Government policies favoring open-source software adoption should be wildly popular within the open-source crowd. Yet, at an open-source conference in Amsterdam today, I kept hearing the opposite. Despite the Dutch government's best intentions to foster open-source adoption, some people think it may actually be doing the opposite.
By many measures, the Netherlands is a great place for open-source software. In 2007, the government started to phase in a policy that gave preferential treatment to open-source software in IT purchasing decisions. Initially, at least, the policy seems to have been a success, with a July 2009 study highlighting a wide array of open-source software in use by government.
Sounds good, right?
Maybe not. According to sources within the government and others that sell to the government (both proprietary and open-source vendors), the government's rigid definition and management of the policy has more often than not thwarted its attempts to go open.
At its core, however, the problem derives from a mismatch between ends and means. The government's goal--"to increase the sustainability of information and innovation, while lowering costs through the reuse of data"--is not always best achieved by open source. A proprietary program with a broad community that is fully open standards-based could actually be a better solution to achieve this end than an open-source solution, particularly if it has a small community and smaller adoption.
That's because "openness" is not simply a measure of software's licensing. That's not even necessarily the most important consideration, as Tim O'Reilly reminds us.
But the government's policy doesn't look beyond whether the software in question is licensed under an OSI-approved license. This is what we thought of open source five years ago, but these days, this line of thinking is increasingly outdated.
An OSI license is a fruitful beginning to an open-source policy, but if it's the end, then the Dutch government's policy begins and ends with lawyers, who are almost certainly not the best equipped to evaluate IT solutions.
Indeed, the commentary I heard today confirmed that inbound software is first reviewed by the Dutch government's lawyers. If there's not an OSI-approved license attached to it, even if the software is provided by an open-source vendor with full rights to view and modify the software (but not redistribute it), it's out.
This wouldn't be so bad if there was a plethora of alternatives in each given product category for the government to choose. But there isn't.
Hence, more often than not the government ends up buying an established proprietary solution. It's very difficult for most products to run the legal gauntlet that the government has established. The vendors that do are either too small to effectively service the government's requirements, or they're Red Hat, which focuses on a limited infrastructure product portfolio.
Having painted itself into a legal corner, there's one easy thing for the government to do: buy the same proprietary software it always has.
Given that the policy allows for selection of a proprietary product if a suitable open-source alternative doesn't exist, the stated preference for open-source solutions is turning into a minor speed bump on the way to continued acquisition of proprietary software.
This is silly.
The Dutch government should focus on the end: open, interoperable solutions. True, doing so requires more thought than a binary decision based on a license. But it's a much smarter policy to balance a range of factors (freedoms and constraints of the license, community associated with the product, open standards, payment model [license fee vs. subscription], etc.), in order to reach a more thoughtful position on a given piece of software.
Such a policy would result in more open-source software adoption, not less. It would let open-source software compete on broader criteria than the license. Open source, and the trends it has inspired, are much more than a license. Other considerations, such as open data policies, take precedence in our networked age.
The Dutch have the right intentions. But the way they're managing their open-source policy is not helping them most effectively reach the goals they seek.
Enterprises and other users deploy open-source software because it works. For those of us in the open-source vendor community, however, too often we waste time talking about issues that have relatively little resonance for the vast majority of users.
We miss the mark on open-source marketing. In fact, it's often the case that the very standards we seek to set for the software world--interoperability, transparency, etc.--are better observed and delivered by open standards than by open source.
As a case in point, Red Hat and other open-source companies (including Alfresco, my employer) routinely advertise "no lock-in" as a key reason to buy open source. There are two problems with this marketing pitch: one, it's only technically true, and two, customers don't care, as Redmonk's Stephen O'Grady recently noted.
On the first, it's true that open source can reduce vendor lock-in by ensuring that a customer can get support and ongoing code development from someone other than the original developer of the software. But this is only trivially true.
Once a customer invests in a particular vendor (be it Red Hat or Canonical or Novell or MySQL or...), there will always be a cost associated with leaving that vendor, a cost that arguably isn't much different whether that vendor's code is open source or proprietary.
Cost aside (which is easier said than done, as cost is the primary consideration for the buyer), the support options for Vendor X's code from Vendor Y or Z are unlikely to be on par with what Vendor X can deliver. Just ask Red Hat about CentOS or Oracle Enterprise Linux support. ("Compatibility with Red Hat Enterprise Linux can only be verified by Red Hat's internal test suite.")
