There’s been a lot of activity in diverse parts of the standards and open source software development world of late. Here’s a selection of items you may have missed that I think might be of greatest interest.
In its simplest form, FOSS development requires almost no traditional economic, physical or management support. All that is needed is a place to host code in a manner that allows multiple developers to collaborate on its further development. As FOSS has become more commercially valuable and widely incorporated into vendor and customer strategic plans, however, additional layers of services and structures have evolved to allow FOSS development to become more efficient and robust and the user experience even more productive. These include training, a growing certification testing network, a variety of tools to assist in legal compliance matters, and a network of hosting entities providing a wide range of supporting services and frameworks.
It would not be an exaggeration to say that the magic of open source software (OSS) is based as much on legal innovation as it is on collaboration. Indeed, the essential innovation that launched free and open source software was …
Everybody uses open source software (OSS) today. Millions of people contribute to the code itself. Indeed, a substantial percentage of the users and creators of OSS today are young enough to have never known a world that didn't rely on OSS. In other words, it's very easy to take this remarkable product of open collaboration for granted.
For over thirty years U.S. companies have enjoyed a home court advantage in developing information and communications technology (ICT) standards. Specifically, the overwhelming majority of the more than five hundred consortia founded over the last thirty-five years to develop ICT …
Ninety-odd days ago, the US Bureau of Industry and Security (BIS) added Huawei and 68 of its affiliates to its “Entity List.” BIS added another 46 Huawei affiliates last week (collectively, “Huawei”), thereby making it illegal for US individuals and entities to disclose certain technology and software to Huawei and such blacklisted affiliates without a license. At the same time, it tempered the blow by issuing a Temporary General License that, among other things, allowed US entities to continue to participate with Huawei to develop 5G standards. For all other standards, Huawei’s continued participating would be legal only to the extent a given standard setting organization (SSO) either applied for, and received, a license from the BIS, or could credibly analogize its processes to an exception recognized under existing Export Administration Regulations (EAR). The closest exceptions are disclosures at public conferences and in connection with coauthoring journal articles. Ever since, standards setting organizations (SSOs) counting Huawei as a member have been scrambling, trying to figure what they can and cannot allow Huawei to do. On Monday of this week, three things happened that provided some answers. But almost all the answers were bad.
The vast majority of free and open source (FOSS) projects today operate on a license in/license out basis. In other words, each contributor to a code base continues to own her code while committing to provide a license to anyone that wants to download that code. Of course, no developer ever actually signs a downstream license. Instead, all contributors to a given project agree on the OSI (Open Source Initiative) approved license they want to use, and those terms stand as an open promise to all downstream users. But is that really the best way to operate? What about the minority of projects that require contributors to assign ownership of their code to the project? They clearly think assignment is a better way to go. Are they right?
Free and open source software (FOSS) development has for many years enjoyed an increasingly positive public image. Particularly in the last several years, it’s become recognized as the foundation upon which most of the modern computing world rests. FOSS proponents include many governments, too, including many in Europe and the European Commission itself.
That’s all good and quite appropriate, but it’s worth keeping in mind that FOSS involves the conscious agreement of head to head competitors to work towards a common result – something that would otherwise normally be a red flag to antitrust regulators in the US, competition authorities in Europe, and to many of their peers throughout the world. To date, those regulators do not seem to have expressed any concerns over FOSS development generally. But that can change.
Not long ago, the Linux community celebrated the twenty-fifth anniversary of Linus Torvalds’ famous Internet post, and thus its birth. While Linux was not the first open source project (Richard Stallman announced his GNU Project eight years before), it soon became the poster child of a new way of collaborative development that changed not only how technology is created, but many other aspects of the world as well. Today, most critical software platforms and architectures are open source, and virtually all proprietary software is riddled with free and open source software (FOSS) as well. So, what could go wrong? Well, a lot, actually, unless we pause to think about where the potholes may emerge in the future, and how we can successfully navigate our way around them. That’s what I plan to do in a series of articles to which this is the introduction.
Since May 16, 2019, standards setting organizations (SSOs) with Huawei or any of 68 named Huawei affiliates as a member have been in turmoil. That was the day the Bureau of Industry and Security (BIS) of the Department of Commerce put Huawei and those affiliates (collectively, “Huawei,” for convenience) on its “Entity List,” thereby subjecting any US person or entity that exports or otherwise discloses certain non-public technical information, software and materials to Huawei to penalties under the Export Administration Regulations (EAR). These penalties can potentially exceed $1 million and include imprisonment.
Yesterday, 26 SSOs, including many of the most important standards developers in the world, came together to deliver a letter to the US Department of Commerce. That letter stresses the essential role that standards play in the modern world, and requests that the Department make “a clear statement that development of open enrollment, consensus-based standards or technical specifications as conducted by consortia” is exempt from the restrictions under the EAR that have led to the concern. The full text of that letter, and the signatories, appear at the end of this blog entry, and can also be found here.