Notes from the OSOR webinar on Public Procurement of Open Source Software
Public administrations have an important role to play in building sustainable and secure Open Source communities. Here are the notes we took during the webinar as we listened to the latest research and expertise on the subject.
The Open Source Observatory (OSOR) is currently collaborating with legal experts and OSS procurement practitioners to update its 2010 Guidelines for Public administrations on Procurement and Open Source Software. As part of this collaborative process, OSOR hosted a webinar on Public procurement of Open Source software on May 23rd, 2022, designed as a community event for sharing insights and good practices on OSS procurement by public administrations.
After an initial presentation by OSOR team members, Monika Sowinska (project officer), Chloé Dussutour, Vivien Devenyi and Federico Chiarelli, Johan Linåker (Researcher at Lund University) talked about on the benefits of using OSS and the challenges public administrations face in the public procurement cycle). Rasmus Frey (Head of Secretariat at OS2) then presented practical examples of how municipalities procure solutions in Denmark, and Patrice-Emmanuel Schmitz (Lawyer, ICT practitioner and legal expert) wrapped up the event with a talk on the most important clauses to consider when procuring OSS and the most common and permissive licenses selected by public administrations who wish to modify, use and redistribute Open Source software.
Through Open Source infrastructure, a transnational network of stakeholders and resources, and community-building actions like this very webinar, OSOR has been providing FOSS expertise and information for public administrations since 2007.
As summarized in the slide presentation, OSOR has multiple functions :
- Open source platform promoting OSS and helping European public administrations with its adoption
- Actively connects European public administrations with other stakeholders and provides them with useful resources
- Nurtures an active community by bringing OSOR users together through regular webinars and events
Source : webinar slides, p.6.
About the Guidelines on Public Procurement of Open Source Software
Inspired by the Dutch Government’s Programme Office 2008 guide for the acquisition of open-source software, the OSOR Guidelines’ are meant to be pragmatic, accessible and hands-on:
This practical guideline shows how open source software can be acquired by public agencies. It also describes how to procure software compliant to open standards. It is meant to be read by IT managers, policy makers and procurement officers, without including too much legal detail or analysis, which are provided in an annex.
Source: Guideline on public procurement of OpenSource Software (2010), p.7
Some additional goals for the Guidelines are to “address the challenges of the public procurement of OSS and showcase good practices of the public procurement of OSS throughout the EU.”
Source : webinar slides, p.10.
Why are the Guidelines being updated ?
In light of the growing support for public procurement of OSS throughout the EU, the Guidelines on Public Procurement of Open Source Software are currently being updated in order to keep up with the most recent developments in policies and regulations.
Many political and legal initiatives regarding public procurement of OSS have been put into place both at the EU-level and the national level.
The following EU-level policies were cited as major stepping stones for the development digital public services during the presentation:
- Directive 2014/24/EU of the European Parliament and of the Council of 26 February 2014 on public procurement
- Regulation (EU) No 1025/2012 of the European Parliament and of the Council of 25 October 2012 on European standardization
- European Commission Open Source Software Strategy 2020-2023 – Think Open
- The Ministerial Declaration on eGovernment – Tallinn Declaration (2017)
- Berlin Declaration on Digital Society and Value-based Digital Government (2020)
During the same period, many countries bolstered their political and legal frameworks to foster an OSS culture within the public sector at a national level.
In France, the 2016 Law for a Digital Republic (LOI n° 2016-1321 du 7 octobre 2016 pour une République numérique) stipulates that “source code can be considered a transferable and reusable administrative document”.
More recently the French government’s 2021 Action plan for Free Software and Digital Commons (Plan d’action logiciels libres et communs numériques) lays out the internal strategies in favor of OSS, driven by Etalab, the French government’s taskforce for Open Data. For instance, a catalogue of OSS developed in France available for reuse or procurement by public administrations, an internal registry of OSS currently being used by public institutions) to encourage mutual support between users, and an engaged network of public-sector OSS community members.
This webinar gave participants the opportunity to discover and compare ways in which OSS is being taken up by the public sector in different EU countries.
Acquisition & Development of OSS in the Public Sector : Guidelines in Sweden
Johan’s presentation outlined the acquisition and development process of OSS in the Swedish public sector.
First, he explained how the Swedish public sector is encouraged to reuse existing Open Source software, and to explore the potential of Open Source options in the preparatory phases of software acquisition.
He also addressed the important question of evaluating Open Source project health , as well as internal needs for support and additional development, both of which should be taken into account when it comes down to selecting a software solution.
 For more about OSS project health, check out the CHAOSS community and talks like “Metrics and valuation of open source projects: A crossover between Open Source and Open Science” given at CHAOSScon Europe 2020. Red Hat’s checklist for measuring the health of an open source project is also a recommended reference.
Participants were reminded of the value gain that could be expected from OSS procurement and given pointers about some key qualifications the Swedish public sector looks for when choosing their suppliers.
Johan’s presentation then dealt with the issue of OSS development within the public sector. He presented the case of Italy, where OSS development is mandated for public administrations by law, and referenced the Italian Guidelines on the acquisition and reuse of software for public administrations .
 To find out more about how these guidelines are implemented throughout Italy by a network of national Competence Centers, we recommend Leonardo Favario’s talk about Competence center on Reuse and Open Source (CCROS) given at last year’s European Open Source & Free Software Law Event (EOLE), which was entirely dedicated to exploring “Legal aspects of free software in public administrations”.
Johan’s presentation then drew from international guidelines for OSS development that lays out benefits, but also costs, risks, and other complexities. An important takeaway from this talk was the need for projects to be open from the start.
