Source files of fsfe.org, pdfreaders.org, freeyourandroid.org, ilovefs.org, drm.info, and test.fsfe.org. Contribute: https://fsfe.org/contribute/web/ https://fsfe.org

sovsoft.en.xhtml 22KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473
  1. <?xml version="1.0" encoding="iso-8859-1" ?>
  2. <html>
  3. <head>
  4. <title>FSFE - Internet Governance Forum (IGF) - Sovereign Software, by Georg Greve</title>
  5. </head>
  6. <body>
  7. <center>
  8. <h1>Sovereign Software</h1>
  9. <h2>Open Standards, Free Software, and the Internet</h2><br />
  10. </center>
  11. <div align="right">
  12. <a href="/about/greve/greve.html">Georg C.F. Greve</a><br />
  13. Free Software Foundation Europe (FSFE), President<br />
  14. written for <a href="http://www.intgovforum.org/contributions_for_1st_IGF.htm" target="_blank">substantial contributions to the first IGF</a>
  15. </div>
  16. <center>
  17. [<a href="SovereignSoftware.pdf">PDF Version, 91k</a>]
  18. </center>
  19. <h2>Introduction</h2>
  20. <p>Software issues are issues of power and fundamentally shape the
  21. societies we are living in. Even to those who had not followed digital
  22. policy issues before this became increasingly evident throughout the
  23. <a href="/campaigns/wsis/">United Nations World Summit on the
  24. Information Society (WSIS)</a>. Two fundamental questions characterise
  25. this battlefield: Who controls your data? Who controls your
  26. computer?</p>
  27. <p>The first question generally revolves around Open Standards, and in
  28. particular how they should be defined and upheld. All players in the
  29. field speak out in favor of Open Standards, but some wish that term to
  30. be understood in ways that they still control your data and retain the
  31. power to lock out competitors at will.</p>
  32. <p>The second question has been one of the key controversies throughout
  33. the WSIS, it was highly controversial during the WGIG, and remains
  34. controversial throughout the Internet Governance Forum (IGF). This
  35. issue is one of software models, of proprietary vs Free Software, and
  36. has been oddly polarised between for-profit and non-profit in the WSIS
  37. context.</p>
  38. <p>This may have been due to the specific situation that mainly the largest
  39. proprietary software multinational followed the WSIS intensively while
  40. the large multinational vendors of Free Software generally did not
  41. participate and were thus not represented in the CCBI. [<a name="ref1" href="#1">1</a>]</p>
  42. <h2>Open Standards</h2>
  43. <p>Having been preached as commonplace statement in the information
  44. technology industry for many years already, Open Standards only
  45. recently made their entry into the center stage of public policy. One
  46. of the places where this happened was during the WSIS, and will be of
  47. major importance for the Internet Governance Forum (IGF). But why are
  48. Open Standards so important?</p>
  49. <h3>Background on formats</h3>
  50. <p>All computers store and transmit information in encoded form. These
  51. used to be very simple representations where certain numerical values
  52. stand for a certain character, for instance. And while their
  53. complexity has been increasing steadily with the power and complexity
  54. of computers, certain basic rules always apply.</p>
  55. <p>The first important rule is that any such choice of encoding is an
  56. arbitrary, and not a natural choice. The number 33 may represent the
  57. letter 'a' or 'z' depending on the convention for this standard. There
  58. is no right way of doing this, there are only possible ways.</p>
  59. <p>The second important rule is that once data has been encoded in a
  60. certain format, it can only be read by software that implements this
  61. format, and implements it exactly. Even slight deviations from the
  62. conventions of the format will easily cause massive data corruption. A
  63. common and mostly harmless form of this is lost or broken formatting
  64. in text processing software. In the worst case the data will be
  65. unrecoverable.</p>
  66. <h3>Formats and market failure</h3>
  67. <p>From a market point of view, such a situation generally brings about
  68. market failure: Customers who saved their data in one format quickly
  69. find themselves unable to choose another vendor that was not able to
  70. implement the same format, or unable to implement it well enough. If
  71. the only way to migrate is to lose years of data there is a very
  72. effective vendor lock-in that practically makes it impossible to
  73. choose software according to its merits.</p>
  74. <p>Additionally, strong network effects dominate today's computer world.
