Gendo

Category: opensource

ACTA and SOPA are great!

December 22, 2011

Author: arjen

<originally a Dutch Webwereld.nl column>

Socially aware people are, often justifiably, very good at moral indignation, but they just as often display a touching naivety. I recently watched with some surprise the American Occupy activists who were shocked (shocked I tell you!) as policemen (or university rent-a-cops) launched unprovoked attacks using batons and pepper spray.

It is indeed despicable that these officials use so much violence. But if people are still shocked by this in 2011, one has to wonder where they’ve been hiding for the last 10 years – have they not watched the news? Did they think that they could let stolen elections, illegal wars of aggression, shooting children with anti-tank weapons and the torture of innocent civilians happen without the ultimate consequence of their govenment using the same force against them?

But even the naive indignation of some Occupy activists about their government and its boot boys, is nothing compared to the childish surprise of the IT press about ACTA and SOPA. The copyright industry has for decades lobbied for the length of copyright to stretch to the end-of-time-plus-a-day extra.

Sony has no problems with infecting computers of their customers with what amounts to a virus.  A torrent of writs has poured forth from the offices of copyright enforcement. Babies and the elderly without a PC, deceased persons, and even a HP laser printer have been falsely accused of copyright infringement (labeled as “theft” by the lawyers of the industry). Surely we all know the kinds of organisations we are facing now?

That’s why I’m happy that the Kafkaesque combo of ACTA / SOPA has become clear. Now ACTA and SOPA have almost been rammed through, at least we all know where we stand. The wolves have thrown off their sheep’s clothing and shown themselves for what they are: predators with no interest in our welfare. We therefore need not be quasi-shocked about the fact that some large companies behave like predators.

Now we have determined that we are dealing with predators, we can take action. Acting all shocked and angry once a wolf reveals himself in a kindergarten playroom is not an effective measure – he is a predator. If you want to prevent a bloodbath, you need to build a fence around the playroom – or perhaps even around the wolf.

If we want IT to work for us, we must ensure that the technology is designed around our interests rather than the interests of software vendors or copyright serfs. We need computers and network devices that do what we want them to do, even if that is not in the commercial interests of a handful of large companies or the political will of illegal government lobbyists.

For over 25 years the Free Software Foundation has been the only organization calling for this. During the last 15 years the debate about the principles of free software has been almost completely overshadowed by the much more business-orientated and pragmatic approach of the Opensource Initiative. The reason to found the Opensource Initiative was literally the ‘too principled’ attitude of the Free Software Foundation.

Meanwhile, all the things that the FSF has  warned us about for so long have become the new and ugly reality. The complete lack of principle in discussing the applications of our technology is now starting to bite in very nasty ways. Almost all PCs (and I include Macs here), phones and game consoles have onboard functions that are not there for our benefit but for companies that want to earn our money. When you’re not in contol of your computer, is it still your computer / phone / console / router / etc … ?

This is an old political lesson: if you wait too long to protest, maybe you will no longer able or allowed to protest. This applies not only to addressing governments that start wars or the state stupidly bailing out the banks. This applies equally to the question of who is in charge of the computers and networks that we now all depend on. If we collectively do not demand principles as part of our tech, then we will get technology without them.

The ideas of the Free Software Foundation have never been more important. Not because proprietary software is worse (sometimes) nor because Free Software has become so much better (much!), but because our own systems, our digital home, is where we should all have have a say.

Only principled thinking (in addition to technical function) about our IT will keep the wolves from the door.

iTunes for ebooks

October 27, 2011

Author: arjen

<originally a Webwereld column – in Dutch>

In 1996 I got my first MP3s. Storage was expensive, so I burned files onto CD-ROMs. There were 10 to 12 audio CDs on a CD-ROM. Conversion of an audio CD to a series of MP3s lasted hours using an encoder from the command line. They could only be played on a PC (or a very expensive laptop) so I had no good answer to the frequent question from family and friends: “why do you bother?”.  Except that I was confident that bigger hard drives and smaller, cheaper laptops would evolve. I first had an audio PDA in 2000 – with a 256Mb memory card that could hold a few albums. I’ve forgotten what all that has cost, but probably quite a lot.

