sicherheit und der Interoperabilität vor allem in sicherheitsrelevanten Bereichen zunehmende Bedeutung zu." (7.2.2001) [8]

The high security requirements were also for the French "Direction Générale des Douanes et des Droits Indirects" (authorities for customs and indirect taxation) a huge motivation to migrate to Linux Version Red Hat 6.2. 

2.4.                        Transparency and public right to information

Going hand in hand with the governments' requirements for security is the obligation of public sector organizations regarding transparency. Within a democratic state the citizen has a right of information. This right does not only include the right for processed data as information, but especially the right to know how this data is processed. Software is information interpretable by machines to execute determined tasks and commands. It is the legitimate right of the citizen to have the possibility to scrutinize these procedures. Examples like the computation of votes in the context of public elections or the calculation of taxes should make this obvious. Nobody would seriously propose an electoral system in which it is not made explicit how the electoral assistant staff is chosen.

Conclusively we see four major motivations why governmental organizations consider both policy directives towards as well as concrete implementation of open source software: Dependency, cost, security, and transparency.


3.      Open Source in the Public Sector [9]

As we have seen in the last chapter, governments should have a strong interest in the usage of open source software within as well as outside their organizations. In this part of the paper we will have a look at the state of the art of member states of the European level and thereby try to draw a picture of the usage of open source software. 

Overall it is very difficult to estimate the amount of usage of open source software for the following reasons: Proprietary software producers take the number of sold licenses and add an estimation of unlicensed copies to it. This method is in any case quite questionable [10] , but can certainly not be used for open source software since no licenses are sold at all. The number of downloaded copies is also a poor indicator for usage. It is uncertain whether and on how many computers the copy then actually is installed. On the other hand, the number of delivered pre-installed machines is not a sign of the base for the pre-installed (open source or proprietary) operating system, either. Computers pre-installed with Windows, for instance, may migrate to Linux due to various reasons. Old computers can often be reused with Linux and open source software, rather than a costly upgrade to a newer version of proprietary operating system and applications, and the hardware requirements can be much lower for open source products.

In the case of the usage of open source software in the public sector it is especially difficult to draw an exact picture. We perceive huge differences in the implementation of open source software not only between the European Union member states, but also within the single states themselves. Software implementation and usage is normally part of the responsibility of the single governmental institutions themselves. Due to the lack of political policy directives in the context of open source software IT managers in public institutions are normally - within their budgets - free to buy and install the software they consider to be the most appropriate for their situation. The lack of policy directives on a supra-institutional level causes an absence in the monitoring of installation and usage of open source products on a large scale. Rare available statistics are always on the level of single institutions. Normally these institutions are then in a phase of official policy-driven implementation of open source software. Migration and implementation not following a specific policy is usually not tracked.

Furthermore, very often open source software is not used as a single platform, but as an additional feature on a proprietary operating system. These quite frequently mixed configurations normally do not appear in statistics at all.

A very small, not representative survey done with 66 IT manager in the public sector in different European Union countries, representing all together 1250 server and 18.540 clients, shows that 63% of them use some form of open source software, in the main, in the education sector and for server applications. [11]

Within the FLOSS developers' survey we distinguish three main areas of developers' national background:

·        Area 1: more than 10% of all participants

·        Area 2: between 5% and 10% of all participants

·        Area 3: less than 5% of all participants

In the following we will describe for two European examples of each of these areas the actual situation of open source software within the public sector. We will look for different criteria like developers' activity, extent of implementation of open source software within the public sector, current policies, and future trends. Data is drawn from the FLOSS Survey of Developers. [12]

Figure 1: Relationship between policy and developer activity

3.1.                        France

Developers with a French citizenship were with 16.3% the highest amount of respondents in the FLOSS developers' survey. [13] 91.5% of them stay in France, the rest is living in other countries of the European Union (4.8%), USA (1.7%), or the rest of the world (2.0%). All together France has with -1% a negative migration balance. 15.1% of all French open source programmer declared to have regular contact with more than ten other developers in the community. [14] Thereby French developers are in that category slightly less in contact than the worldwide average (17.5%) and much less in contact than US American open source programmers (22.1%). In the next category, open source developers being in contact with three to ten other developers, France is with its 43.0% over the worldwide average (38.9%) and much over the compared US group (32.1%). 26.6% of all French developers are with one of two other open source developers in regular contact. This group is exactly comparable to the worldwide average (26.3%) and slightly more than the US American developers group (25.1%). 15.3% of all French developers have no regular contacts to the open source developers scene at all. This group is 2% under the worldwide average (17.3%) and much smaller than the compared US group (20.7%). 7.3% of all developers in France have lead four or more open source software projects and are thereby over the worldwide average (7.0%). The situation is quite comparable to the USA (7.3%). 54.6% of the French developers have less leadership experience, up to three projects, whereas on a worldwide average 58.1% and in the USA 55.5% of all developers have lead up to three projects. 38.1% did not lead a project at all (worldwide 34.9%, USA 37.2%).