  75. If a company invested heavily into a desktop infrastructure in the
  76. past and this infrastructure uses certain communication protocols,
  77. they find themselves faces with two alternatives: Get only such
  78. software that implements these protocols perfectly or write off the
  79. investment and replace the entire infrastructure, obviously at a high
  80. additional investment.</p>
  81. <p>A third party vendor that wishes to enter this market is faced with a
  82. situation similar to someone finding themselves in a room of people
  83. speaking a foreign language, with no dictionary and syntactic help
  84. available. Human languages are collections of arbitrary decisions just
  85. like computer formats and protocols. There is no inherent natural
  86. reason to call a table a table, or call a chair a chair. For someone
  87. not speaking that language and without a dictionary or at least
  88. someone willing to explain the language it becomes very hard to
  89. communicate.</p>
  90. <p>In information technology, some people have been able to divine
  91. information about such protocols and file formats merely by watching
  92. others use that language. This is called protocol analysis and has
  93. helped mitigate the negative influences of the systematics above
  94. somewhat.[<a name="ref2" href="#2">2</a>] It
  95. is also the reason why some dominant vendors start inserting
  96. cryptography into their protocols, preventing further protocol
  97. analysis in the future.</p>
  98. <h3>Public Policy implications</h3>
  99. <p>All of this is obviously a major concern for public policy for various
  100. reasons and has been discussed in various fora, e.g. the Danish
  101. parliament for its motion <b>B
  102. 103</b>[<a name="3" href="ref3">3</a>]
  103. in which the following reasons are elaborated.</p>
  104. <h4>Healthy procurement policy</h4>
  105. <p>It is obviously not sustainable to make investments that will become
  106. subject to the effects explained above. There is virtually no market
  107. and a single vendor is in the position to vitiate the entire
  108. investment. As this is not in line with the principles of efficient
  109. and sustainable procurement by the public sector, such situations have
  110. to be avoided.</p>
  111. <h4>Protect democracy from networking effects</h4>
  112. <p>The same networking effects that were described above take place when
  113. the software needs to communicate with citizens. Only citizens that
  114. choose the one vendor implementing that proprietary protocol would
  115. then be able to communicate with their administration, violating the
  116. basic principle of citizens being able to freely communicate with
  117. their governments. Using proprietary formats and protocols would
  118. instead force them into the same vicious cycle of investment and
  119. increasing stakes explained above.</p>
  120. <h4>Ensure open competition</h4>
  121. <p>Such a situation is obviously contrary to the principles of
  122. open competition and markets and will quickly bring issues of market
  123. concentration and stifling of innovation. As this is contrary to the
  124. goals of any government, governmental procurement should support open
  125. and competitive markets.</p>
  126. <h4>Merging effects, ensuring accessibility</h4>
  127. <p>In the scope of more efficient administration, many municipalities and
  128. different parts of administration are starting to pool resources. If
  129. this is attempted with proprietary formats, it usually means that
  130. unless all parts have already been using the same software,
  131. significant investments by one or several of the administrations would
  132. be lost.</p>
  133. <p>Also all of this will have to take into account the rights of people
  134. with disabilities, who may have special requirements in software that
  135. the implementation of that proprietary format may not meet. In this
  136. situation there will be no possibility for people with disabilities to
  137. communicate with their governmental services.</p>
  138. <h4>Commercial-political perspectives</h4>
  139. <p>Ultimately there are strong political issues with storage of data in
  140. proprietary formats. What if those data become inaccessible in the
  141. future due to problems with that particular vendor? Can a government
  142. really rely blindly and without alternative on the goodwill of any
  143. singular commercial entity?</p>
  144. <h4>Long term commercial aspects</h4>
  145. <p>Also, with all of the above, increasing choice and freedom to choose
  146. in an open market will bring additional long-term commercial benefits.</p>
  147. <h3><a name="os" />What is an Open Standard?</h3>
  148. <p>There are various definitions for what should or should not be
  149. considered an Open Standard. The aforementioned Danish motion
  150. describes it as:</p>
  151. <ul>