Apparently there's no lock-in...so long as you stay with the original open-source developer. :-)
The reality is that open-source vendors should be pitching real value to real customers. As Josef Assad presented at the Open Source Days 2008 conference, open source should strive to "lose the TCO (total cost of ownership) war with proprietary vendors." Open-source value is about performance and flexibility at a great price--and not necessarily about absolute freedom from lock-in.
Red Hat gets this. That's why most of the time it sells the value of its subscriptions, and not the hocus-pocus "no lock-in" story. Red Hat doesn't have 75 percent of the paid Linux market (or, probably more accurately, 62 percent, according to IDC) because of its lock-in story.
Would-be customers don't care about that. Really. They just want Red Hat's performance and price, especially compared with Unix.
In fact, to the extent that customers really do want interoperability and reduced vendor lock-in, it's open standards that they should be asking for, not open source.
IBM's Savio Rodrigues points this out in his analysis of the different permutations on the open-source WebKit project. Serdar Yegulalp adds to the analysis:
Source code is a building block, not a standard. It's something you turn into other things. A standard is something that stands above and apart from all of those things, a guideline for what that finished product ought to be like....
The problem with using code as a standard is simple: it's too fluid. The minute you implement it in something, it's not the same code anymore. It almost always has to be changed to fit its container, as water changes to fit.
Open source is an indispensable complement to open standards, but it's not a substitute for them.
This isn't the only area where open-source vendors misread customer tea leaves. For years open-source insiders have debated definitions for "open-source vendor," even as customers shrugged their shoulders and continued using open source--from different vendors with very different business strategies--without worrying about the various shades of ideology and pragmatism that fuel open-source development. I'm as guilty of leading this foolish march as anyone.
Real customers simply don't care.
This is why I think Sun open-source guru Simon Phipps' proposed expansion of the Open Source Initiative's charter is misguided, though very well-intentioned. (The 451 Group's Matt Aslett also weighs in on the proposal.)
Phipps wants the OSI to establish a "holistic vision of software freedom against which businesses can be benchmarked" because too many companies, apparently, are calling themselves "open source" without a consistent definition for what this means.
I don't think it matters. The reality is that businesses don't seem to have any trouble adopting open source regardless of such "truth-in-labeling" initiatives. Gartner suggests that 85 percent of businesses are already using open source. Forrester tells us that a big majority of enterprises are adopting open source because it's delivering real cost and quality benefits to them.
And so the problem is...?
Well, the problem is that open-source advocates are often out-of-sync with open-source adopters. We probably need a new breed of open-source advocate, as ZDNet's Jason Perlow suggests, the kind that reflect customer interests in pragmatic adoption and not advocates' interest in controlling and fine-tuning that adoption.
We don't need paternalistic oversight of open-source adoption, and we don't need to fuel it through vague and inaccurate marketing. Open source is a fantastic way to develop and distribute software. Customers recognize this and don't need to be cajoled or confused into buying.
One of the profound failings of the open-source movement is how insular it has allowed its ideology to be. While the commercialization of open source has necessarily forced a new dialectic into open source (one with many different shades and permutations), it's amazing just how unyielding some opinions can be. While constancy is good, it can also be the "hobgoblin of mediocre minds" and reflects a somewhat stagnant discussion within the open-source development community.
It also reflects the theme of noted legal scholar Cass Sunstein's new book, Going to Extremes: How Like Minds United and Divide, part of which is excerpted in The Spectator ("To become an extremist, hang around with people you agree with").
The message is unnerving and suggests the importance of broadening the open-source tent:
When people find themselves in groups of like-minded types, they are especially likely to move to extremes....The most important reason for group polarisation, which is key to extremism in all its forms, involves the exchange of new information. Group polarisation often occurs because people are telling one another what they know, and what they know is skewed in a predictable direction. When they listen to each other, they move.
Suppose you are in a group of people whose members tend to think that Israel is the real aggressor in the Middle East conflict, that eating beef is unhealthy, or that same-sex unions are a good idea. In such a group, you will hear many arguments to that effect. Because of the initial distribution of views, you will hear relatively fewer opposing views. It is highly likely that you will have heard some, but not all, of the arguments that emerge from the discussion.