Since the end of the 1998 public sector institutions increasingly use open source software solutions for their IT systems. The Ministry of Defense did several security and reliability test before installing FreeBSD on its system. The Ministry of Culture migrates 400 servers from Unix and NT to Linux and plans to have the whole system set up on open source software by the end of 2005. The Ministry of Justice and the "Casier Judiciaire National" (national crime register) use different open source software solutions such as Apache web servers, Perl, SamBA, and fetchmail. A migration from proprietary Unix to Linux, PHP, and MySQL is envisaged. The Ministry of Economy, Finance, and Industry and the  "Direction Générale des Douanes et des Droits Indirects" are going to migrate 950 server and 60 workstations to Red Hat 6.2 Linux due to their very sensible requirements for security and reliability. Within the National Education there is a clear tendency towards open sourc software solutions. At the Louis Pasteur University in Strasbourg 26% of all servers are based on Linux, Apache, Zope, Postfix, or SendMail. The "Laboratoire de probabilite, combinatoire et statistique" at the University of Lyon set up all their servers, and 80% of their workstations on open source software. The Universities of Artois, Nancy 2 and the Academie Rouen have about 50% of their server and 10% of their workstations running on open source software. 20% of the servers of the "Institut national des sciences appliqués" at Toulouse and 40% of their workstations are also based on open source solutions.

On the policy side France takes up a leading role within Europe. One of the eleven priorities stated in the ESIS report [15] was "open and free software". The "Agence pour les Technologies de l'Information et de la Communication dans l'Administration - ATICA" (Agency for Information and Communication Technology in the Administration), was set up in 2001 as an e-government agency by the Prime Ministry and strongly supports the implementation of open source software in the French public sector. [16] The Carcenac report on citizen oriented administration to the French Prime Minister recommends the implementation and encouragement of open source software projects. It sets in its action plan - next to its demand for open standards - one of its six priorities explicitly towards the regular usage of open source software in public administration ("Utiliser régulièrement les logiciels libres, outils naturels pour les administrations"). [17]

The combination of both, France strong engagement of the open source software developer community as well as the strong governmental policy towards open source software will lead to more implementation of open source software in the public sector. The political pressure towards open standards could lead - even if legally not enforced - to their realization in the public sector. This role of the state as a grantor of software interoperability would most probably lead to a strong growth of the open source movement. 

3.2.                        Germany

Developers with a German passport rank with 12.4% second in the list of nationalities. 92.6% of them are currently living in Germany, the rest is disseminated throughout the European Union (4.0%), the USA (1.1%) and other countries (2.3%). With 0.2% Germany has a slight positive migration balance. Only 12.9% of all German open source developers are in regular contact with more than ten developers in the scene. 41.0% have contact with three to ten developers. The next group, one or two contacts, is the greatest in our sample (29.1%). 17.0% of the German open source developers have no regular contacts with other members of the community. Thereby Germany is one of the least directly connected countries within open source programmers worldwide. 7.1% of all German developers are highly involved in leadership (four and more projects). 60.2% have lead up to three projects, whereas 32.7 of all German open source software developers have participated in projects only in a non-leading function.

In terms of implementation of open source software into public sector institutions, Germany takes up - together with France - the leading role inside and outside Europe. Due to its administrative structure there are different levels on which implementation takes place. The "Bundesanstalt für Landwirtschaft und Ernährung" (Federal Institute for Agriculture and Food) uses SuSE Linux for their web servers on their intranet. The "Deutsche Bundestagsverwaltung" (Administration of the German Parliament) decided in the beginning of 2002 to migrate all servers to Linux whereas all workstations will update to Windows XP. After long discussion especially arguments regarding the dependency on one supplier and the missing transparency/security and interoperability convinced the "Ältestenrat" (Council of the Oldest) for their decision. Cost reasons on the other side were the main ones for the Police in Lower Saxony to install Linux on 11,000 workstations. The Ministry for Inner Affairs of the Bundesland Niedersachsen (Lower Saxony) expects savings of 20 million Euros within the next ten years. Several other ministries and public administration institutions use - partly in pilot projects - open source software, in the main in the Internet area. [18] Also on the communal level different forms of open source software is either tested or implemented. The municipality of the city of Munich for example executes a feasibility study for the migration of 10,000 workstations to Linux. [19]