  152. <li>well documented with its full specification publically available</li>
  153. <li>freely implementable without economically, politically or legal
  154. limitations on implementation and use, and </li>
  155. <li>standardized and maintained in an open forum (a so-called standards organisation) through an open process.</li>
  156. </ul>
  157. <p>This is relatively similar to the definition of an Open Standard by
  158. the European Commission in its European Interoperability
  159. Framework.[<a name="ref4" href="4">4</a>]</p>
  160. <p>Both these definitions were criticised by the vendors that profit
  161. commercially from the dependency cycles explained above, as well as
  162. organisations representing their interest. The usual argumentation for
  163. this criticism is generally oriented along the lines of patents that
  164. were granted on such a format or protocol, and for which the patent
  165. holder might choose to generate license revenue. The euphemism du jour
  166. for this is usually ''Reasonable and Non-Discriminatory'' (RAND)
  167. licensing.</p>
  168. <p>This is but a euphemism because patents are by their nature limited
  169. monopolies granted by law to a single entity. This entity will always
  170. have the upper hand in any dispute, and indeed there are plenty of
  171. stories about formats and protocols that are theoretically known, but
  172. remain proprietary due to patent issues.</p>
  173. <p>That all other vendors not holding this patent are put in an equally
  174. bad position may indeed seem non-discriminatory, but it does not
  175. fundamentally change the balance of power of the situation.</p>
  176. <p><b>All
  177. formats and protocols are fundamentally arbitrary in nature, but must
  178. be followed precisely for the data that was stored in them to be
  179. recovered.</b></p>
  180. <h3>Open Standards in practice</h3>
  181. <p>In theory, the definitions of the European Union or the Danish
  182. parliament would be sufficient to define an Open Standard. In practice
  183. things have proven to be more complicated because the situation with
  184. proprietary formats described above is immensely profitable for the
  185. vendor in control of that software.</p>
  186. <p>So ultimately, a proprietary vendor with a certain amount of market
  187. penetration has an economic incentive to violate the Open Standard and
  188. turn it into a de-facto proprietary one. This indeed has happened
  189. repeatedly in history. The European Commission antitrust investigation
  190. against Microsoft provides testimony to how deviating from an Open
  191. Standard (CIFS, the ''Common Internet File System'') allowed Microsoft
  192. to leverage its desktop monopoly into near total dominance on the
  193. workgroup server market. This has proven so profitable that Microsoft
  194. appears more inclined to pay billions in fines than to stop this
  195. practice.[<a name="ref5" href="#5">5</a>]</p>
  196. <p>Often this is also done by slightly changing the implementation in
  197. ways that are hard to pinpoint or can be debated within the limits of
  198. human interpretation, but make sure that the implementations of other
  199. vendors will not integrate flawlessly anymore. The economic incentive
  200. for this is huge for proprietary players that bypass a certain
  201. threshold in size.</p>
  202. <h3>How to maintain an Open Standard</h3>
  203. <p>The only way to prevent this sort of thing seems to add one more
  204. criterion to the definitions above: ''The standard must have at least
  205. one Free Software implementation and all implementations that seek to
  206. be compliant with the Open Standard must be regularly tested against
  207. the Free Software implementation(s), which act as the common reference
  208. base.''</p>
  209. <p>Because Free Software[<a name="ref6" href="#6">6</a>] is, inter
  210. alia, defined by the freedom to study its implementation, this allows
  211. all players in the market to study the common reference base not only
  212. in specification language, but also in language, and regular tests
  213. against that base can help curb deviations from the Open Standard.</p>
  214. <p>Free Software also provides the freedoms of use, modification and
  215. distribution, therefore most vendors can also simply include that
  216. implementation in their own software, further reducing
  217. interoperability barriers.</p>
  218. <p>So while there is in theory no connection between Open Standards and
  219. Free Software, in practice Free Software becomes a necessary component
  220. to maintain an Open Standards against economic incentive to
  221. propertise or deviate from an Open Standard.</p>
  222. <h3>Open Standards and the WSIS/IGF</h3>
  223. <p>A good example for this is the internet. Before the internet became
  224. what it is today there were various different attempts to establish
  225. something similar. Why did the internet succeed? Because the
