Open Source Policy Summit: Where FOSS and government meet
Sometimes it takes a war to make people pay attention
FOSDEM The Open Source Policy Summit is an annual event which attempts to explain the importance of software freedom to governments and policy makers.
The Policy Summit is an annual event organized by the Open Forum Europe, a Brussels nonprofit which describes itself as an "independent think tank which explains the merits of openness in computing to policy makers and communities across Europe."
This is an important job, but you might be forgiven if you've not heard of it before because it has a rather different focus to commercial or community events. While businesses are concerned with things like cost-effectiveness and service-level agreements, the public sector needs to think more about issues such as digital sovereignty.
The governments of nation states need to consider different priorities. For example, if you choose some cloud application for communications or storage, you need to think about where the servers are on which those apps will actually run, and where your data will be stored. Much of the software industry is American, and many PaaS apps use AWS and other cloud providers which are also primarily based in the USA. Given that the largest war in Europe since 1945 is under way not far from the eastern borders of the EU, this is focusing legislators' minds somewhat.
Of course, vendors of proprietary PaaS tools have answers for this. For instance, some may promise to keep your data in servers in a particular geographical region – for a charge, naturally. Few, though, are keen to just hand over a copy for you to run in your own jurisdiction, or on your own servers. Indeed, one speaker at the event talked about how European laws should not apply to open source companies.
Of course, commercial entities should think about such things too, but it's easy to overlook the ramifications. Although we can't reveal any details, we heard recently about a vendor which had not considered the legal interactions between signing NDAs with partners, and then storing the confidential info about other companies' forthcoming products in a cloud database hosted in another country. Violating an agreement or a contract is one thing for a business, though. It's quite different when you're the organization that sets the laws. That kind of thing could get you invaded, or help terrorist groups, or even cause a revolution.
This is an opportunity for both vendors of FOSS tooling, and for public sector organizations. Indeed, the recent setting up of the Linux Foundation Europe is one response to this, and its executive director Gabriele Columbro was one speaker. Unlike commercial tools, with FOSS ones, users are literally free to run them wherever they want or need. Another angle emphasized several times was that without the competitive pressures upon commercial PaaS vendors, FOSS ones are more open to cooperation and interoperability.
Matrix CEO Matthew Hodgson told us: "The hope is that both the open source players and eventually the commercial players will interop via Matrix for real-time comms.
- Microsoft is changing how it handles device diagnostic data to keep EU sweet
- US commerce bosses view EU rules as threat to its clouds
- Microsoft 365 faces more GDPR headwinds as Germany bans it in schools
- France says non to Office 365 and Google Workspace in school
"Rocket.chat already has support. Gitter added support back in 2020. Nextcloud is talking about adding Matrix into their clients alongside their current Nextcloud Talk offering. Meanwhile, other folks like Reddit are getting involved and Automattic too."
(If you're not familiar with these, Rocket.chat is a business-oriented chat tool that rivals the commercial Slack, while Gitter is aimed at developers and offers integration with various CI/CD tools and code-hosting sites. NextCloud is a self-hosted productivity tool, forked from the older OwnCloud suite.)
At the same time, there is concern among some FOSS types that the new EU chat control law will have negative effects on FOSS tools. It may depend on how the law is interpreted. We can only hope that it goes better than the well-intentioned but ill-conceived EU cookie law.
This year's event happened the day before the first real-life FOSDEM since 2020. The Reg FOSS desk was invited along by the Matrix Foundation, although ironically enough, using Matrix, we didn't actually manage to make contact with anyone from Matrix until after the weekend-long event was over.
But this sort of thing is why cross-platform adoption of standards can help. Last year, we noted that the latest version of Mozilla Thunderbird now includes Matrix chat support. It's basic, but it works, and it's a lot easier than, for instance, getting Slack to work with a third-party client. As this stuff gets more widespread, it should also mean more client support, and with any luck that will mean better tools. ®