On the one side Germany's policy towards open source software is much driven by cost motivation. Very often feasibility studies are performed and evaluated on the criterion of the expected savings. On the other side Germany quite explicitly supports open source software by various projects and infrastructure. The German Parliament in general demands the usage of open source software in federal administration. In 2001 it decided that open source products should be used wherever costs could be decreased. [20] The Ministry of Inner Affairs took up a leading role in German policy concerning open source. Its "Koordinierungs- und Beratungsstelle fűr Informationstechnik" (KBSt) acts as a coordinator and advises public administration within their open source implementation process. In 2000 it published an information letter on the topic. It also provides constantly information of current open source events. [21]   The other driving actor in German open source policy is the "Bundesministerium für Wirtschaft und Technologie - BMWI" (Ministry of Economy and Technology). In 2001 it published an information brochure on open source for small and medium enterprises. [22] It also funds the BerliOS, a platform mediating open source software and software projects like GnuPG, an encryption technology basing on OpenPGP standard.

After France, Germany has the second largest community of open source software developers responding to the FLOSS Developer Survey (other surveys show Germany as the country with the highest number of open source software developers). Governmental organizations show strong interests to support open source software in the public sector. Driving factor is, in the main, savings in expenditure. Growing interoperability is, even if perceived as very positive, more a side effect in importance. Nevertheless the practically oriented policy and the strongly increasing implementation of open source software in the public institutions will contribute to an augmentation of open source software projects also outside the German public sector. This will have a strong impact on the usage of open source software also in the private sector.    


Figure 2: Distribution of European developers as a percentage of the worldwide total

 

3.3.                        Spain

6.7% of survey respondents claimed Spanish nationality, making Spain among the top European countries for open source software development. 93.1% of all open source developers who declared their nationality as Spanish are living in Spain. 3.4% are living within another member state of the European Union, 2.1% live in the USA, and 1.4% live somewhere else. Spain's migration balance is 0.3% negative. Only 8.7% of the Spanish open source developers have no regular contact with other community members. This is the smallest ratio of the whole sample. 26.1% of the developers mentioned one or two regular contacts with scene. In the middle range (three to ten contacts) Spain is with its 45.6% of developers far over the average and also with its 19.6% of developers who have contact with more than ten other open source participants Spain is ahead of the worldwide average. In general, Spanish developers can be regarded as among the most well-connected.

8.7% of all Spanish open source software developers are very experienced in leadership (four or more projects). 65.9% of the Spanish programmers declared that they lead up to three projects. And only 25.4% stated that they did not lead any open source project.

There are some examples of installations of open source software products within ministries and other public administration offices in Spain. The Schmitz study reports on implementation of Linux and different other server applications like SamBA, NFS. Zope, or OpenSSH in the Senate, the Nuclear Security Council, the Ministry of Home Affairs, and the Ministry of Justice. [23] The use of open source products as an operating system for workstations is still very marginal.

The main implementation of open source software in the public sector is the "Virtual MAP" Project of the "Ministerio de Administraciones Públicas" (Ministry of Public Administration). Due to cost reasons a migration from its established Unix system to other proprietary operating systems was not possible. Therefore Linux was implemented on 220 servers. The hardware requirements had to be very low. The decision was taken that the planed hardware budget was reallocated in favor of personalization and training and a "MAP Linux distribution" basing on a Debian distribution was developed. The objective of the project is to have only Linux running on MAP's 400 server that are connected to 4,000 clients.

In the poorest region of Spain, the border province to Portugal, Extremadura, the regional government adopts Linux as the official operating system within schools. The 670 schools are based on open source software. The training of the 15.000 Extremadura's teachers on the system is now the main priority of the government within this project.

On the policy level Spain's activity towards open source is in a starting phase. Joan Puigcercós, member of the Catalan Parliament, "Grup Parlamentari d'Esquerra Republicana de Catalunya" and associated in the "Grupo Parlamentario Mixto" recently proposed a law, by that the autonomic governments should give priority and sponsor the production of free software. [24] The use of open source software in the public sector however is statistically not yet monitored (e.g. IRIA report 2001). The implementation of eEurope 2002 Action Plan is foreseen to be realized within a national action plan "Info XXI Action plan" coordinated by the "Ministerio de Administraciones Públicas". Within this framework integrated services should be facilitated. In this context interoperability and open source programs and applications are relevant aspects. [25]   Other initiatives on the policy level are not very widespread.

Despite this low support of administrative policy change in the public sector seems not to be improbable. The example of the very successful Virtual MAP Project could easily be taken up by other public sector institutions. The widely disseminated Unix culture within the public sector is a very promising precondition for a larger migration from proprietary software towards open source substitutes. However, the developers' activity in the private sector seems to be Spain's trump card. Not only the high amount of community members, but especially their high experience in project leadership and the high degree of connectedness will help to boost Spain's open source movement. 