  226. implementations of basic internet protocols such as TCP/IP were Free
  227. Software and therefore equally available to all.</p>
  228. <p>The World Wide Web repeated this story when Tim Berners-Lee waived all
  229. patents on the protocols and formats, and they were implemented in
  230. Free Software. More than 60% of the world's web sites run on Apache,
  231. one of several Free Software web servers.</p>
  232. <p>Sadly enough, the language on Open Standards adopted in the WSIS and
  233. subsequently carrying into the IGF would not be sufficient to build
  234. something like the internet. Formats and protocols going by that
  235. definition would be subject to all the effects elaborated above.</p>
  236. <p>So it is important that the Internet Governance Forum (IGF) now goes
  237. beyond this insufficient language and works out true international
  238. consensus that will protect the internet from ''propertisation creep''
  239. in all its protocols and formats. Open Standards are an essential
  240. building block of the internet -- they must be maintained for the
  241. internet to not fall victim to a tower of babel syndrome.</p>
  242. <h2>Free Software</h2>
  243. <p>The practical connection between Free Software and Open
  244. Standards has already been elaborated, but there are other, genuine
  245. Free Software issues that have no direct connection with Open
  246. Standards. These are issues of software model and ultimately of
  247. control over your own computer.</p>
  248. <p>Free Software is software that gives all users and developers the
  249. following four freedoms:</p>
  250. <ul>
  251. <li>The freedom to run the program, for any purpose.</li>
  252. <li>The freedom to study how the program works, and adapt it to your needs.</li>
  253. <li>The freedom to make and redistribute copies.</li>
  254. <li>The freedom to improve the program, and release improvements.</li>
  255. </ul>
  256. <p>It is important to note that any of these activities can be
  257. commercial, indeed there are large international companies for which
  258. Free Software is a very profitable business, IBM, SUN, HP and others
  259. among them.[<a name="ref7" href="#7">7</a>]</p>
  260. <h3>The difference of software models</h3>
  261. <p>So commerciality is not the dividing line between proprietary and Free
  262. Software. In the ultimate abstraction the issue of software models
  263. comes down to one fundamental question: Who has control over the
  264. software that runs your computer?</p>
  265. <p>With proprietary software, that is always and exclusively the
  266. proprietor of the software. The owner of the computer generally gets
  267. some usage permissions for certain purposes, but these can usually be
  268. revoked and the user never owns or controls the software in any
  269. meaningful sense. With Free Software, the user is put in charge and
  270. control of their own software.</p>
  271. <p>This shift in power from ''one over everyone else'' to ''everyone over
  272. themselves'' fundamentally affects how national economy, enterprises,
  273. science, education, politics and society as a whole works. A full
  274. elaboration of these issues would be beyond the scope of this paper,
  275. so it will focus on a few selected issues of governance and
  276. sovereignty.</p>
  277. <h3>An issue of control</h3>
  278. <p>Although this may seem like an obviously falsehood, there is
  279. widespread common belief that the user controls their computer. In
  280. reality, it is only the software that actually controls the computer,
  281. taking some hints from the user if so programmed. This is an important
  282. fundamental distinction, because it makes clear that only by
  283. controlling the software can users control what their computer
  284. actually does.</p>
  285. <p>There are plenty of examples of software doing things secretly, and
  286. without the knowledge of the user. One recent example includes a piece
  287. of software that comes with SONY CDs and informs SONY every time that
  288. CD is played, and on which machine. All of this happened without
  289. visible signs on the computer, and without any information for or
  290. agreement by the user. Indeed, the user was falsely informed by SONY
  291. that this did <b>not</b> happen until someone was able to prove them
  292. wrong.[<a name="ref8" href="#8">8</a>]</p>
  293. <p>Similar stories exist for various other proprietary software
  294. solutions, including collaboration and conferencing software that was
  295. allegedly safe and highly encrypted and most likely used by
  296. governments for confidential activities around the world.</p>
  297. <p>Because there is no way to know for sure what your software does
  298. unless you have full control over it, the German Agency for Security
  299. in Information Technology (BSI) has a recommendation for Free
  300. Software.[<a name="ref9" href="#9">9</a>] Indeed, the German embassies