Here are some references that were cited during the presentation to support the Open Source approach to software development :
- The Standard for Public Code
- The Open Source Guides
- The OSOR Guidelines for creating sustainable open source communities
After identifying the structural differences between public, mostly top-down procurement processes, and distributed, agile OS software development, Johan argued for the implementation of an “open framework agreement” that would make purchasing systems more dynamic. Together with collaboration and coordination (as provided by OSPOs, Foundations, or NOSAD in Sweden), regular follow-up during development processes by key stakeholders, and the development of an overall procurement strategy by public administrations, Johan stressed the fundamental importance of training, culture, and resources for OSS to take hold within the EU public sector.
He concluded that regardless of whether a legal framework exists, like in Sweden, there is a need for collaboration and communities.
Questions asked after Johan’s presentation were concerned with the legal aspects of OSS product failure, how to best evaluate a project’s maturity level, data protection in OSS projects, and guidelines for software developers who are entering an OSS project that is already up and running.
You can watch the webinar’s recording on Interoperable Europe’s YouTube channel.
Danish Municipalities and OS Procurement : How we do it the OS2 way
OS2 is a voluntary network for public organs. The organisation is born on April 24th 2012 when five municipality (Ballerup, Syddjurs, Sønderbog, Ishøj, and Copenhagen) decided to make a structured network together. The aim for OS2 is to assists the public organs’ for IT-solutions, when this is not taken care of in other manners. We do it by gathering local needs and address them together.
Through Rasmus’s presentation, participants got an overview of Danish municipalities’ needs in terms of Open Source software solutions. As summarized in the presentation slides, these were listed as : coherent IT solutions, solutions built for reuse and change, data as a value-adding resource, trust and security, and multiple vendors.
Rasmus then explained how the OS2 network assists the procurement of OSS by public administrations in multiples ways : through communication to dispel any misconceptions about Open Source, clarifying choices and obligations around the use of legal documents such as OS licenses, implementing “decision trees” to determine whether or not a project is viable as Open Source, and training and advising OS professionals to provide hands-on assistance to public administrations.
Rasmus also mentioned that OS2 acts as a OS community itself by developing and maintaining a set of tools, such as OS2kravmotor, a tool designed to help municipalities assess the non-functional requirements of OSS they plan to purchase.
Emphasizing that “the quality of an Open Source product is reflected by the community behind it,” Rasmus detailed the ways in which the OS2 network ensures a governance framework that enables technical exchange and sharing of knowledge in the Danish public sector. (spoiler alert : it’s in Danish!)
OS2 helps assess whether OSS projects are eligible for public procurement by looking at criteria such as relevance, formal requirements, governance and strategic context. Read more about OS2’s OSS project maturity assessment through a layered governance model.
At the end of his presentation, Rasmus was asked whether OSS policies were based on a layered approach.
Check out Rasmus’s slides and find out more about the webinar’s key takeaways on OSOR’s website.
Finally, independent legal specialist Patrice-Emmanuel gave participants a slightly different take on public procurement of OSS, focused on licensing.
His presentation went over the legal precedence in the EU relevant to OSS procurement by public administrations:
- Directive 2014/24/EU on public procurement + art. 38 on joint procurement
- Directive 2004/17/EC on utilities
- Directive 2015/1535/EU on information in the field of technical regulations and of rules on Information Society services
- European Interoperability Framework (2017)
- Various Open Strategies (2014, 2020) and European Commission Open Source Programme Office (EC OSPO).
- Some EU Member States have specific policies and “catalogues” regarding open source software procurement (like the SILL catalogue in France).
Patrice-Emmanuel explained how OSS solutions were specifically suited to public sector ICT needs, namely thanks to a few key factors: transparency, interoperability, independence, and flexibility, leading to sustainability. In addition, contracts concluded on behalf of public authorities are subject to the principles of equal treatment, non-discrimination, transparency, and best value for money spent.
The latest recommendations on procurement, sharing and reuse were presented with special mention of the COMMISSION DECISION of 8.12.2021 on the open source licensing and reuse of Commission software.
Patrice-Emmanuel then reminded participants and gave examples of how to use the tools provided by the EU Commission to help with legal aspects of the procurement process, such as:
- Joinup Licensing Assistant (JLA), which public administrations can use to find, compare and check the compatibility of licenses.
- Joinup Licensing Compatibility Checker, which allows to merge code, obtain it under various licenses, and distribute the results to a third-party, by selecting the inbound and the outbound licenses.
He then used the case study of France to go over the pros and cons around developing custom-made software, using off-the-shelf solutions, or even free downloading in terms of strategies for sustainability, interoperability, and costs, among other factors.
Patrice-Emmanuel concluded his presentation by observing that Open Source is becoming the norm for public sector assets sharing and reuse, despite how challenging it is to get more than just “recommendations” concerning Open Source in procurement.
He also gave pointers as to what the future could hold for OSS in the European public sector :
▪ Regulating the « reality » (equal treatment and transparency in procurement, open competition, use of open standards, personal data protection, Digital Services Act)
▪ Investing on next generation open standards + legal interoperability tools (data algorithms, blockchain, New computing tech., EU common licensing/sharing tools)
▪ Use joint procurement for developing new common public sector tools (i.e. health)
Source: webinar slides, p.71.
This post is based on notes taken during the event that may paraphrase the speakers presentations. The text was edited and reviewed collectively by several members of the inno³ team, including Romane Leban-Mathieu, Maya Anderson-Gonzalez, and Vincent Bachelet. All sources are clearly cited.