3.4.                        United Kingdom

6.5% of all open source software developers are British citizens. In that sense it is quite comparable to Spain. 88.7% of the developers with British nationality are living in the UK, with the rest distributed across other European Union states (4.9%), the USA (3.6%) or other countries (2.8%). With 0.1% positive migration balance the United Kingdom is almost balanced regarding its immigration versus emigration. In the UK 21.8% of all open source developers have more than 10 regular contacts in the scene. This gives the UK the largest proportion of highly connected developers in our sample. In the middle range (three to ten contacts per developer) UK developers are far on the bottom end (33.2%) and within the category of up to two contacts the UK has 23.9%. 21.1% of the UK developers have no contact with other programmers on a regular basis. This is also the highest rate within our European sample. 7.1% of UK's open source software programmers are very experienced in leadership (four and more projects), 56.7% have led one to three projects, and 36.2% did not lead projects so far.  

Implementation of open source software is, in the main, concentrated to the national health care system. The most discussed example is the "Walton NHS Trust", a hospital that relied on proprietary software called HISS (Hospital Information System). After the insolvency of the proprietary software vendor the hospital did migrate to a Linux version. [26] Open source software was discussed as a general IT solution in the National Health Services. [27] The report "Open Source: The UK Opportunity" by the National Computer Center (NCC) resumes the starting usage of open source in the United Kingdom. [28]

Regarding public policy the United Kingdom is in a very promising starting phase. The National Health Service is one of the most active parts in British public administration, regarding open source policy. The NHS Information Authority published in January 2002 an article strongly recommending open source software especially for public health care. [29] In reaction to the eEurope action plan the British e-Government Interoperability Framework (e-GIF) intends to mandate open standards and specifications. [30] A White Paper was published by the "Office of e-Envoy" (OeE) and  the "Office of Government Commerce" (OGC) on behalf of the UK Government to identify "a wider, more embracing policy on the use of OSS [open source software - the authors] within UK Government". [31] Part of the stated policy is - apart from the procurement of software (proprietary of open source) on the basis of costs - to "only use products for interoperability that support open standards and specifications in all future IT developments". 

Possibilities of using open source software as the "default exploitation route for Government funded R&D software by academic research institutes" should be explored. In general the "UK Government will seek to avoid lock-in to proprietary IT products and services". The QuinetiQ report on the "Analysis of the Impact of Open Source" [32] does not recommend a general preference for open source software, but strongly suggests action against the lock-in situation of proprietary (closed) standards. It "concludes that the existence of an OSS reference implementation of a data standard has often accelerated the adoption of such standards, and recommends that the Government consider selective sponsorship of OSS reference implementations." [33]

What we can see in the case of the United Kingdom is a changing policy towards open source software. While the topic was almost ignored by governmental institutions, the UK seems to face and challenge the lock-in situation. Currently only little implementation has taken place in public sector organizations, [34] but the fast development on the policy level will most probably influence future decisions also on the level of implementation. The open source developers' scene is very present in the United Kingdom. Its high degree of connectedness looks very promising. We expect further growth of the movement in the private sector and an starting realization of open source projects in the public sector of this country.

Figure 3: Regular contact among open source developers

3.5.                        Belgium

4.0% of participants of the developers' survey stated to be Belgium citizens. Therefore the country ranks relatively low in terms of absolute figures. However regarding its small population Belgium's density of developers is considerable high. 88.1% of developers with Belgian nationality live in the country. The rest is residential in other member states of the European Union (10.7%) and the United States (1.2%). This quite high degree of mobility is in part certainly explainable by Belgium's central geographical situation within the European Union, by its small size, as well as by its multilingual population. [35] Belgium's migration balance is with its -0.4% comparatively high, since this is measured on all open source software developers and would mean-10% compared to Belgian open source developers. The country's share of top connected open source developers (more than ten regular contacts) is comparatively low (12.8%), whereas the middle range (three to ten contacts) is with 47.5% over the average. 20.5% of all Belgian open source developers have regular contact with one or two other members of the community; 19.2% are not at all in regular contact with the community. 6.4% of all Belgian developers have strong leadership experience (four or more projects), 56.4% lead one to three projects, and 37.2% have no experience in leading projects at all.