  301. around the world are networked with the German government through Free
  302. Software, using the GNU/Linux based SINA box.[<a name="ref10"
  303. href="#10">10</a>] </p>
  304. <h3>Issues of political mandate</h3>
  305. <p>Even though there has been considerable movement on the issue, Open
  306. Standards in public administration are still the rare exception. And
  307. in the proprietary world, which is still the norm in many governments,
  308. generally only one vendor can provide software that will be able to
  309. access those data and processes. So effectively much of public
  310. administration and governmental processes are controlled by software
  311. which in turn is controlled by only one vendor that the government has
  312. no meaningful control over.</p>
  313. <p>Free Software is the only way to ensure that governments actually
  314. control their own data and processes, including critical
  315. infrastructures. Free Software also avoids the aforementioned
  316. "propertisation creep" on Open Standards: There is no profit in this,
  317. as generally any vendor can choose to supply or maintain that
  318. solution.</p>
  319. <b>Only Free Software is ever truly Sovereign Software.</b>
  320. <h4>Free Software and the WSIS/WGIG/IGF</h4>
  321. <p>Free Software and the internet go hand in hand. It was Free Software
  322. that critical to making the internet possible, and indeed Free
  323. Software continues to shape and run the internet. At the same time,
  324. Free Software and its representatives has been all but excluded from
  325. the WGIG and the IGF processes thus far.</p>
  326. <p>If the Internet Governance Forum is to become a truly inclusive forum
  327. to discuss internet related issues, Free Software and its
  328. representatives should be included in all relevant fora and all
  329. political levels of the IGF. Otherwise there is a possibility that the
  330. people who actually continue to build the internet will simply take
  331. their discussions elsewhere.</p>
  332. <hr />
  333. <p class="footnote">
  334. [<a name="1" href="#ref1">1</a>] Some people see the two issues connected, other argue they should
  335. always be treated separately. As will become clear later on, the two
  336. issues are indeed not connected in theory, but have a connection in
  337. practice. In order to understand this, it is important to consider
  338. them isolated and individually first.</p>
  339. <p class="footnote">
  340. [<a name="2" href="#ref2">2</a>] This is how OpenOffice (<a
  341. href="http://www.openoffice.org">http://www.openoffice.org</a>) came
  342. to its ability to generally read most documents written with Microsoft
  343. Word, for instance, or how the Samba (<a
  344. href="http://www.samba.org">http://www.samba.org</a>) software became
  345. able to replace large parts of the functionality of Microsoft
  346. workgroup servers.</p>
  347. <p class="footnote">
  348. [<a name="3" href="#ref3">3</a>]
  349. <a href="http://www.ft.dk/Samling/20051/beslutningsforslag/B103/index.htm">http://www.ft.dk/Samling/20051/beslutningsforslag/B103/index.htm</a></p>
  350. <p class="footnote">
  351. [<a name="4" href="#ref4">4</a>]
  352. <a href="http://ec.europa.eu/idabc/en/document/7728.html">http://ec.europa.eu/idabc/en/document/7728.html</a>
  353. </p>
  354. <p class="footnote">
  355. [<a name="5" href="#ref5">5</a>]
  356. <a href="/activities/ms-vs-eu/">http://fsfeurope.org/activities/ms-vs-eu/</a>
  357. </p>
  358. <p class="footnote"> [<a name="6" href="#ref6">6</a>] For a full and
  359. concise definition of Free Software please consult the ''<a
  360. href="/activities/wipo/fser.html">Free Software Essentials
  361. Reference</a>'' also supplied in the <a
  362. href="http://www.intgovforum.org/contributions_for_1st_IGF.htm">substantial
  363. contributions</a> to the IGF.</p>
  364. <p class="footnote"> [<a name="7" href="#ref7">7</a>]
  365. A more complete and elaborate definition of Free
  366. Software and a clarification of the most common misunderstandings is
  367. available on the ''<a href="/activities/wipo/fser.html">Free Software Essentials Reference</a>'' sheet also in
  368. the substantial contributions to the IGF.</p>
  369. <p class="footnote"> [<a name="8" href="#ref8">8</a>]
  370. <a href="http://www.wired.com/news/privacy/0,1848,69601,00.html">http://www.wired.com/news/privacy/0,1848,69601,00.html</a></p>
  371. <p class="footnote"> [<a name="9" href="#ref9">9</a>]
  372. <a href="http://www.bsi.bund.de/oss/index.htm">http://www.bsi.bund.de/oss/index.htm</a></p>
  373. <p class="footnote"> [<a name="10" href="#ref10">10</a>]
  374. <a href="http://www.bsi.bund.de/fachthem/sina/index.htm">http://www.bsi.bund.de/fachthem/sina/index.htm</a></p>
  375. </body>
  376. <timestamp>$Date$ $Author$</timestamp>
  377. </html>
  378. <!--
  379. Local Variables: ***
  380. mode: xml ***
  381. End: ***
  382. -->