A year later, Apple came out with iTunes to make it easy to manage digital music collections. The first iPods with graphical software came along soon after, and MP3s were accessible to a wider audience. The result is that virtually all music can be downloaded from somewhere. It is up to the individual whether to pay for it, because downloading is not illegal in many countries and even where it is, there has been little noticeable effect on people’s behavior.

E-books and e-readers
In 2003 I bought a Zaurus PDA on which I could read books. I had those books first as a plain ASCII file on a memory card and there was no real reading app. It worked technically, but not realistically. The iRex e-reader that I bought in 2007 was the first proper device for reading books, although the ease of use and battery life left much to be desired. That first iRex was the equivalent of the first iPod – an expensive gadget with severe limitations. But what was really missing was an iTunes equivalent. A user-friendly piece of software with which non-technical book lovers could manage their collections. There are now many affordable e-readers and also a lot of people read on tablets and smartphones. I read on my own Android phone, which now has replaced my iPod.

Open-source iTunes
But the game-changer is the availability of an iTunes equivalent for e-books: Calibre (pronounced Kali-ber). Calibre is a desktop app on Windows, MacOSX and Linux, and brings the management of large collections of e-books within reach of most computer users. As with iTunes books can be sought directly from Calibre, bought at online bookstores, or downloaded from other sources. As a European who travels a lot, I am constantly frustrated by the fragmentation of the market for digital books (‘this e-book is only available in the U.S. and Canada for copyright reasons’). So I order it as a hardcover for the bookshelf and I download the digital version to fit with my 21st century lifestyle.

Calibre  is very different from iTunes, in that it is completely open source and designed to serve the interests of the end-user. With Calibre it is therefore easy to convert the DRM e-books to other formats so that they can be read on devices other than those the the seller stipulates. Calibre also has several tools to help share e-books. It is possible to mail books directly from Calibre, which you can programme to individual addresses making the required format conversion. This is useful for friends, fathers and loved ones with a different brand of e-reader from you. It is also possible to export (parts of) your collection in the neutral ePub format or to share your library over a LAN via an integrated Web service.

Real change
The scene is set for a repeat of the rise-of-the-mp3-and-fall-of-the-music industry drama: cheap  handy readers, software management and conversion, and a global infrastructure to share content. A widespread embrace of e-books will be much faster than MP3s because people have become accustomed to sharing and downloading, and because books are much smaller than music or video files (a novel is about 0.2-1 MB). On a 10 euro USB stick you can fit more books than most people will ever read in their lives. The last year has seen the diversity of books and quality of shared online collections increase dramatically. Just search the name of your favorite author with .torrent and bingo. You can also search for "epub" or "Kindle" and find wonderful collections and discover new authors.

When discussing books over the next 2-3 years we can expect a rehash of all the tired old arguments from the last decade about the digital distribution of music. The outcome of this discussion will probably be the same: ‘industry’ argues vociferously that it is not fair and that nothing more will be written without tough DRM enforcement. The public shrugs and downloads book collections anyway as more writers than ever write more books than ever and make more money than ever.

Discussion and reading
Calibre software, e-readers for less than $100 and The Pirate Bay will probably do more for the availability of books than the 2 Euros per capita the central government is willing to spend. I hope you all enjoy your reading!

For those who wish to pursue discussions on the legal and/or ethical aspects of downloading, I suggest you have a read of my earlier columns on copyright, to avoid repetition of arguments.

It’s a trap!

September 5, 2011

Author: arjen

<originally a Dutch column for Webwereld>

What is a document? It started as a flat piece of beaten clay, onto which characters were scratched with a stick. 8000 years later it was found and after years of study, archaeologists concluded that it said: ‘You owe me three goats”. ??