The implementation of open source software in the public sector in Belgium is growing. The region of Brussels includes in its mostly Unix based infrastructure elements of open source software on the server level. The "Centre d'Informatique pour la Région Bruxelloise - CIRB" (Computer Center of the Region of Brussels), an advisory and coordination office for the usage of information technology for the Brussels region uses open source products (e.g. Linux, Apache) for their servers. Already since 1998 the Belgian National Army also includes open source software mainly in the field of mainframe terminal emulation and Internet applications (web server, virus scanning, Linux routers, etc.). The Royal Botanic Garden installed seven Linux servers (Apache, SamBA). On 100 dual bootable (Windows - Office, Linux - StarOffice ) workstations 70% of the usage is on the proprietary, 30% on the open source software. [36]

Even if not stating written policy, the region of Brussels includes open source knowledge in its public call for tenders (Linux, SamBA, MySQL, Perl). The CIRB was publishing the booklet "Le guide pratique de Linux destine aux desideur" adopted to the public sector adapted version of the French text. [37]   

Especially the growing inclusion of open source in public tenders looks promising for the future development of the open source software potential in Belgium. The usage of open source software within the public sector of the Brussels region is expected to grow further and influence the public ICT strategy. The highly developed open source programmers' scene points in the direction of further growth of the movement, at least in the private sector of the country.


Figure 4: Leadership experience of developers

3.6.                        Austria

With 2.2% open source developers holding Austrian nationality,  Austria is also in the lower category of our sample. Regarding its small population size, Austria's relative share in the open source community is however perceptibly high. Similar to Belgium, lot of these developers live abroad (10,7%). Most of them are residential in Germany (6.4%). The rest is distributed over rest of the world (4.3%). Different to Belgium, Austria has an equaled migration balance (0.0%). Regarding the connectivity, the country has comparatively not that many highly connected open source developers. 12.8% have more than 10 contacts on a regular basis. 42.5% are in contact with three to ten other open source programmer and 31.9% have one or two regular contacts in the scene. 12.8% of all open source developers in Austria have no regular contacts in the scene, a comparatively low value. Developers with strong leadership experience (four and more projects) are comparatively rare (4.3%). 59,6% of all Austrian developers have lead one to three projects, and 36.2% did not lead any open source project so far.

This considerable activity does however not mirror in the activity in the Austrian public sector. There are only very small projects going on, such as a pilot project including a Debian - GNU/Linux with a few clients at a primary school in Salzburg. The project is accompanied by lectures about free software and system administration for teachers. Ironically one of the main challenges seems to be the integration of proprietary software prescribed by the Ministry of Education. The authors cannot exclude probable open source activity on the higher education institutions, which however are not made very explicit. According to Niki Nickl, the expert on open source of the Austrian green party, open source software is used to some extend for servers in the "Bundesrechenzentrum".

On the policy level Austria seems to jump on the Microsoft's "shared code" initiative. The Austrian Ministry of Inner Affairs was the first governmental organization involved in this proprietary software project. There has been setup a workgroup dealing with Linux/open source, the "Arbeitsgruppe Linux/Open source" (workgroup Linux/Open source) of the "Chief Information Office" (www.cio.gv.at) of the Ministry of Inner Affairs. It recommends not to install open source software on workstations. The implementation of few functions on the server level however should be considered. Unfortunately Udo Linauer, member of this committee could not provide us with further details concerning implementation and policy within Austrian governmental institutions. There has been an inquest of the Austrian MP Glawischnig about possible implementation of open source in the beginning of 2002. The topic open source however plays generally a marginal role in Austrian politics.

The implementation of proprietary software in general and the governmental usage in particular is not perceived to be very problematic by large parts of public sector decision makers in Austria. This applies to the policy as well as to the concrete implementation level. However this can - as in other European countries - change quite rapidly. The activity in the developers scene and the private sector could put pressure in public sector institutions to alter their perspectives. Austria is certainly in the starting phase of open source movement, a fact also demonstrated by the little experience of developers project leading experience.  


4.      Public Policy Impact and Recommendations

In the last section we have looked at the situation in different member states of the European Union. The examples seem to cover the whole range of national, regional, and local governmental organizations. Some of them are very active, in both, in the policy on and by the implementation of open source software. France and Germany seem to take up the leading role within and outside Europe. Some countries were in the very recent past only perceiving the possibilities open source software offers. Action however is starting to be undertaken in policy and implementation strategy. We see interesting developments in countries like the United Kingdom, Spain, or Belgium. There are at last also countries in which governmental institutions in general show little interest in the topic of open source software. Despite bottom - up activity also in the public sector, there is little support to movement. Austria could be stated as an example.

One picture however can be drown upon the whole European Union: both policy and implementation is very heterogeneous. Single governmental institutions decide on themselves whether and to what extend they use open source software. In the main the same wide-ranging intentions exist: interoperability, security, and cost reduction. Transparency and open standards are perceived as a possible solution pointing in the direction of independency and a functioning market.

