“Utmost transparency”, Free Software, and disintermediating the lobby business

Just how transparent does the European Parliament have to be?

In its own rules of procedure, the Parliament has set itself the high standard of conducting its affairs in “utmost transparency”. But what does this mean in practice?

For five years running, the Green group in the European Parliament has celebrated Document Freedom Day together with us. The focus of  yesterday’s event was a recent study titled “Ensuring utmost transparency – Free Software and Open Standards under the Rules of Procedure of the European Parliament”. I recommend that you get the PDF and read it for yourself — it’s well worth your time.

Thanks to MEP Max Andersson, his assistants, and the always wonderful Erik Josefsson, we had a great panel lined up. With Professour Douwe Korff and lawyer Carlo Piana, two of the study’s authors were present to run us through the findings. The study brought many important results.

Why Open Standards and Free Software are essential for transparency

It points out that “utmost transparency” isn’t the same as making information available on request. Requests for access to documents (or Freedom of Information requests, as they’re called elsewhere) belong to the traditional approach, where information is secret by default, and you might get an exception if you ask really nicely.

This might have been acceptable in a pre-digital era, where information largely lived on paper, and gathering, storing and publishing it was expensive and difficult. Today, much of this work can be automated. It’s no longer acceptable to reveal information only when someone happens along to ask for an item in precisely the right way. Information about making policies and laws needs to be public by default.

The study argues that Open Standards are necessary for the Parliament to achieve its goal of “utmost transparency”. The lawmaking process is only really transparent if it can be analysed and reviewed by anyone, on any software platform, without having to ask anyone for permission. This is something that only Open Standards can deliver.

The authors highlight that transparency isn’t a state; it’s an ongoing process. In order to continuosly deliver transparency through Open Standards, the Parliament needs to avoid being tied to any particular IT vendors. Instead, it should use Free Software wherever possible.

How the EP does on transparency – inside and outside views

Four panelists were there to discuss the study, and think about how its results might be put into practice.

Giancarlo Villela is the Director of DG ITEC, and thus responsible for the European Parliament’s IT systems. He pointed out that his team’s primary obligation was to keep those systems running, to make sure that the Parliament could do its work; but that they felt equally obliged to guarantee the security of the Parliament’s IT systems, and to make the Parliament’s work accessible to the public.

He highlighted that he wants the Parliament to be “avantgarde” in IT, taking leadership on transparency and openness among the European institutions. For all the things we at FSFE wish the EP’s IT systems would do better, I need to point out that the Parliament is indeed doing better on this front than the European Commission, let alone the Council, which sometimes seems to communicate its work to the public primarily through leaks. Now if the Parliament could only get its live streams of plenary sessions working for Free Software users, and make them easily accessible…

Martine Reicherts is the Director General of the EU´s Office for Official Publications in Luxembourg, and a former European Commissioner for Justice. She talked about her office’s effort to make EU legislation available and searchable in a way that’s useful for specialists. She said that it took her four years to make European law texts available free of charge. The publications office’s current challenge is to make the data searchable: “If you know a search engine that can efficiently handle 1.3 billion triple-store sets, let me know.”

Jonas Smedegaard is a Debian developer. He has worked quite a lot on the practicalities of making the EP’s systems more transparent. He created the DebianParl distribution, a version of Debian GNU/Linux aimed at people working in the Parliament, and has maintained a constructive dialogue with DG ITEC on actually getting the thing working. (“Constructive dialogue” is Brussels lingo for “an ongoing and sometimes lively argument”.) With his experience at the coalface of transparency, he had quite a few suggestions to make as to what the Parliament’s IT systems could be doing better — especially using standard protocols to handle email, rather than Microsoft’s proprietary tools.

Transparency and legitimacy

I was the final speaker on the panel. With most of the practicalities addressed, I took the opportunity to make a few broader points:

  • Transparency is essential for the legitimacy of the European institutions. If the Parliament, the Commission and the Council want fewer people to complain about their lack of legitimacy, then utmost transparency is an excellent way to go.
  • Currently, some of the best transparency tools around the EP are provided by volunteers, for example ParlTrack. This is no way for the EU’s central democratic institution to go about its business. The Parliament should do two things. It should make raw data and metadata about laws, amendments, and its members publicly available in real time. And it should provide some tools to help people make sense of the data. Many people and organisations will still choose some other way to have the data presented to them according to their needs; but the Parliament needs to provide at least a first entry point for the public.
  • Ideally, this sort of transparency will disintermediate today’s lobbying industry. A lot of people in Brussels and elsewhere spend a lot of time simply keeping track of what happens in the Parliament, in the Commission and the Council. Legions of analysts parse an endless stream of decisions, reports, white papers, speeches, and so forth. Lobby firms – and political NGOs like FSFE – base their influence not so much on superior knowledge of their subject matter, but rather on knowing what’s going on, where to look for information, and who to call in order to find out more. Greater transparency, especially through publication of real-time data on policy making, would make it possible for anyone to create tools to analyse this data. This, in turn, would hopefully make it easier for ordinary citizens to understand a given policy process, and to get involved.