Through papyrus and parchment scrolls we arrived at mass production of paper and book printing in Europe in the 15th century. Our sense of the nature of a document is still derived from this previous revolution in information capture and distribution. When computers became commonplace as a tool to create documents, there was therefore a strong focus on applications to produce paper document as quickly and nicely as possible. The creation had become digital, but the final result was not fundamentally different from the first printed book in 1452.

Most word processors in use today cling to this concept. There are hundreds of functions for page numbering, footnotes and layout to achieve a legible final result – on paper. Many IT tools around the management and access of documents are directed to the concept of a digital document as a stack of paper. Ready to print for ‘real’ use. The modern ways of working together for various reasons no longer apply to a paper-oriented way of recording and distribution. Paper is static, local, and now much slower and more expensive to transport than bits. It is this combination of restrictions has led to new ways of creating documents where both the creative process and the end result is digital. A famous example is Wikipedia, the world’s largest encyclopaedia with millions of participants continually writing and rewriting about the latest insights in technology, science, history, culture or even the biography of Dutch folk singer Andre Hazes.??

In this new form a document is a compilation of information at an agreed place online. The URL is the document.

Most editors show their age not only by focusing on paper, but also by focusing on the concept that documents provide a discrete all-in-one storage medium. Word processing began before computers could communicate naturally through networks, and that legacy continues to shape the concept of a digital document.

From the binary formats of Wordstar (.ws), via WordPerfect (.wpd) and Microsoft Office (.doc), we are now using XML-based formats such as ODF and OOXML. The original purpose of the ODF was to break the stranglehold of the Microsoft binary .doc format, which was changed regularly and was therefore was difficult to support on systems other than Microsoft itself. Of course, that was exactly the intention. Once you acquire market dominance, why would you be interested in whether other systems are  compatible with you when this gives you the competitive edge and profit margins of 65%?

To my amazement yesterday I read this report of a workshop designed to make OpenOffice compatible with the proprietary version of Microsoft’s OOXML file format. The operational wish for individual OpenOffice users to be compatible with .docx is understandable, as they are a minority in a landscape totally dominated by Microsoft Office, which now saves documents as .docx. If you choose not to use MS-office (for whatever reason) it can be a daunting task to save and read a document. Most users of word processors are unaware that, by using this format, they are making the lives of the minority difficult; they merrily continue to send out this digital asbestos.

For clarity, the .docx version of OOXML is not the same as the ISO version of OOXML – .docx is a proprietary file format, OOXML ISO is a standard. The certification of the ISO standard was itself nearly destroyed during the voting process by bribery and intimidation. The ISO standard has not been implemented by anyone yet, including Microsoft itself.

Solving problems of adoption of OpenOffice by pursuing the proprietary file formats of your opponent seems to me a disastrous path to go down. In the same way as .doc, the .docx format can be subtly changed with each version and servicepack ‘upgrade’ to avoid 100% compatibility. After all, actively tinkering with proprietary software to block alternatives not a new concept for Redmond.

Microsoft survives primarily on Windows and Office licences, even though it has doggedly been trying to conquer other markets such as mobile telephony.  It would be rather naive to assume that such an organisation, with such a history, will sit back quietly while its cash cow is dismantled.

If the predictions about digital documents are true, it means we need new ways of working along with new tools. Page numbering and footnotes are irrelevant in hypertext in terms of the document-standard. Since the majority of documents produced by most users in most organisations are no longer than 1-3 pages and are usually using templates, a browser with plug-ins would be sufficient. This means that PCs are less important for the end users, who increasingly work just as well on a tablet. Tablets are very different to Pcs, but that is no barrier to rapid adoption. Contrary to popular claims, ‘different’ is not a problem if it is also sexy.

Aping your opponent is never a good idea. As a great strategist once said long ago (in a galaxy far away)::it’s a trap!

 

Unsuitable

July 7, 2011

Author: arjen

<originally a webwereld column in Dutch>, <also on HuffPo UK>

Over nine years ago, I was talking to Kees Vendrik <Dutch MP) about the broken Dutch software market. Not only was it impossible to buy a top brand laptop without buying a Microsoft Windows licence, it was also impossible to visit many websites (municipalities, Dutch railways and many others) without using Internet Explorer. The latter area has greatly improved and I can lead my life using my OS and browser of choice. Only occasionally do I have to just swallow a Windows licence when buying a new laptop. Not much has improved in that area. Our national dependence on products such as MS Office has not really diminished either, despite all the wishes of our Parliament and its related governments policies.