4.1.                        International differences in open source development: US/EU

Most surveys [38] show a balance between open source software development in the US and EU tilting increasingly towards the EU. The WIDI survey has a comprehensive analysis of open source developer demographics through various forms of analysis, including voluntary surveys and analysis of developer e-mail addresses. It also has a fascinating data set on migration patterns, showing that, for example, several developers who are EU nationals actually work in the US.

The growth of an open source developer base is increasingly an proxy indicator of the innovative capacities (within the software domain) of a national or regional economy. This is for three reasons, as follows.

First, open source software is a public resource with low entry barriers. Unlike forms of intellectual property with restricted access for re-use (through patents, restrictive copyright licensing), open source software can both disseminate innovations in the fastest possible way, as well as provide for further development and innovation from any source without inefficient time delays or other costs.

Second, open source software is an excellent training system, provided essentially at no direct cost to society. I.e. neither public subsidies nor future employers need pay directly for the training provided to (often novice) programmers through their exposure to source code and the open source developer network. This is implicitly recognised by employers, who may favour prospective employees who have worked on open source projects; it is explicitly recognised by developers themselves, 79% of whom start participation in the open source community "to learn and develop new skills" [39] .

Finally, open source software is by its nature almost automatically the source of de facto standards for any number of protocols or systems both historically as well as those being developed today. The attraction towards open source software as a way into standardisation for companies has already been touched upon in the previous section. However, it remains a fact that open source systems that have developed into standards tend to be initially developed by small groups and only later (if at all) promoted by companies that jump onto the bandwagon, as it were. Having a large base of open source development therefore helps a region's companies involve themselves early in the de facto standardisation process, as well as incorporating cultural factors into the process.

As such, it can be said that open source software support in Europe has a clear socio-political nature to it, while the support for this in the US is more corporate. (This does not mean that more companies support open source in the US - which is far from the truth - but that the support provided to open source in the US is more from companies.)

Partly this is a result of the large EU student base, and the lengthy periods of university study (one reason why Germany has a very high rate of contribution towards open source). Students may be less motivated by attempts towards standardisation or other economic arguments than by the socio-political ones.

The lack of software patents in the EU probably helps encourage a larger open source developer base, while the way software patents have been issued and enforced in the US is definitely a hindrance to the participation of US-based companies (and to some extent individuals) in the open source community.

On the other hand, while SME's are rarely in a position to invest in basic research or standardisation efforts and thus participate in open source mostly if it at the core of their business model, large firms can and do participate due to their interest in basic research or the standards process. Firms such as IBM have committed themselves to open source in words as much as in deeds (the much-publicised $1 billion planned investment). As such large companies are more concentrated in the US it may be thought that such concerted support for open source development will be more US-centric. Indeed, this is the case. Typically, large firms either sponsor core development in a big way or release proprietary code into the open source code base, thus setting the initial direction for development. Individual developers or others may then provide the bulk of further development, but a "guiding influence" may well be present.

The result of this is a peculiar situation where although the majority of developers may indeed be European, key decisions end up being made in the US. However, this may change through the growing occurrence, much less in the US than in Europe (and also developing countries, such as in Latin America), of large public-sector demand factors. Government policies at the local, national or regional level that offer non-proprietary solutions a fair chance at providing services create potentially large business opportunities for local entrepreneurs and SME's and a commercialisation of an existing open source developer base.

Doing so, they also drive the standardisation and development cycle from the demand side. A large firm can seed a standard by sponsoring or releasing core code, but a large buyer can equally well influence development by asking and effectively paying for certain features that may otherwise be commercially unavailable. With an existing advantage in terms of the size of the developer base, this is a relatively easy way of affecting global standardisation and innovation processes.

This seems to be the likely pattern for the increasing influence of European inputs in open source development.

4.2.                        Objectives and recommendations

In the following we will describe possible objectives for governmental institutions. Not neglecting the role of the states as the largest purchasers of software products, we will consider governments not simply as participants in the software market. The role governments play in their relationship with their citizens, especially their responsibility for them should define their policy towards decisions regarding investment in information and communication technologies. Governmental organization should be conscious about the fact that any information they hold is not owned by them, but by the citizens, who either paid for its aggregation by taxes or delivered it themselves, normally without an alternative under the rule of law. Therefore it is a governmental duty to enable the following tasks:

