European parliament strongly recommends open source software

(european-pirateparty.eu)

170 points | by ashitlerferad 10 days ago

14 comments

  • elyseum 10 days ago

    The intro of the text makes it look more like a cost cutting measurement. Luckily the end states that “publicly financed software developed for the public sector should be made publicly available under a Free and Open Source Software licence. If it is public money, it should be public code as well.”

    • timkam 9 days ago

      The same statement should apply to research papers; I am happy that the EU is pushing for this as well, with considerable success.

      • ken 9 days ago

        It sounds like it was introduced at the EU in a budgetary context, and that's how the article begins, but the party is not just looking at money. The first thing they say about it is: "Open Source Software improves transparency and trust from citizens".

      • elcomet 10 days ago

        In addition to open sourcing their own software, I hope governments and the EU will pay developers and maintainers of open source software they use.

        • Based my first hand account - there are very timid attempts to open source some libraries - mostly used in between the EU institutions. Code given as a zip, no access to a repo.

          There is plenty of anxieties around the subject still, so work does not take place in the open.

          Supporting Open Source projects that are used internally are still deep in the woods, ironically thought one could find reference in documentation to “helping out the community” as a stated benefit of using Open Source...

          • toomuchtodo 9 days ago

            How can we help these efforts? How can we make gov more willing and comfortable with publishing to repos and working in public?

          • amelius 10 days ago

            They should. I think that if there are grants for scientific research, there should also be grants for open source projects.

            Right now there is a complete framework for research grants (national organizations and the European Research Council), but afaict no such thing exists for open source projects. I think this should change.

            Also, there should be structural government support for security hardening/audits.

            • erk__ 10 days ago

              They have been giving out grants for Checking security of open source software. I think that in the past projects such as Rust and curl have gotten grants to make a review of the code.

              • amelius 9 days ago

                Certainly, but how large was the budget?

                Then compare it to the 10-100 billion euros spent annually on scientific research [1].

                I'm not saying that the budgets should be equal, but there should be some proportionality.

                I also think it should be easier for universities to have scientific programmers (who would write open source software) on their payroll.

                It's especially important for Europe as more research on open protocols means that the internet can become less dependent on large US corporations. And for this type of research you'd need developers.

                [1] https://www.nature.com/articles/d41586-019-01566-z

              • Retric 9 days ago

                Traditional grants are a poor fit for OSS development. The application process adds a lot of overhead and results in payouts for those that optimize the process rather than write good software.

                The best implementation I can see is for government institutions to vote on the most useful OSS software with awards for the winners.

            • jamieweb 10 days ago
              • xondono 9 days ago

                The bigger problem from my experience is that there’s too much duplication of efforts because of how grant money is distributed.

                I think it would make a lot of sense to have some sort of voting system where institutions could propose and vote OSS packages and make grants available while making sure teams worked together.

                The team I worked in had for some reason invested in creating a full-fledged python interpreter that loaded CERNs ROOT framework and had that many finicky dependencies that the team just shared an ubuntu image with everything installed. And that was some auxiliary setup, we were building hardware systems for precise timming until the team realized that another team from the same institution was working on a similar problem with 10x the budget.

                • jotm 9 days ago

                  You'd think it would be easy to track with a database of "Active projects" with tags, easily searchable, and a point on the to-do list: "Check for the existence of projects with similar functionality before starting a new one"

                  • iguy 9 days ago

                    But the problem is wider than just not knowing what others are doing.

                    Grant money for writing things tends to encourage everyone to start their own thing, because having something you own is a good story to tell, it makes you look like a leader (at least in your reports) in a way that contributing bug-fixes to someone else's project simply doesn't. (In commerce it's the other way around, the guy with many clients can split the cost, and thus give more functionality per dollar, and thus out-compete the little guys.)

                    GP's suggestion of giving end-uses some kind of tickets to distribute to software they use, and then pay its developers, sounds like a smart way to encourage consolidation.

                    • xondono 9 days ago

                      The whole EU grant process it’s a giant mess. I’ve seen job postings for developers where the most important required skill was knowing the grant process and how to write successful proposals (which is an art form itself).