Meanwhile, the technological seismic shift that frightened Bill Gates so much back in ’95 (the web makes the operating system irrelevant) is fast becoming reality. Almost all new developments discussed by IT power players and specialists are web-based or based on open specifications and the most commonly used applications are running quite well as service in a browser.

So while the 15-20 year old problem of software dependency is not yet solved (our government, with its tens of thousands of IT workers, is  still unable to wean itself off the familiar Microsoft technology stack) its impact is becoming less relevant. Meanwhile, new dependencies based on cloud providers are promising to be even more detrimental.

While excessive use of proprietary software creates the risk of foreign manipulation and potential attacks on critical infrastructure (eg Stuxnet). But at least if your systems are attacked in this way, there are some ways to track this. If you are working on the computer that does not belong to you, that is based in a foreign country and is managed in ways you cannot know,  it will be very difficult to have any control over what happens to your data.

The old assumption, that using local servers could be part of the solution, seems unfortunately to be an illusion. All cloud services offered by companies based in the US are subject to US legislation, even if the servers are physically in another country. And US law is now somewhat, shall we say, problematic. With no evidence, but with an allegation of involvement in "terrorism", systems can be closed down or taken over – without any warning, or the possibility of adversarial judicial review. The term ‘terrorism’ has been stretched so far in that anyone who allegedly breaks US law, even if they’re not a US citizen and even if they’re not in the US can still a deemed "terrorist", just on the word of one of the many three-letter services (FBI, CIA, NSA, DIA, DHS, TSA, etc.). The EU is not happy about this but does not want to go so far as reccomending its citizens and other governments to no longer use such services.

The long arm of the US Patriot Act goes even further than merely the servers of US companies on European soil. Thus domains can be "seized" and labelled: "this site was involved in handling child pornography". Try explaining that as a business or non-profit organisation to your clients and (business)partners. Just using one .com, .org or .net extension as your domain name now makes you liable under US law. All Europeans can now be seized from their homes for breaking US law. So a .com domain name makes your server effectively US territory.

We were already aware that proprietary platforms like Windows and Google Docs were not suitable systems for important things such as running public or critical infrastructure. However, now it turns out, that every service delivered through a .com / .org / .net domain places you under de facto foreign control.

Solution? As much as possible, change to open source software on local servers.  Fortunately there quite a few competent hosting companies and businesses in the Netherlands and Europe. Use local country domains like .nl/.de./.fr or, if you really want to be bullet proof, take a .ch domain. These are managed by a Swiss foundation and these people take their independence seriously. Wikileaks today is running on wikileaks.ch after its domains such as .org got a one-way ticket to Guantanamo Bay.

If you still want to use Google Docs, Facebook, Evernote, Mind Meister, Ning.com, Hotmail or Office 365 – please do so with the awareness that you no longer have any expectation of privacy or any other form of civil rights. Good for the administration of the tennis club but completely unsuitable for anything that really matters.

Doctor, doctor …

March 15, 2011

Author: arjen

<webwereld column>

Actieplan Heemskerk

A MP stumbles, coughing, into the doctor’s surgery. There is blood pouring from the ears and nose and left eye. “Doctor, doctor, I’ve just had a bad fall and I think I’ve broken my wrist” gasps the MP. The doctor has a look and briefly feels the pulse. “Does that hurt?” “A little bit” mumbles the MP. “I don’t think it’s that bad” says the doctor. Unfortunately I can’t check it today as the digital X-ray machine is broken”. The MP is swaying back and forth. “It’s probably just a bruise, the nurse will give you a sling. Take it easy for a couple of days and come back if it’s still painful.”  The MP staggers out of the surgery, still bleeding from the ears, nose and eye. The doctor is already focused on the file of the next patient, because doctors are very busy.