After you have heard all of what is said, you will probably shift further in the direction of thinking that Israel is the real aggressor, opposing eating beef, and favoring civil unions. And even if you do not shift--even if you are impervious to what others think--most group members will probably be affected.
Lest we think Sunstein is just picking on Harvard Law School graduates (I joke!), it's amazing to watch this same destructive group-think plague the open-source community, a portion of which is on display in the comments to any of my posts that discuss such horrifying ideas as "Open Core" (gasp!), Microsoft as a bona fide open-source player (yikes!), or, really, anything that fails to discuss knighthood and/or sainthood for Richard Stallman.
We've come a long way since the early days of the free-software movement. Eric Raymond, Tim O'Reilly, Michael Tiemann, Larry Augustin, and others broke that free-software mold with the coining of "open source" back in 1998, but far too many opinions seem stuck in a calcified past, largely because they spend a lot of time yelling down opposing views, rather than associating with them and listening to them.
This might include, for example, more business-minded open-source people. But it would also be helpful to include those in the open-source community that are deeply affected by open source, but may have very different views on what open source should mean, including representatives from Microsoft and Oracle, or simply developers who disagree with the current board's opinions.
I'm sure the current OSI board disagrees. It's not alone. OSI board aspirant Bruce Perens partly based his candidacy to be on the board on the premise that the OSI needs fewer vendors represented and definitely not Microsoft. I doubt Perens will agree with much of what I write here.
Even so, the OSI--and open source more broadly--would do well to incorporate the various, opposing biases that make for real debate...and better results. OSI President Michael Tiemann calls out others' bias without seeming to recognize just how helpful it would be to have that bias represented at the table.
Less group think, in other words, and more group debate. This is what open source needs. It would be wonderful to have it start at the top with the OSI.
Follow me on Twitter @mjasay.
Someone needs to tell the Open Source Initiative, Google, and others who fret about license proliferation that the market has already cut down the number of actively used licenses to just a small handful: L/GPL, BSD/Apache, MPL, and a few others (EPL, CPL). Even so, the OSI has decided to kickstart its stalled movement to reduce the number of open-source licenses condoned by the OSI.
As OSI board member Russ Nelson writes in the board minutes:
Mr. Nelson moves that we form a license proliferation committee to evaluate all existing licenses into two tiers - an upper tier and a lower tier of licenses (e.g. "recommended" and "compliant"). The role of this committee would be to establish criteria for assigning the tier for each license, use a new license-proliferation mailing list for discussion and come up with a final list of two tiers of licenses....The deadline for presenting the draft recommendations from the committee back to the board will be October 2008.
It's a worthy cause, but one that has already been effectively fought and settled by the free market. I would hazard a guess that upwards of 95 percent of all open-source projects are licensed under less than 5 percent of open-source licenses. (The last time I checked, 88 percent of Sourceforge projects were L/GPL or BSD. It's been a non-issue for many years.)
There is no open-source proliferation problem. Do we have a lot of open-source licenses? Yes, just as we have a lot of proprietary licenses (in fact, we have many more of those). But we don't have a license proliferation problem, because very few open-source licenses actually get used on a regular basis.
This is a phantom. It seems scary, but it's not real.
Disclosure: I used to serve on OSI's board.
Sunday morning, and I couldn't help but ponder Michael Tiemann's excellent note on Microsoft's revised (and improved) Open Specification Promise and "what Microsoft can do for open source."
Michael rightly notes that Microsoft's Promise, while certainly improved, still leaves much to be desired. No surprise there, which leads Michael to a thoughtful, probing analysis of what Microsoft could do to fully engage with open-source communities:
Let's think big. The open-source community already has more than a billion lines of source code at its disposal, and it's doubling every 12.5 months, so I think it's fair to say "we don't really need your code." And we also know that money alone is no substitute for the freedom to innovate that we so crave. So what big thing could we do with Microsoft's cooperation?
There are really four things on my list, but if they did only the first, it would be a meaningful start. The list is:
- Pursue the abolition of software patents with the same zeal they showed in their efforts to get OOXML approved as a standard.
- Unilaterally promise to not use the DMCA to maintain control of their Trusted Computing Platform.
- Transition to 100 percent open standards (as defined by the OSI, IETF, W3C, or the Digistan).
- Stop trying to maintain their monopolies by illegal, anticompetitive means.