                      This has provided a specially perverse incentive for people that are involved in both academia and politics.

                      I know of a certain emeritus professor that was particularly involved in national politics (spain did not have that many engineers 60 years ago), his engineering skills are average at best, since he has spent his whole life working the politics of academia. That said, he had so many titles and awards that just his qualifications earned the company he created a lot of points towards getting substantial grants. The startup has been getting >1M€/year since 2014 from the EU, plus indirect investment from private firms that can claim special benefits. All money they get they “invest” into getting stuff like patents, that allow them to claim IP with made up value.

                      They actually have a patent for a robot architecture for which there’s no analytic solution to inverse kinematics, meaning that instead of having a trigonometric formula for computing the position of the robot, we had to do an exhaustive search simulating the position of the robot in 3d space until we were close enough.

                • CuriousSkeptic 10 days ago

                  If only this extended to open data as well.

                  I started developing what was to be an open source nutritional planning app and found this project (https://www.eurofir.org/) which is apparently funded by heaps of my tax money.

                  I can’t tell you how frustrating it is to not be allowed to use that data for public good.

                  • lifeisstillgood 10 days ago

                    I am very glad to see this - I have been banging on about this (unsuccessfully) for years - http://oss4gov.org/

                    Good news, even if it is only EU parliament.

                    Edit: one thing i do think will help adoption is credentialed support - so it's pretty obvious I can always find some other company who knows Apache httpd - but far less obvious if I want to use a mid-ranking piece of OSS and if we are having to build our own OSS system (say something to manage building planning permission).

                    But if there were consortiums of OSS ISPs who could cross certify on a given piece of software it would get over one of the huge if not hugest problem - who do I call if there is a problem and are they credible?

                    • sayusasugi 10 days ago

                      I recall several European nations switching government systems over to Linux only to have Microsoft worm their way back in a few years later. Let's hope it's permanent this time.

                      • Tarq0n 9 days ago

                        This has never happened at the nation state level in Europe.

                        I don't think it's a good idea anyway to switch every client over, but it would be nice if governments would consider Linux for servers more. The default assumption of new machine = new windows licence is very wasteful.

                        • AnthonyMouse 9 days ago

                          Governments are actually an ideal place to switch over the clients, because they're large enough to deal with it.

                          If you're a small business and your files are in Microsoft formats and none of the conversion utilities are very good you're in trouble. If you're a government with hundreds of IT staff, you can improve the conversion utilities. You can make "runs on Linux" a requirement for software you buy and be large enough that vendors will port their software to Linux in order to get your business.

                          That is why Microsoft is so afraid of governments doing this. Because once the conversion utility is improved, it's improved for everyone. Once the vendor takes the time to do a Linux port, it exists for everyone. Which makes it cheaper for other entities to switch to Linux, which causes even more progress in reducing the friction to switching for everyone else.

                          • Tarq0n 9 days ago

                            Ideally yes but in reality no. Governments are the ultimate "enterprise" IT environment. Highly ossified and completely dependant on outside suppliers. On top of that procurement processes take a while. So there's a whole ecosystem that's slow to change that has all been built with the assumption that it will be ran on Windows server. Any changeover process would take so long it's unlikely to survive every political change of guard during that time.

                            That's not even mentioning things like the extreme reliance on Microsoft AD.

                            • AnthonyMouse 9 days ago

                              This is why you do what Munich did. Step one, before you install your first Linux machine in production, require all your software to run on both systems. That also trains the users to use LibreOffice and Firefox and so on, even though they're still using Windows, and you can do one application at a time over however long it takes. No new software is permitted that won't run on Linux, even while you're still on Windows, and any existing software gets phased out.

                              Step two, you change out the underlying OS and people barely notice because all the applications are the same.

                        • Nursie 10 days ago

                          I think this is more of "We should use FOSS and create FOSS for our projects" than "Linux everywhere.

                          As such probably more pragmatic. Also I very, very much agree that if the public is paying for it, it should be published.

                          • collyw 10 days ago

                            I think basically Linux didn't work that well for them more than "MS worming their way back in". It sounded pretty pragmatic in the case of Munich from what I read.