·        Guaranteeing free access to public information

·        Maintaining the permanence of public data

·        Assuring security of public and citizen provided data

·        Avoiding unnecessary public spending 

In contrary to the private sector, governments have not the same contractual freedom, but must act in the communal interest. On the juridical level this means that governments should change the legal and organizational situation within their organizations towards a clearer specification of the software products they are using. This should not be misunderstood as a positive discrimination for a specific type of software, e.g. free of charge software. By determining the conditions under which software can be used in public sector organizations, no natural or legal person should then be prohibited from offering goods and services to them. [40] This is nothing astonishing. In lots of other cases of public purchase technical capability to accomplish a task is also not the single criterion for decision. Contractual conditions must fulfill further requirements of public welfare. In the case of software these requirements should be the adequate processing of the citizen's data, watching over its integrity, confidentiality, and accessibility throughout time. For an ideal situation, we therefore recommend the following steps to achieve these aims [41] :

1.      Governmental organizations should specify the license conditions of software they use. In particular the license should have the following characteristics:

(a)    unlimited access to source code

(b)   unlimited usage of the software

(c)    right to reproduce and distribute an unlimited amount of copies

(d)   right to modify the software

(e)    right to reproduce and distribute an unlimited amount of copies of the modified software version under the same license restrictions

(f)     right to use and change arbitrary parts of the software for usage within other software

2.      In case software with these characteristics does not exist for a determined purpose and its tender is not possible due to time reasons or disproportionate costs, exceptions should be made in the following order (referred to recommendation 1):

·        unlimited usage of software not having characteristics (c) and (e)  

·        time-restricted usage of software not having characteristics (c), (d), (e) and (f)

·        time-restricted usage of software not having characteristics (b), (c), (d), (e) and (f)

·        time-restricted usage of proprietary software

3.      Any time-restricted exception should be published with the necessary description of the technical and interface-related specifications of the software. An implementation plan should be set up immediately after positive testing, development, and examination of alternative products.

4.      Exceptional usage of software should only be permitted when a public institution guarantees the storage of data in open standards, in worst case parallel to the proprietary ones.  

5.      Public tenders should include a description of the software requirements posed out in recommendation 1.

6.      In case a governmental organization cannot fulfill its requirements with software stated in recommendation 1 and 2, it should be authorized to acquire proprietary software to store or process data. The organization should then have to publish a report in which it points to the risks associated with the given software.

7.      Every public research organization should be allowed to use proprietary software for research purposes as long as the purpose of the investigation is directly related with the program.

These recommendations should be made compulsory for software usage in governmental organizations. Since such a legal act would not interfere in the private sector software market, we consider these measures as not too wide-ranging, but as a legitimate execution of public interest. Apart from legal action governments should promote the dissemination of open source software in the broader public. This could be done by:

Establishing and fostering open source work groups on the national and European level with the task to

·        develop and execute a statistical monitor systems for the usage of open source in the public as well as in the private sector

·        develop and promote comprehensive policy to generally improve the usage of open source software within the member states of the European Union

·        help to enable and coordinate open source software migration and implementation in the public sector for small and medium size organizations

·        coordinate and cooperate within open source projects of public interest

·        develop strategies to adopt the public and private educational sector to open source requirements

·        support business models based on open source software

·        inform and advise small and medium size enterprises before and in their implementation/migration phase of open source software

As the adoption of these recommendations requires considerable political will at several levels, it is more likely that governments will move towards the increased use of open source through a bottom-up process, as is already the case with several regional or provincial governments. This is typically achieved through the use of a simple of "leveling the playing field" for public tenders, which currently heavily favour dominant vendors of proprietary software through interoperability requirements.

The solution is to require interoperability, but with open standards rather than proprietary ones, making open source software solutions providers viable suppliers and also reducing public dependence and vendor lock-in.

Valid HTML 4.01!


[1] Despite the often discussed differences within the developers' scene, we do not distinguish between "open source", "free software", and "logiciel libre".  For the purposes of this report, these terms are used interchangeably except where specifically stated.

[2] http://linuxtoday.com/news_story.php3?ltsn=2000-07-31-002-20-PS-BZ-MS

[3] http://news.cnet.com/investor/news/newsitem/0-9900-1028-4825719-RHAT.html

[4] see e.g. David Evans and Bernard Reddy, Government Preferences For Promoting Open-Source Software: A Solution in Search of a Problem (2002), http://papers.ssrn.com/sol3/delivery.cfm/SSRN_ID313202_code020524670.pdf?abstractid=313202

[5] The costs are not only limited to the direct cost. See as e.g. the detailed report of the Bavarian Audit Office for the year 2001 regarding the use of F/OSS and proprietary software: http://www.orh.bayern.de/Jahresbericht2001.pdf p.63-73

[6] David A. Wheeler, Why Open Source Software / Free Software (OSS/FS)? Look at the Numbers! (2002) online on http://www.dwheeler.com/oss_fs_why.html

[7] Microsoft calls this possibility to inspect the source code "shared code initiative". It should not be misunderstood as open source software, since major characteristics of open source such as the right to change the code are generally excluded.