The process described above resembles the way the Court of Audit went about answering MPs questions about our national IT strategy. The MPs asking those questions were not experts and the Court provided simplistic answers without providing any context or stopping to consider whether the symptoms might be part of a broader problem. The newly-published report failed to respond  even to the superficial questions and, moreover, based its answers on minimal data.  Which is a disgrace, as it is precisely the role of the Court to delve into the deeper issues.

Instead of focusing on the 88 million euros spent on licence fees (less than 1% of the total annual licence expenditure), the Court could and should have explored why a different approach can work in other European countries, but fails in the Netherlands. Is this country really so different from Finland, Germany, France or Spain? As their colleagues in the Central Planning Bureau had done in 2009, the Court could have produced its own qualitative analysis of the macro-economic effects of large-scale, open source implementations. This as a viable alternative to  annual imports totalling of more than 8 billion, primarily from the USA. The macro-economic demand alone is relevant since the VAT and profit tax of this trade ends up predominantly in the Irish treasury, because of inter-EU trade regulations.  (I ‘m not necessarily against bailing out Ireland but this can surely be done more efficiently). Also the figures of the 2004 SEO study are still current enough to be indicative for order of magnitude estimates.

As one of the ‘experts’ consulted by the Court, I am very disappointed by the minimalist approach it took. But perhaps I shouldn’t have been surprised – after all, in a previous report, the Court had also dithered, even after they had determined the government really had no insight whatsoever into its own IT spending. It is beyond me why a subject such as IT, where so many aspects can go so terribly wrong, is not more thoroughly and strategically overseen. In my written input to the Court last year I proposed several clear ways to frame the fundamental questions. For those who, like doctors, are very busy here is a summary:

Dear MPs, the Netherlands is a modern western country with access to the same knowledge, technology and IT budgets as Germany, France, Spain and Finland. Today all these countries  have already achieved widespread adoption of open source and open standards in government. The work of the Dutch government is also very similar to these countries – certainly generic aspects such as office automation. So, eight years after the original and unanimous vote by parliament, surely the only reason that the Netherlands cannot implement this policy is our administrative culture and our Atlanticist political orientation. There is certainly no fundamental reason why the results of the other countries I mentioned cannot be replicated in the Netherlands, particularly because those same countries have already done all the preliminary research for us. But in recent years potential obstacles for migration have been elevated to norms, rather than being correctly identified merely as part of a problem to be solved.

Parliament should no longer accept high dependence on a supplier being invoked as an excuse for not making progress towards becoming less dependent on that supplier (as the government did in response to parliamentary questions in in 2004, 2006 and 2008). The high dependency is the problem that must be solved, not an immutable law of nature where IT departments are the powerless victims.

Parliament should no longer accept the acknowledged lack of technical and organisational expertise of the 60,000 government IT professionals (and its suppliers) as a valid excuse for the lack of progress. It is implausible that the Dutch state cannot find the requisite skills to replicate the results of its European neighbours. Any IT staff and management found lacking in the necessary skills to carry out the very reasonable requests from parliament should be retrained  or replaced. Incompetence is grounds for dismissal, not a valid excuse to refuse to do the work.

Of course there will be problems in unravelling this gigantic Gordian knot, created by decades of accumulated proprietary software. But the most frequently cited excuses for not making a start with OSS and OS are similar to those used by asbestos manufacturers: "yes, but it is handy", "we have been using it for so long", "we are comfortable with it", "we know nothing else". All factually correct statements, of course, but certainly not valid excuses to prevent us from finding an alternative solution.

If the government had started making these changes way back in 2002, as parliament voted to do, the cutbacks we’re now suffering in education and health care would have been more than covered.

On this issue, the Netherlands seems  to have been reduced to providing the frightening role for the rest of Europe on “how not to do it….”. Too bad.

Asbestos is also useful

January 17, 2011

Author: arjen

AsbestFor decades throughout the Western world houses were built with asbestos. The material is affordable, durable, insulating and also has excellent fire resistant properties. All this – and the low price – made it the ideal stuff to use for everything. Which is what we did.