                        • wrnr 9 days ago

                          I don't know, the only positive thing that can be said about some software is that it is open source. In the past it has been more profitable to sell my time at an insane hourly rate to keep a pile of crap running yet I struggle to sell simple SaaS solution. Lack of product market fit on my part and I'll keep working on it, but in the mean time I am not going to take this sanctimonious talk about OSS by politician that are better paid then me and have a pension plan to boot. We are all rent seeking but I don't hold my nose up to those doing the hard work and try to shame them out of their hard earned money.

                          • based2 8 days ago
                            • whatever1 9 days ago

                              I am curious if the recommendation would had been the same if the EU had any serious stake in the software development industry. I try to think of any piece of software that I use daily that is not imported from the US, and I struggle.

                              • ken 9 days ago

                                The EU gave us Spotify, SoundCloud, Minecraft, and Angry Birds. There's plenty of EU software companies you've heard of.

                                It's true that most brand name consumer software is from (companies headquartered in) America right now, though all of the major companies also have dozens of offices in Europe. (Chrome's V8 was famously written in Denmark, before Google even had an office in that country.) Are you suggesting this could be a response to American companies hiring people in EU countries, but avoiding paying their share of corporate taxes there? That's possible, but it doesn't sound to me like that's the reason.

                                I think it's at least as likely they're hedging against the different countries in the EU each developing their own (incompatible) software and playing against each other. In politics and business, America tends towards "market will solve all", while the EU tends towards "there's dozens of us so we need to cooperate to get anything done".

                                Maybe they looked at America and saw it as a cautionary tale. California has a massively disproportionate power over everything related to computers today. Europe has a bit of history with one member state trying to exert a disproportionate power over the rest.

                                • jarym 9 days ago

                                  SAP (don’t know if you use it but it is widely used by a lot of Corps)? To name one. But point taken it’s not an industry on same scale as US tech

                                • mark_l_watson 10 days ago

                                  Interesting that there is no mention of using Lunux or FreeBSD.

                                  • Proven 10 days ago

                                    And they're experts in ... spending other people's money and telling others what to do.

                                    Members of the EU Parliament & Pirates have contributed close to 0 lines of code to OSS. Thank you for your service!

                                    • gostsamo 10 days ago

                                      Actually, the European Commission and the EP had a program under witch they identified open source software used in the institutions and paid developers maintaining them to fix bugs. Nodepad++ was one of the programs as far as I know.

                                      • thecureforzits 9 days ago

                                        Breathless hyperbola like this makes me less likely to support your ideology. Feudalism isn't coming back, deal with it.

                                        • im_dario 9 days ago

                                          Actually, previous German MEP for Piratenpartei got one million budget to pay security audits for Apache and Keepass https://juliareda.eu/2016/10/ep-votes-to-extend-fossa/

                                          • erk__ 9 days ago

                                            It is not like that there have been no open source software developed by people working at the european paliment either. You can find such projects on the joinup page where they have projects/documents/other fluff related to this.

                                            https://joinup.ec.europa.eu/

                                          • wrnr 9 days ago

                                            Don't get ur hope up, Wikipedia is the best side ever, but it is run on the worst software ever, WikiMedia, I'd think that with the 100 million they get in donation every year it would be better.

                                            • wrnr 9 days ago

                                              Seriously they don't even have a WYSIWYG, I've build a WYSIWYG, and it was fun and profitable. This is what u don't get, OpenOffice did not beat MsOffice, no close sourced google cloud did, in the mean time they changed their name to LibreOffice because of some tiresome disagreement.

                                            • TomMarius 10 days ago

                                              I wonder how that plays together with their intent to firewall the European internet, track it and otherwise mirror Chinese development. Seems like plain PR to me.

                                              https://www.europarl.europa.eu/RegData/etudes/STUD/2020/6487...

                                              • tpush 10 days ago

                                                > their intent

                                                This study does not express the intent of the EU or the European Parliament, but is the opinion of their authors, all working for the same company (Future Candy).

                                                • TomMarius 10 days ago

                                                  This document is by the Policy department of the EP. That a company wrote it does not mean that it's their opinion - somebody from the Policy department requested and oversaw it, and then accepted it and published for their managers (the von der Leyen administration itself) to use.