These sound more like an ultimatum than a request for mutual action, but you get that in Michael's detailed discussion of these four items. In so doing, I think that Michael does an excellent job of demonstrating how to work with Microsoft:
... Read more
Steve Ballmer may not have anything better to say than "blah" and "Google" in his analyst meetings, but his open-source group came up with a doozy today.
The flawed Open Specification Promise (OSP) just became whole. Or close to it. Microsoft has opened up its Open Specification Promise to make it meaningful and usable to a wider group of people. Even Groklaw, which sets a high (and generally fair) bar for Microsoft is impressed.
Microsoft's OSP has been controversial in part because it's basic covenant not to sue developers was crippled by its application only to noncommercial developers, as well as other ambiguities that have been resolved. With this update to the OSP, this restriction is gone, as Sam Ramji, Director of Microsoft's Open Source Software Lab, confirmed:
Microsoft is putting a wide range of protocols that were formerly in the Communications Protocol Program under the Open Specification Promise (OSP). This guarantees their freedom from any patent claims from Microsoft now or in the future, and includes both Microsoft-developed and industry-developed protocols.
... Read more
When I texted Sam Ramji to let him know about Sandcastle, and he quickly texted back that he would look into it, I figured that a) it hadn't yet hit anyone's radar at Microsoft and b) that he'd fix it.
Fix it, he did. As Mary Jo Foley notes, it was "doubtful [that] Microsoft was willing to risk the wrath of the OSI over a documentation compiler." I'd go one step further. Once alerted to Sandcastle's violation and to the importance thereof, it was doubtful that Microsoft's Sam Ramji and Co. would be interested in the code, however important/non-important it might be.
Sam gets open source. He's not always supported in this understanding by the larger Microsoft entity, but Sam gets it. His apology to the OSI is direct, concise, and appropriate:
This is unacceptable and represents a violation of Microsoft's Open Source policy. I take it extremely seriously.
I have directed the project to be unpublished from Codeplex immediately, including removal of the project's use of the Ms-PL. If the team chooses to publish the source code and follow Microsoft policy, then the project may be re-published in the future. If not, we will remove all references to Sandcastle from Codeplex.
... Read more
The Open Source Initiative just announced the results of its 2008 board elections. The good news? I'm out. (I wasn't able to give the amount of time needed by the OSI--the OSI is a lot of work.)
The better news? Some fantastic new faces are in, namely Martin Michlmayr (Linux International, Debian, HP) and Harshad Gune (GNUify Conference, Symbiosis Institute of Computer Studies and Research in Pune, India).
I'm really happy to welcome Martin and Harshad to the OSI board, and to see the others remain (Danese, Michael, Russ, Ken, Alolita, Nnenna, Rishab, and Bruno). It's an excellent group of people, one well qualified to uphold the ideals of open source.
Bruce Perens wants to be an OSI board member. That's fine. But he also seems to want to engage in scorched earth political campaigns to get there. That's not so fine.
Bruce claims that the OSI is over-represented with vendors and, populist that he is, wants to return power to the "people" (i.e., developers). I can appreciate this. I made the same point about the Linux Foundation when it was formed from the ashes of the FSG and OSDL.
But this is where Bruce's candidacy loses some of its potency. To merit a board role, Bruce must show that he's for more than he's against, and he must show that he has actually done something for open source in the recent past. From his post we know that he's against Microsoft joining the OSI, but this is a strawman, as is his fight against special (corporate) interests channeling the OSI's energies. But tilting at strawmen isn't enough to justify an OSI board role.
As an outgoing board member, and perhaps the most corporate of the bunch, I wanted to respond specifically to Bruce's insinuations. In so doing, I'm speaking as Matt Asay, and not for the OSI.
... Read moreBehold, all ye that kindle a fire, that compass yourselves about with sparks: walk in the light of your fire, and in the sparks that ye have kindled. This shall ye have of mine hand; ye shall lie down in sorrow. (Isaiah 50:11)
This is one of my favorite verses in the Bible, and partly because of the rich imagery, but also because I run afoul of it all the time. The verse deals with self-aggrandizement and becoming a law unto oneself.
In the open-source world we see it with people trying to define open source to fit their chosen business model or philosophy - drafting off the value the words "open source" connote. It's not that everyone needs to adopt the same business/revenue model, but rather that we need to be clear about what we're selling.
Microsoft has actually been one of the best (positive) examples of this. ... Read more