As long as the asbestos remains safely in place, nothing much happens. It does its job and you don’t need to think about it. The problems begin when changes are made, such as a conversion. The demolition of a such a wall releases microscopic asbestos fibres, resulting in enormous danger to the health of anyone who has the misfortune to be nearby. Consequently the processing of asbestos is very strictly regulated. Despite these regulations, asbestos has for decades caused twice as many deaths as road accidents.

Because the long-term consequences of the use of asbestos is so damaging, its use is now prohibited. All this, despite the fact that the original reasons for using still exist: asbestos is still cheap, strong, durable, insulating and fire resistant. Yet we now don’t use it because the social price is just too high. Strategic and social reasons are more important than practical and technical advantages.

Yet when we talk about the software that governments use for their daily work, it seems virtually impossible to distinguish between strategic and operational arguments. Concerns about the fundamental inadequacy of closed (and uncontrollable) systems are easily dismissed by phrases such as "it’s useful", and "everyone’s used to it”, or even “political concerns are not up for discussion”. All these quotes were also used by asbestos suppliers in the 1980s.

Fortunately, the traditionally cuddly but now dangerously naive Dutch approach to international relations was brutally interrupted last month: the Dutch government has been lying to itself and us about military deployment; people’s cloud-computing data is indeed vulnerable; Israel and the USA use their technical knowledge of proprietary systems to attack their digital adversaries; and 10% of Dutch PCs have been taken over by criminals. The latter is a direct consequence of the desktop-monopoly actively created by the government, and to this day strengthened through its IT-education policy.

Today it’s an Iranian nuclear installation, the personal data of Rop Gongrijp, and the domain of Wikileaks. Tomorrow perhaps it will be a Dutch (air)port, power station, hospital or a few ministries?

If the Netherlands wishes to retain control of its own sovereignty, we have to stop this quasi-naivety in conversations about technology strategy. Despite all international agreements, the law of the jungle still prevails, but we behave like we’re taking a stroll in the park. NOiV (or its successor programme) must find the courage to start a conversation about the strategic implications of running our public administration on systems that are not under our control. It is time to strictly regulate our public sector asbestos-information.  Although it can be useful, we must seek out alternatives that ware safe for everybody.

Parliament’s questions to the Court of Audit

December 4, 2010

Author: arjen

Actieplan HeemskerkPreamble
The Lower House of the Dutch Parliament has asked the Court of Audit to investigate the problems and opportunities related to the adoption of open standards and open source software for the government’s information systems. The Court has invited various experts to give their views. This blog post is my contribution.

The questions are being asked to the highest supervisory body of the country, rather than the departments responsible for implementing this policy – the Ministries of Home Affairs, and also Economic Affairs, Agriculture & Innovation – eight years after the government’s first unanimous vote on this issue and the expenditure of about 5 billion euros on licensing fees. The impression given to the outside world is that Parliament is not impressed with the progress of the last eight years and believes that the relevant government departments could benefit from the external scrutiny of a neutral and objective body.

Each of the following five questions implies a series of unspoken assumptions. In order to answer the questions, it is necessary to identify and, where neccesary, challenge these underlying assumptions in order to reach a sensible answer.

The five questions
Here are the answers to the questions raised by Parliament. There is so much interdependence that subsequent responses will sometimes refer back to earlier parts.

“You cannot solve a problem with the same thinking that created it”

1.What possibilities and scenarios exist for the reduction of closed standards and the introduction of open source software by the central government (ministries and related agencies) and local authorities?

The Netherlands is a modern western country and has the same access to knowledge, skills, technology and comparable budgets for IT as Germany, France, Spain and Finland. It is a fact that all these countries have already implemented large-scale adoptions of open source and open standards in government. The implementation requirements of the Dutch government are also very similar to these countries. The reason that The Netherlands has not moved further in this area, eight years after the original, unanimous Parliamentary vote, can therefore be attributed to nothing more than the administrative culture and our Atlanticist political orientation.