                                                  • tpush 10 days ago

                                                    Fron the document itself:

                                                    "DISCLAIMER AND COPYRIGHT The opinions expressed in this document are the sole responsibility of the authors and do not necessarily represent the official position of the European Parliament."

                                                • dieortin 10 days ago

                                                  Could you post the specific part in which that document talks about firewalling the European internet?

                                                  • TomMarius 10 days ago

                                                    Here:

                                                    The basis of our arguments is rooted in a new approach of the European Commission manifested in the ambitious agenda that the President of the European Commission Ursula von der Leyen put out in mid-February 2020. The general idea in our action plan is that Europe should play a leadership role in all digital developments. How to do that? The authors of this report are convinced that three bold action plans are required:

                                                    Action Plan 1:

                                                    European Cloud / European Internet

                                                    A European firewall/cloud/ internet would foster a digital ecosystem in Europe based on data and innovation. It would drive competition and set standards, similar to what has happened in China in the past 20 years. The foundations of such a European cloud are democratic values, transparency, competition and data protection.

                                                    • shock 10 days ago

                                                      My reading of that text doesn't suggest a copy of the great firewall of China, it rather implies e desire to mirror the Alibaba cloud, and the whole digital ecosystem that developed in China as a result of the language barrier, among other factors.

                                                      • TomMarius 10 days ago

                                                        The whole document is basically praising how trackable and closed the Chinese internet and "superapps" like WeChat and Alipay are. I am not convinced.

                                                      • lars_francke 10 days ago

                                                        I also see the reference to China there but it's qualified: Transparency, democratic values etc. It also never mentions anything being closed. So I don't think the original criticism/fear of a closed European Internet can be read into this.

                                                        The thing this refers to - I believe - is among other things GAIA-X: https://www.bmwi.de/Redaktion/EN/Publikationen/Digitale-Welt...

                                                        • TomMarius 10 days ago

                                                          > but it's qualified: Transparency, democratic values etc.

                                                          Yeah, the communists were telling us that for 40 years. Words don't always match the reality, especially when someone is plainly talking about stuff like transparency and democratic values (what does that even mean in the context of an Internet firewall?).

                                                          • lars_francke 10 days ago

                                                            They don't.

                                                            You haven't put forward any arguments that supports your position though. You mentioned unrelated things. This is not a paper from the Chinese government or a communist party so why should. That kind of reasoning is a slippery slope in my opinion.

                                                            • TomMarius 8 days ago

                                                              We are talking about Ursula von der Leyen, isn't that enough? Do you not know her history with internet censorship?

                                                        • AlbertoGP 9 days ago

                                                          It might help to mention the past actions of Urusla von der Leyen when she was in the German Government:

                                                          Zensursula is the online nickname given to Ursula von der Leyen, the former German Minister for Family Affairs who came under media scrutiny in 2009 for her strong advocacy of censorship laws against online content that may be deemed "inappropriate" by the federal government, especially on the issue of child pornography.

                                                          In January 2009, Germany's Federal Ministry of Family Affairs launched the first government initiative towards more strict censorship of child pornography on the Internet. Formally known as the Access Impediment Act, it was drafted under the leadership of the Family Affairs minister Ursula von der Leyen[1], one of the staunchest advocates of Internet censorship in the federal government.

                                                          The Act proposed a mandatory blockage of online child pornography by Internet service providers through a blacklist of illegal websites maintained by the Federal Criminal Police Office of Germany (BKA). In the following days, the legislative proposal sparked a political debate among German Internet users about whether the state may or should have an infrastructure to censor the internet.

                                                          While the initiative was mostly geared towards taboo topics like terrorism and child pornography, the scope of online debate became focused on general censorship of content on the web. Due to her vocal support of the censorship laws, the critics dubbed the Family Affairs minister "Zensursula," a portmanteau of the German word "Zensur" (Censorship) and her first name "Ursula." The nickname quickly gave way to a slew of parodies including original songs and remixes.

                                                          https://knowyourmeme.com/memes/zensursula

                                                          That does not mean that the intention is to copy China, but it does indicate her propensity to favor limiting access to information by the general population.