In limiting open source efforts, the government takes a costly gamble
The vast majority of companies are now realizing the value of open sourcing their software and almost all have done so for at least certain projects. These days Google, Facebook, Microsoft, Apple and almost every major company is releasing code to the open source community at a constant rate.
As is the case with many cutting edge developments it’s taking governments a while to catch on and understand the value in going open source. But now governments around the world are beginning to take the view that as their software is funded by the public, it belongs to the public and should be open for public use and are starting to define codified policies for its release.
After varying levels of embrace from Bulgaria, Romania, France and others, the US decided it too would open source more of its code, starting with a requirement to release at least 20% of all new government funded code for a three-year trial period. While this move will have a number of financial benefits, the program needs to be made more ambitious.
What exactly does the US going open source mean?
The now adopted proposal mandates that “(1) new custom code whose development is paid for by the Federal Government be made available for reuse across Federal agencies” something that doesn’t currently happen and costs millions of taxpayer dollars in code development, when the code from one agency could be re-used in another; and (2) a portion of that new custom code be released to the public as Open Source Software (OSS).”
While the specific percentage of the code required to be open source is 20%, agencies are encouraged to release more than that on their own volition. The three-year trial period presumably allows the government to take a wait and see approach on the issues and benefits. While this proposal seems reasonable and safe, many say too ‘safe, it’s poised to rob taxpayers of millions, if not billions of dollars, leave the US open to cyberattacks and tarnish its reputation as a tech leader.
The people’s code
According to the US Government Accountability Office (GAO), an unbelievable 80 billion is spent each year on IT systems and while much of the budget goes to operations and maintenance, billions of dollars are used in the development and enhancement of code. Believe it or not, the government is one of the most well-funded innovation hubs when it comes to top notch code, with financial backing that only a handful of the world’s largest tech companies enjoy.
The big difference between these big tech companies and the government however, is that the government is funded by us and by releasing their code they aren’t risking their position in the market, or helping out the competition. Instead, they’re boosting the security of companies while reducing their operating costs.
By going open source, the government is ensuring that businesses will be more secure against costly cyberattacks. Businesses, especially small and medium sized enterprises (SMEs) are often unable to afford the costs of developing their own, secure, high quality code. By open sourcing government code, these businesses can use advanced technology development by the government and be safer, save the money on developing their own code and use that money to develop their business and keep on doing what they do best.
It has been government that has been on the forefront ensuring that code is secure and that standards are being kept. In 2015 for example, the FCC and the FTC spearheaded an investigation into leading mobile carriers following the Stagefright vulnerability exposing 1 billion plus users to attack. Likewise, it’s government agencies that have treated security as a primary parameter of any product as they’re swayed more by that single facet than the market forces that make major mobile carriers prioritize connectivity over vulnerability concerns.
By making US government code open source it’s not just SME’s that will benefit, some of the largest tech companies on the planet, companies with lots of our data, will be the biggest beneficiaries with the ability to secure vast databases with a high level of complexity easier than ever before.
The bottom line is that open source code is far more multi-purpose, meaning it can be used across a number of government agencies. And most importantly, it will have a trickle down savings effect that will boost enterprises. While governments might be slow in adapting their policies to technological advances, government code and especially US government code is of incredibly high quality and that quality can make businesses, especially SMEs who can’t afford to develop their own code, more secure and more likely to succeed.
Being timid on open source is a big risk
The US government shouldn’t need a trial period for going open source because the principles are the same everywhere, besides the fact that the code releasing process needs to include a step ensuring no sensitive code is being released. But the benefit-heavy outcomes are well known and they outweigh and potential adverse effects.
As many agencies already open source 10-15% of their code, a mandated minimum of 20% will actually often only result in a 5-10% increase. If the US government were to think bigger and aimed to open source closer to 50% of their software, the savings, both direct and indirect would be monumental.
The vast majority of code is still not classified and therefore, much higher levels of open sourcing are possible. While a bigger embrace of open source may seem like a risk, the real danger lies in small, overly-cautious implementation which is costing taxpayers by the day and making us all less secure.