There is no fundamental reason why the achievements of these other countries cannot be replicated in The Netherlands, especially as the  groundwork has already been done. Barriers to migration have often been treated as immutable laws of nature rather than just a problem to be solved.

  • Parliament should no longer accept that a high dependence on one supplier is an adequate excuse not to move away from that very dependency (as the Cabinet did in response to parliamentary questions in 2004 and 2006 and 2008). The dependency itself is the problem that must be addressed, not an enshrined principle that IT departments must endure.
  • Parliament should no longer accept that the acknowledged lack of technical or organisational knowledge amongst the 60,000 government IT professionals (and their suppliers) is an excuse for the lack of progress. It is implausible that the Dutch government is incapable of replicating the successful work of its European counterparts. Any governmental IT or management staff who do not have the requisite skills to carry out the very reasonable requests of Parliament should be replaced or retrained. Incompetence is grounds for dismissal, certainly not an excuse for refusal to do the necessary work.
  • Intrinsic motivation works better than coercion. Administrators and IT staff who understand the wishes of Parliament can embrace it with real conviction and are likely to want to produce better results than those who only work under duress.  Such an approach will select and promote suitable people to the right jobs. The staff whose policies and  behaviour have caused our current problems are probably not going to the ones who find the necessary solutions.
  • The link between HR and remuneration policies for IT professionals and achieving technical certification related to proprietary software from a handful of suppliers must be completely severed.

“When you find yourself in a hole, stop digging”

2. What part of closed standards and software can be replaced by open standards and open source solutions and what cannot?

This question has yet another unspoken assumption: that central government has a realistic oversight of all systems, applications and related standards. It does not. As a result, questions about the number of systems that can be replaced are very hard to answer and have little relevance to achieving lower costs and greater independence in the foreseeable future – primarily because of the very large differences in costs that are associated with different standards. The government would do well to focus on the most common, generic issues, for which proven alternatives already exist. The original 2002 Vendrik Parliamentary motion already asked for this.

Key points to identify: what are the most expensive closed source areas where functional open source alternatives already exist and are already being used successfully elsewhere? What are the closest functioning areas that can result in successful migrations?

Migration plans should be drawn up in these areas as a matter of high priority – and this means halting or delaying other projects that may block these migrations and accelerating projects that play a supporting role.

For instance, in 2005 the former Ministry of Economic Affairs produced a document management system which has made it virtually impossible for years for the Ministry to use other web browsers, word processors or desktop operating systems. This is particularly surprising as, in 2004, the government itself announced that such closed systems in the work environement were harmful and undesirable, and were therefore going to be actively addressed as per the wishes of Parliament.

A current, concrete example within national government is the introduction of SharePoint. There is a significant risk that this investment, once made, will be (ab)used yet again as an excuse not to migrate to open and available alternatives. That would take us up to 2016 (14 years after the initial Parliamentary decision!) before any real work could begin on migration.

“Not everything that can be counted counts, and not everything that counts can be counted.”

3.What are the current costs? What are the predicted up-front and structural costs costs of moving from closed standards and the introduction of open source software? What are the projected savings?

NL software importThe Dutch government currently spends about one billion Euros on proprietary software licences annually.  These licences are mainly foreign, and the income tax and VAT on this expenditure flows into the Irish exchequer, because most European branches of American software companies are based there. The total Dutch expenditure is eight times more. Both governmental and general software expenses grow by about 10% per annum and are therefore unsustainable.

A significant portion of these annual costs can be saved or ploughed back into the local economy through Dutch SMEs, and so this cost will be an investment in the Dutch knowledge economy. With the government as the leading customer in this new market structure, it is feasible that The Netherlands could save billions per year.

In addition to these direct costs, various indirect savings could increase this amount many times over: the costs of management and security for vulnerable mono-cultures; the cost of merging old legacy systems and new applications; and social costs caused by security failures and easily avoidable software security problems. Every month there are Dutch hospitals whose primary processes are severely disrupted by computer viruses – a direct result of monoculture.

