Last month, the White House proposed a Federal Source Code Policy, and invited public comment via Github and traditional channels. Although this isn’t the first policy that they’ve opened for comment on Github, this is the first time they’ve engaged the open source community about open source policy in a open source way. This policy aims to improve “the way Federal agencies buy, build, and deliver information technology (IT) and software solutions” by using Open Source Software to “better support cost efficiency, mission effectiveness, and the consumer experience with core Government programs.” On Monday New America’s Open Technology Institute submitted our comments in response.
It is exciting to see the White House lead by example with a productive policy recommendation, which signals that the White House “gets it”—in policy and practice—on this issue. The process of seeking comment from the Free Software and Civil Society communities is a welcomed change, beyond traditional comment procedures or traditionally engaged stakeholders—federal contractors and experts.
This draft policy represents a shift away from the discussion that has been taking place for well over decade—whether or not Open Source Software is at all suitable for government use—to the much more relevant question of how to implement Free/ LIbre and Open Source Software (F/LOSS). The technical merits of Open Source have been widely proven, as indicated by widespread industry adoption for everything from cloud services to the Android operating system. This draft policy will put the government on equal footing with the tech industry, incorporating lessons that have been learned in Silicon Valley and beyond.
The process is also refreshing in that comments were solicited and accepted through GitHub. For those unfamiliar with GitHub, it is a company that provides hosting primarily of software source code repositories. GitHub’s core service itself is based on a Free Software tool called git, which helps users track changes to their work and their collaborations with others. The most common use is for managing computer code, but people also use it for writing and tracking progress on projects. GitHub is among the largest repositories of free code, possibly the largest, in the world. It has a massive community of developers who interact with it daily and is a major part of how code gets written everyday by companies, nonprofits, volunteers and even government.
While, as we make clear in our comments, GitHub should not be the only place where code is stored and discussed, the use of GitHub shows that the White House understands where the community around Open Source Software is congregating, and that it is willing to meet technologists where they are in hopes of receiving better feedback on tech policy.
In our comments, OTI urged the White House to focus on a few specific issues of concern to us. These include:
Recommending use of existing licenses, rather than new government specific ones, in the hope that this policy doesn’t create a siloed “Open Source for Government” sector.
An adoption of an “open by default” approach—so that all of the educational, security, and community benefits of F/LOSS can be realized. We want as much to be open as possible, even if parts of the code can’t be released for national security reasons, it should not be all of the code that is exempted—even code written for security agencies should, for the most part, be released.
We encourage the 20% baseline for release of Open Source code put forward in the draft policy to be seen as the floor of acceptable compliance, not the ceiling.
An adoption of Open Source should also include an attempt to evaluate the accessibility of the communities around Open Source projects it creates, and should follow best practices and institute codes of conduct.
Finally, the government should consider the long-term viability of this approach with regard to long-term storage and availability. While GitHub is currently a useful place for community engagement, it ultimately does not fill a role best played internally by parts of the government and also requires the continued existence and benevolence of GitHub. The National Archives, Library of Congress or the GSA might all be appropriate parts of the government to fulfill such a long-term task.
The feedback has already been extensive, and with the deadline extended for another seven days, there’s hopefully more to come. With over 145 individual comments (at writing), there’s a lot to take in. We hope that the White House and the Office of Management and Budget use the feedback from OTI, as well as other commenters to push forward a strong policy for the implementation of Free/ Libre and Open Source Software in government. A policy that has been a long time in coming.
If you are interested in participating in this pivotal policy discussion, you can submit comments (until 11:59pm Eastern Time on April 18, 2016) at the Github page for the White House Source Code Policy, or add plus-ones to previous comments.