Open source is unavoidable: open source policies and digital sovereignty
For our latest Open Future Session, we invited Mike Linksvayer, Head of Developer Policy at Github, to talk about open source and sovereignty (an issue that he has also explored in this op-ed). Mike previously worked at Creative Commons as one of the key architects of open licensing infrastructure. Our second guest and responder was Adriana Groh from The New Institute, who was previously working on the German Prototype Fund. She was part of the team that recently created a feasibility study for a Sovereign Tech Fund.
We wanted to discuss open source, and the way governments are shaping policies in this field, as it ties with our interest in public digital infrastructures, and digital public space in general. Open source is also a field in which the open production model probably had the most success – this is something that Mike highlighted in his talk. And the trend of greater involvement of public actors, often using the argument of technological sovereignty, is an important one to follow.
Mike started by reminding us that open source is huge, ubiquitous and economically important. It is also unavoidable since it is present in almost every digital device and intermediates almost any exchange of information on the net.
We can think of open source as the commons as it connects with other subfields related to ‘openness’, But we can also think of it as infrastructure, highlighting the issue of funding, maintenance, or vulnerabilities – like the recent Log4Shell vulnerability, which sharply reminded us of the challenges to maintaining open source code infrastructures.
In his talk, Mike charted a connection between open source and digital sovereignty, a concept that is increasingly used to justify the involvement of state actors in the global development of open source technologies. And this approach is much different from the previous one, where open source would be discussed at the margins of IT policy, for example in terms of cost-saving.
Traditionally, sovereignty is framed as an approach that connects with nationalism and is typical of autocratic states, highlighting their power, autonomy or even autarky. Mike suggested that another vision of sovereignty, a more healthy one, is possible. One that understands national autonomy in terms of ensuring economic strength and local technological capacity while at the same time remaining interdependent from other states and actors. His vision reminds in many ways the “Buen conocer” strategy, which Andres Arauz presented in our previous session.
In this way, the idea of sovereignty aligns very well with the open source model, in which autonomy and capability are central to producing code and running digital infrastructures. Mike believes that the open source model is a way of securing autonomy and technological capacity in a smart way. It’s a type of sovereignty that is generative, as it contributes to a global capability while also ensuring local autonomy. “No country or organization in the world is big enough to keep up with the edge of technological development in every field. Pursuing technological autarky is a recipe for falling behind”, said Mike.
Open source development can also be seen as a powerful way to build connections and interdependencies on a global scale. Mike mentioned how at the time of the Cold War, scientific collaboration, even when happening at a minuscule scale, provided some level of cultural exchange and mutual dependence between societies that were otherwise detached, or even in conflict. In this context, open source as global collaboration is a powerful force for good in the world.
In the second part of his talk, Mike described the journey of states in adopting open source technologies and compared it to that of commercial companies. For these companies, the journey started in the 1990s, as they initially ignored open source, or feared that it would hurt their proprietary products. Engineers in companies were the ones who started adopting open source, and soon they were not just consuming, but also developing it.
This led to the next phase in the cycle, one of hype around open source, during which every company felt the need to release. Only in the next stage did contribute to open source begin to be seen as a strategic priority, as there was a growing realization that open source was a global phenomenon. At this stage, companies became interdependent as they collaborated on maintaining different parts of the open source infrastructure. In the final stage of digital transformation, engaging with open source also drives cultural change, thus stimulating new ideas and innovation. Leading technological companies today all aim to be in this stage of their open source journey.
Mike compared this maturity model to the typical journey of a state actor – one that, interestingly enough, also started in the 1990s for many states, but developed at a slower pace. Initially, open source was not on the radar of policymakers. Mike made an interesting observation that this was the flip-side of the approach taken by different communities working with open models (not just for code production). They indeed saw the new approach as means of avoiding the sphere regulated by the state (for example by copyright law). There was a belief that open source could develop beyond the state, somewhere between the market and the society.
The underestimation was mutual, policymakers weren’t paying attention to open source; the open source community was not paying attention to policy.
The first shift occurred through procurement, which connected the government and the activist side. The initial rationale for adopting open source in public administration was that of cost-saving. This was followed by an experimentation stage, in which the open source model intersected with innovation around digital citizenship, open government and open data. These experiments created ground for the next stage, in which governments were willing to support open source investments. And in the final stage, governments just like any company began treating open source as a strategic imperative.
In both the corporate and government cases that Mike described, open source is ultimately seen as a strategic approach that can increase both autonomy and local capability to keep up with the cutting edge of technology and to engage with the global technological community. And in both cases, the politics and strategies of open source become important. Just as companies invest in code to obtain a competitive advantage, governments are also beginning to pursue foreign policy objectives through technology development.
In her response, Adriana Groh described her experiences with technology funds – a type of policy measure that in recent years has been successfully developed in Germany. Initially, public funds were used to establish the Prototype Fund, a program managed by the German Open Knowledge Foundation (OKF) to support innovative open source projects. This was an outcome of long-term community pressure to provide public funding for civic tech projects and individuals or small teams of developers. The Fund, while being successful in achieving its goals, showed significant limitations as it mainly focused on innovation.
A new approach became possible around 2020, for several reasons. Firstly, Germany had the Presidency of the Council of the European Union, during which digital sovereignty became an important issue on the policy agenda. Secondly, a series of critical vulnerabilities demonstrated the fragility of open source infrastructure, and the need to make it sustainable. The Log4Shell vulnerability was discovered just weeks after the latest feasibility study on a new Sovereign Technology Fund, which was published by a team of experts and OKF Germany. Based on this study, the German government is committed to providing €10 million per year of funding to open source development.
Adriana made an important point in her talk: if you want to have innovation, you also need to think of infrastructure. Innovation has been a digital policy buzzword for a long time. But increasingly, increasing awareness over the importance of sound infrastructure is growing, for example through policies like the German Sovereign Technology Fund or the American Open Technology Fund. She also echoed Mike’s point about global interdependence and the specific character of sovereignty that open source policies support. She does not want to support only “open source made in Germany”, and is interested in thinking in terms of contributions to a larger global ecosystem.
In the last year, a report by Open Forum Europe, commissioned by the European Commission, has demonstrated the economic value of open source. Open source software is estimated to contribute €65-95 billion to Europe’s economy. But more importantly, and going beyond economics, the government’s involvement in open source development is mature enough to understand its value in shaping more than just the economy.
We are expecting open source policies and new public technology funds to be an important policy topic in Europe this year. The EU Open Source Policy Summit, organized on 4 February 2022 by Open Forum Europe, will be an opportunity to understand the state of this discussion.