Looking at it this way, Villela’s DG ITEC isn’t just running the EP’s IT systems for the Parliament’s own use. These way these systems are built and run determines how much access Europe’s citizens get to the lawmaking process, and how well they can understand it. These systems play an important role in determining the political legitimacy of the European Parliament, and by extension of the other EU institutions.

That’s a large responsibility for an IT department to carry. But there you have it.

I want to love the future. That’s why I love Free Software

In the 1990s and early 2000s, we believed that we with digital technology and the internet, we were building a utopia. And my, has the comedown been harsh, as we discovered that we had built all the tools for a surveillance state instead. We enthusiastically took to platforms like Facebook and Google and fed them with every last detail about our lives.

We did this for the search results and the cat pictures and to have a better way to coordinate pub nights with our friends. All the while, the giants of flesh and steel who we thought were weary were hauling our secrets out through the back door by the truckload. Those platforms aren’t public spaces. They’re like shopping malls, with their own mean little sets of rules. We’re only ever allowed there on their terms, and they watch everything we do.

Using a device with stock Android puts me in the same state of anxious watchfulness that I get when I walk through a crowded railway station. There are data pickpockets lurking at every turn, waiting for me to be distracted for a second, perhaps by one of the dozens of dodgy deals that are constantly shoved in front of me.

I look at Ethiopia, the world’s first off-the-shelf surveillance state, it’s our own future that I see. Given how internet policy in the western world has evolved over the past decade and a half, Halvar Flake is right in saying that most democracies are two terror strikes and one opportunist away from a dictatorship.

But it doesn’t have to be this way.

We have powerful tools that help us defend and regain the freedoms we’ve lost, and the ones we’ve given up. We can use GnuPG to securely encrypt our files and our communication. We can use Tor to browse more or less anonymously. In a perfect world we wouldn’t need these tools; but this world isn’t perfect, and so we need them. Anyone who asks you to use non-free crypto and privacy tools is either a fool or a liar. There’s just no way to put this more mildly.

We can avoid giving up data and control out of sheer laziness. If you tell me that you don’t want to pay around 10€ a month for email and hosting while fiddling with your 500€ smartphone, then I’ll say that you’ve got your priorities wrong. For a lot of the things that you can do with Google, Facebook and all the other stuff, you can find self-hosted Free Software programs that do much the same, while putting you in the driving seat. And that’s before we even mention approaches like open data, which we can combine with Free Software to put more power back in people’s hands.

This is Valentine’s Day, and we’re supposed to think of the people we love. Let’s teach them the skills that they’ll need to protect their freedom in a world that’s only ever going more digital. If you host your mail with one of the big providers, you’re exposing everyone you exchange messages with to government surveillance. If there’s someone you love, don’t force them to communicate with you through these platforms. Instead, give them the skills they need to retain their autonomy in today’s world.

In the end, we’re making the bed that we are going to lie in. Our choices today help to determine the future that we’ll live in. Not only do we have choice; we constantly exercise choice, whether by commission or by omission.

We’re always building something. We can build the tools of oppression, or we can build the tools of freedom.

We can teach. We always teach, mostly by example. Let’s make sure that we teach freedom to our children and our friends.

We’re always making choices. By choosing the technology we use, we build the world we’ll live in tomorrow, bit by bit. That’s why I choose Free Software: So that we can live in freedom tomorrow.


New horizons

By October this year, FSFE will have a new leadership team. When my current (third) term as the organisation’s president comes to an end this autumn, I will hand over the role of president, and move on to new horizons.

FSFE is in a great place right now. We’re making a bigger impact than ever before. We sharpened and refocused our mission during 2014, and developed a new strategy focused on empowering users. We are reaching more people than ever before, and have very good traction with policymakers. People value what we do: Thanks to our Fellows and donors, FSFE’s finances look better than they ever have.

FSFE’s fierce independence and focus on the long term make it a very special place to work. My current job is a wonderful vantage point from which to explore the world. But from time to time, it’s good to change one’s perspective and seek out new challenges.