[8] online on http://dip.bundestag.de/btd/14/052/1405246.pdf

[9] In this context we want to specifically point to a study done in 2001 by Patrice-Emmanuel Schmitz, Unisys Belgium: "Study into the use of Open Source Software in the Public Sector", especially part 2, "Use of Open Source in Europe", published online http://www.cri74.org/actualites/articles/2001/usages.htm.

[10] It assumes that all users of unlicensed proprietary software would continue as users if they were forced to pay the full licence cost, which is clearly false.

[11] Schmitz, 2001 online on http://www.cri74.org/actualites/articles/2001/usages.htm

[12] The FLOSS Survey of Developers is described in detail Part IV of the FLOSS Final Report.

[13] All data concerning the developers' activity in this report is  based on the FLOSS Developers' survey.

[14] In the following text we always refer to residence, not nationality, except where explicitly stated otherwise.

[15] http://www.eu-esis.org/download/esis_strat.ZIP

[16] http://www.atica.pm.gouv.fr/

[17] http://www.internet.gouv.fr/francais/textesref/rapcarcenac/sommaire.htm  

[18] For a more detailed information see the report of the government of Lower Saxony, online at http://www.landtag-niedersachsen.de/Drucksachen/1501-2000/14-1942.pdf

[19] http://www.heise.de/newsticker/data/mgo-13.04.02-000/

[20] Bundestagsdrucksache 14/5246 online on http://linux.kbst.bund.de/bundestag/bt-drs14.5246.html

[21] http://linux.kbst.bund.de/ and its information letter http://linux.kbst.bund.de/02-2000/brief2-2000.html

[22] http://www.bmwi.de/Homepage/download/infogesellschaft/Open-Source-Software.pdf

[23] Schmitz, 2001 online on http://www.cri74.org/actualites/articles/2001/usages.htm

[24] online on http://www.hispalinux.es/modules.php?op=modload&name=Sections&file=index&req=viewarticle&artid=53&page=2

[25] see the report on Spain in the 35th Conference of the ICA International Council for Information Technology in Government Administration, p. 9, online on http://www.ica-it.org/conf35/docs/spain.pdf

[26] http://www.spence-n.demon.co.uk/wcnn.htm

[27] see e.g. http://news.zdnet.co.uk/story/0,,s2082268,00.html

[28] http://www.ncc.co.uk/aboutncc/press_rel/uk_open_source.html

[29] http://www.nhsia.nhs.uk/def/pages/features/i_250202.asp

[30] for published documents see http://www.govtalk.gov.uk/interoperability/egif.asp?order=title

[31] http://www.govtalk.gov.uk/documents/OSS%20Policy%20draft%20for%20public%20consultation.pdf

[32] http://www.govtalk.gov.uk/documents/QinetiQ_OSS_rep.doc

[33] Ibid. page vii 

[34] There has been lots of disapproval that even the highly promoted e-government web-services http://www.gateway.gov.uk/ are only available by proprietary software. See e.g. several press articles online on , http://www.theregister.co.uk/content/4/19239.html, http://www.linuxuser.co.uk/articles/issue11/gateway.html, or http://www.guardian.co.uk/internetnews/story/0,7369,504403,00.html

[35] Such arguing would also explain the little amount of US open source developers living outside the USA - 4.6% of which 1.2% are in the English speaking countries India, Australia, and Canada residential).  

[36] Schmitz, 2001 online on: http://www.cri74.org/actualites/articles/2001/usages.htm 

[37] http://www.linux-france.org/article/these/guide_linux/

[38] see WIDI (2001): Who Is Doing It, survey of Free Software/Open Source developers study conducted by Technical University Berlin. See http://widi.berlios.de, for pre-print of the analysis see
http://ig.cs.tu-berlin.de/s2001/ir2/ergebnisse/OSE-study.pdf; see also: Dempsey, Weiss, Jones and Greenberg: "Who is an open source software developer?" Communications of the ACM, Volume 45, Issue 2  (February 2002)

[39] See FLOSS Survey of Developers, Part IV of the FLOSS Final Report online on http://www.floss1.infonomics.nl/FLOSS/report/FLOSS_Final4.pdf

[40] By determining these requirements governments would in practice open the market for public services, by avoiding the above described lock-in situation.

[41] Parts of these recommendations are already made as a legal requirement for software use in the public sector by the Peruvian parliament ratified in April 2002, online on http://pimientolinux.com/peru2ms/law_project4.html The bill, as well as these recommendations are basing on the outcome of the cooperation of the members of the mailing list 'proposicion', set up to help the Argentinian representative Marcelo Dragan drafting a bill to mandate the use of free software in government. The messages are archived online (http://www.grulic.org.ar/pipermail/proposicion/).