Moving beyond the financial, it becomes more difficult to quantify the social impact of the high dependency level of Dutch society on certain foreign, privately-owned companies.  However, if more than 80% of the PCs in The Netherlands can be remotely controlled or even switched off, what does that say about Dutch national sovereignty? Is it politically acceptable for foreign software suppliers or government bodies to have an On/Off switch for ministries, municipalities, police, hospitals, water works, supermarkets, schools etc…?

“The best moment to plant a tree is 25 years ago, the next best moment is now.”

4.How would the reduction of closed standards and the introduction of open source software be realised?

With not only the right mandate (which Parliament actually voted for eight years ago!), but also the right expertise significant results are attainable within 24-36 months. This requires making this area a priority issue and a break from the old attitudes, excuses and methodologies of recent years (see answer to question 1). Successes abroad can serve as templates for our projects.

One area where we could make a rapid start would be primary education. Currently we are actively strengthening existing monopolies via this sector with public money. If by 2011/12 the first two years of primary school use open systems and then a higher class is switched each year, The Netherlands will have the first generation of citizens who are trained in vendor-neutral systems entering the workforce in 12 years, easily capable of working with multiple systems and applications. De ‘Rosa Boekdrukker’ primary school in Amsterdam clearly shows how this can be done.

Dutch hospitals in The Netherlands could follow the example of the Antonius Hospital in Nieuwegein.  Many other hospitals can share in this success.   And because it’s already been shown to work, the risks and costs for the next 100 hospitals are much lower.

It will take at least a decade before the full potential of open source and open standards can be utilised.

“Go out on the limb, that’s where the fruit is”

5. Beyond the cost, what other advantages, disadvantages, risks and opportunities should the Court of Audit factor in? What conditions must be met to make possible the implementation of open standards and open source software?

Benefits & Opportunities

  • Savings of billions per year in direct costs for all citizens and IT-using organisations in The Netherlands.
  • Redirecting a stream of funds from Ireland / USA into Dutch society as a huge and permanent investment in our knowledge economy.
  • Government investment in software will result in free, reusable software and knowledge available to our whole society, rather than controlled by privately-owned and usually foreign companies.
  • Security is strengthened through greater diversity of IT, competition, and the possibility of custom code audits.
  • National sovereignty is reinforced when the government has complete control over its systems.
  • General IT competence will dramatically improve, ensuring fewer spectacular and expensive failures such as the 2006 ‘Walvis’ Tax project, national medical records, public transit chip cards and, most recently, the new police system to name but a few.

Disadvantages and risks

  • The current, fragmented IT policy of the Dutch government means that a thousand little fiefdoms may need to be broken up.
  • The apparent lack of skills amongst IT management may have consequences for personnel. No doubt there will be resistance.
  • Significant investment is probably needed in re-training government IT professionals.
  • Angry phone calls from Washington DC when the flow of licensing money is shut off.

Preconditions

  • See answers to question 1.
  • Be realistic about the positioning and motivation of software companies. Companies seek to maximise profits, control markets and will therefore exploit any leeway that the government offers them. We do not invite the turkey to discuss the Christmas dinner. Therefore why do we accept “advice” from software companies and their interest groups about the best software strategy?
  • We need to break away from the idea that  extensive outsourcing is necessary, effective or desirable. The raison d’etre of government is to justly serve the legitimate needs of its citizens; it should therefore have detailed and inherent control over information systems. Stop the corporate-speak and ‘playing business’ by civil servants. Government is not a business, nor should it pretend to be. Outsourcing the control of information processing systems is contrary to the very principles of a democratic state for exactly the same reasons that outsourcing the military forces or the judiciary would be.
  • Make a clear distinction between political and administrative goals and the means of achieving them. Cutting costs can be realised in many ways, regaining national sovereignty in only one.
  • As long as desktop projects implemented under the guise of “efficiency through economy-of-scale” result in each desktop costing 6600,- Euros per annum, this kind of bullshit-bingo is completely risible. Keep IT managers and other decision makers who don’t know the difference between desktop-standards and a "standard-desktop" away from such projects.