Come October, Matthias Kirschner will take over as president, pending confirmation by FSFE’s General Assembly. Having worked very tightly with him for the past years, I can confidently say that he is the single best person to take FSFE forward into the future. He knows the organisation inside out, takes to policy work like a duck to water, and is very good at getting people to work together. He will make an excellent president.

Before then, in March, we’re taking on board an executive director. This will be a someone who has been with FSFE from the start: Jonas Öberg, one of FSFE’s founding members and a former vice-president. Jonas has considerable experience in managing Free Software-related projects and organisations. This includes building up the FSCons conference in its original form, acting as Creative Commons’ coordinator for Europe, his latest venture Commons Machinery and and the Elog.io project. We couldn’t have found a better person for this role.

So, what are you doing next?

Professionally, I’m going to look for a role where I can make a difference, and bring to bear the skills I’ve learned running FSFE. I’d love to continue working with digital freedoms, strategy, and policy. This could be at the helm of another NGO, or as part of a larger organisation or company. If you would like to discuss potential opportunities, I’ll be delighted to hear from you.

With regard to FSFE, I will remain part of the General Assembly, and will give my full support to Matthias and Jonas as they drive the organisation forward. Wherever my work will take me, FSFE and the Free Software community will always remain close to my heart.

Workshop on “Open Standards for ICT procurement” [updated]

Yesterday I participated in a workshop on “”Open Standards for ICT Procurement: Sharing of Best Practices”. This was organised by PWC for the European Commission’s DG CNECT, and forms part of an EC-funded project on “Guidelines for public procurement of ICT systems“.

The invitation read:

Under Digital Agenda, the European Commission commits itself through Action 23 to provide guidance on the link between ICT Standardisation and Public Procurement in order to help public authorities use standards to promote efficiency and reduce lock-in.

As a matter of fact, using ICT open standards results in:
-       Higher savings when procuring ICT

-       An increased level of competition among suppliers

-       Being compliant with EU Public Procurement directives

Not much to quibble with here, except perhaps a slightly excessive use of bold font. As the goals for the event, the invitation stated:

-       Share some good practice examples about ICT procurement;

-       Stimulate the debate around the next steps / new ideas for DAE Action 23;

-       Present a first set of insights on the state of the art of ICT public procurement using standards through Europe.
Best practice examples have been carefully selected to match the needs and wants of all potential participants.

So, how did this go? For some of the talks, I’m really not sure what to make of them. This goes especially for the presentations of EU-funded projects like Fi-Ware, on which the EC has so far spent EUR 300 million, according to the CNECT person on the panel. Most of the Fi-Ware stuff is apparently meant to be Free Software. When I asked about specific licenses, and where to find code, the speaker replied “oh, it’s all open source”. I did end up finding something called the “catalogue of generic enablers“, which has links to source code for a bunch of projects, under various licenses. Well, that’s something – but I’ll leave it to others to decide whether this is worth the money invested.

Some talks were more valuable, like the one on standard contract clauses for software development contracts, which enable public bodies to re-use and share the software they (i.e. the taxpayers) have paid for. And some were quite excellent, such the one by Linda Humphries. Linda is a Senior Technology Adviser within UK’s Government Digital Service. She talked about the UK’s Open Standards policy (which she helped to build), and the effects of that policy.

My favourite moment of the day came when I tweeted that under the new policy, more than half of the government’s IT spending is going to SMEs. [Update: Stephen Quest has kindly pointed out that this refers only to the UK Government's IT spending on cloud services. It's still an impressive figure. -- thanks!] One of Linda’s colleagues in GDS pointed me to a page that doesn’t just show more figures. It also has the raw data on government IT contracts, by month, in CSV. I wish more governments were like this.

Quite a few of the participants commented that the main target audience of the workshop – people who are actually doing public procurement in ICT – wasn’t really there.

As so often, the real value of the event was in the people who were there. The workshop provided an opportunity for the small community pushing Free Software and Open Standards in procurement to meet and share updates. I managed to introduce a few people, especially from the Commission, to outside experts they should definitely be talking to.

What else could the Commission do to drive the take-up of Free Software and Open Standards in public procurement?

At the workshop, DG DIGIT’s Pierre Damas talked about updates he’s making to the Commission’s notoriously weak “open source strategy“. He specifically mentioned that in future, EC developers (perhaps even including contractors) will be allowed to contribute to outside Free Software projects, and that the EC would adopt a “free software first” policy for internal developments. Both steps are obviously useful, though a good time to take them would have been perhaps a decade ago.

From the presentations and several private conversations, it became clear that the EC’s main problem is their reliance on proprietary document formats. Awareness of this seems to be slowly growing, though I have yet to see any concrete steps proposed to deal with the issue.

Oh well, here at FSFE, we’ll keep pushing. If you’d like to support our work on public procurement, please sign up as a Fellow, or make a one-time donation. Thanks!

Preview: what FSFE did in 2014 [update]

The year is almost over, and it’s reporting season. Here’s a sneak peek at list of things we achieved in 2014. A full report will follow shortly.

We want to keep doing these things, and more, in 2015. To continue operating at our current level in 2015, we will need €420,000. We have already secured €230,000 from our Fellows, donations, and merchandise sales. We need another €190,000 to finance our work next year. If you like what you see here, please consider joining the Fellowship or making a donation!

Public procurement [update]

We pushed hard for the European Commission to improve the way it acquires software, in order to open up opportunities for Free Software and Open Standards. Using the EU’s “freedom of information” mechanism, alongside parliamentary questions from MEP Amelia Andersdotter, we got the Commission to release documents about the way its contracts with Microsoft and other providers of non-free software are structured. We also obtained a document outlining the EC’s desktop software strategy for the coming years. This effort has opened the doors to several meetings with high-level IT decision makers in the Commission and the Parliament, and has enabled us to start a constructive conversation with them about what steps to take next. The Commission has asked us to provide input to the next version of its “open source strategy”

Free Software Pact / Ask Your Candidates

For the European elections in May 2014, we organised the Free Software Pact campaign together with the French Free Software association April. We invited candidates in those elections to sign the pact, asking them to commit to using their European Parliament mandate to promote Free Software. 33 of the pact’s signatories are currently serving as Members of the European Parliament. We will repeat this effort for other elections. Preparations are currently under way for Switzerland’s 2015 elections. With more resources available, we could put more time into following up with signatories, and using the contact we’ve built through the campaign to let them know what they should do in order to improve the situation for Free Software.

Compulsory Routers

In 2013 and 2014, we have followed developments on the issue of compulsory routers. We have published position papers, and documented the arguments and the process in both German and English. We supported other organisations with arguments and technical expertise, such as the Federation of German Consumer Organisations. Germany’s ministry of economics is currently working on a draft law to enable free router choice for consumers, and prohibit compulsory routers.

Information materials

We are currently sending out ten information packs per month on average. People can order these free of charge through our website. Both our introductory Free Software leaflet and our F-Droid leaflet are available in five languages. We recently added a flyer on “email self defense” in German and English; demand for this has been so great that we have already done three print runs of this.  Volunteers distributed this flyer at the premiere screenings of the movie “Citizenfour”.

Public relations for Free Software

We continously work to push the Free Software across Europe, in local languages wherever possible. During the past year, our monthly newsletter was translated into six languages on average.

Device sovereignty

On “trusted computing” and “SecureBoot”:  In 2014, we discussed this issue with Germany’s Federal Information Security Office, and with the ministries of economics and interior. At the EU level, we initiated conversations about alternatives such as CoreBoot. We are pushing to ensure that consumers have the possibility to install alternative operating systems on the devices they buy and own. Our goal is to use the progress we have made in Germany to create progress in other european countries, and finally put device owners in full control of their hard- and software.


We explained Free Software in talks, workshops, panel discussions, radio shows and several times on TV. In addition to the usual IT conferences and events, we expanded our reach to cover street festivals in Munich and Düsseldorf (Germany). This new outreach angle worked well, and we want to be present at many other such events this year.

Free Software Legal Issues

FSFE facilitates the world’s largest network of legal experts on Free Software, with currently more than 360 members (up from 320 last year). Participating experts come from a wide range of backgrounds, from corporate legal departments to lawyers in private practice, and engineers with legal skills. The network serves to develop and spread best practices around Free Software, and increase acceptance. Several participants have called the network’s annual meeting, the Free Software Legal & Licensing Workshop, the best event of its kind in the world.

Document Freedom Day

Working with volunteers from around the world, our Document Freedom Day campaign explained and promoted Open Standards at 51 events in 21 countries around the world.

Help keep us going!

If you’ve made it all the way down here, you probably really are interested in the work we do at FSFE. So let me just point you to the Join the Fellowship and Donate pages again.

Thank you for any support you can provide!

Free Software for the European Parliament: FSFE comments at DG ITEC forum

Today, the European Parliament organised a conference to inform MEPs about the IT services available to them. It featured a panel discussion led by Adina Valean, the new EP Vice President in charge of ICT, with a contribution from Giancarlo Villela, the director of the EP’s IT department.

After the panel discussion, I got the chance to contribute a few brief remarks. Here they are.

FSFE is a charity that works to put users in control of technology. Free Software means being able to use, study, share, and improve your software.

The EP has taken some important steps towards Free Software and interoperability: It has committed to being able to receive and send documents in the Open Document Format (ODF). The Parliament has also released some Free Software of its own.

These are very good beginnings. But there remains further work to do:

  • We need to enable interaction with citizens: You can’t force citizens to buy certain products in order to interact with you. Please make sure that the EP is fully accessible for citizens and public bodies that use Free Software. It’s currently very difficult for Free Software users to watch live streams from the Parliament.
  • As the EP continues to digitise, rely on Open Standards and Free Software. Make sure that Parliament doesn’t get locked into certain vendors and service providers. Today’s star gadget is tomorrow’s landfill. Today’s best-in-class app will be an old hat tomorrow. Stay independent as you digitise. Free Software and Open Standards let you do this.
  • Here in the Parliament, the DebianParl project has built a fully free and open desktop for MEPs and staffers. It works great; but to become fully usable, DG ITEC needs to offer access to mail servers via the standard IMAP protocol. That’s a simple step to take, and it should be taken as soon as possible.

You can count on the European Parliament Free Software User Group (EPFSUG) to help you in this effort, and I’m glad to offer FSFE’s support as well.

Let’s be clear. The European Parliament is the EU’s greatest democratic institution. European citizens are right to expect the Parliament to live up to this standard. Let’s all work together to help the Parliament on this path.

Some common-sense recommendations on cloudy computing

Today, Brussels-based lobby organisation ECIS released a report on
“cloud” computing and interoperability. It highlights the importance
of open standards, open data formats, and open interfaces in a world
where more and more of our computing happens on machines owned and
operated by other people.

The report is aimed at public and private organisations that want to
rent computing resources rather than buying the necessary hardware
themselves. It covers three different scenarios – Software as a
Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a
Service (IaaS).

Pizza as a service

The main report highlights questions that buyers –
including public sector procurement people – should ask before
signing on the dotted line.

The policy recommendations that come with the report common sense, and
boil down to caveat emptor. For example, the report asks policymakers to
“[e]stablish sets of criteria that help customers analyse and evaluate
migration and exit concerns before adopting and deploying cloud
computing solutions.” This basic bit of due diligence – assessing the
future cost of getting out of the system you’re buying – is something
that FSFE has long asked public bodies to undertake.

While the recommendations are hardly revolutionary stuff, Europe’s
public sector would be much better off if it took this advice to
heart. In reality, the most common scenario is likely to be an
underinformed public sector buyer facing a highly motivated vendor
salesperson. In order to avoid falling into future lock-in traps, it
will be essential to properly train procurement staff.

The report does have a couple of shortcomings. The authors are not
named, so the content perhaps deserves additional scrutiny. More
importantly, the report makes no mention of the data protection issues
that come with moving your data, and that of your customers, through
different jurisdictions. In the accompanying press release, ECIS gloss
over this issue with a tautology:

“[T]he value of the cloud lies in its global nature, and
fragmenting the cloud will inhibit the cloud.”

I asked about this issue at the event where the report was presented,
prompting the speaker, IBM’s Mark Terranova, to take prolonged
evasive action. There currently is no good answer to this
question. Buyers and users of these services should acknowledge that
as a problem.

At the heart of all this is the question of control. When you’re a
company that signs up for a service, who has control over your data,
your software, and your processes?

Even more lock-in?

While these services offer ease and flexibility, they also come with
the potential for even greater lock-in than the traditional model.
Being able to take your data to another service provider isn’t
enough. You also need to be able to carry along the associated
metadata that actually makes your data useful – if you just receive
your data in one big pile, a lot of the value is gone. If you’ve built
applications on top of your vendor’s service offering, you’ll want to
be able to move those to a new platform, too. Ian Walden pointed out
that these aspects don’t usually receive enough attention in contract

Pearse O’Donohue, who just moved from being Neelie Kroes’ deputy head
of Cabinet to a post as Head of Unit in DG CNECT, said that in the
EC’s own procurement, transparency and vendor-neutrality would be very
important in the future. He noted that with new EC, responsibility for
the EC’s procurement has moved from DG ADMIN to DG CNECT, under
Commissioner Oettinger and Vice-President Ansip. O’Donohue
highlighted that the new Commission is committed to “practicising
what it preaches” in public procurement.

Now that would certainly be welcome.