Technology Trends/Open by Default

From wiki
Jump to navigation Jump to search


Status Published
Initial release July 4, 2019
Latest version July 4, 2019
Official publication Open by Default.pdf
Traffic cone.png This page is a work in progress. We welcome your feedback. Please use the discussion page for suggestions and comments. When the page is approved and finalized, we will send it for translation.

Open by Default is considered more of a principle or strategic policy element for government entities, than a technology solution. Open by Default means that government information and data are presumed to be open to public scrutiny unless there is a compelling reason for them to remain unpublished. Wherever possible, governments should make accessibility to information and data the standard, without people having to specifically request them. This principle is often highlighted alongside an array of other “Open” concepts such as: Open Government, Open Source, Open Data, Open Standards, Open Science, etc.

Hide Detailed View


Business Brief

Hidden

Open by Default and Open Source do not mean the same thing; however, since both have common reasons for their use, organizations often place them together. As a result, these two distinct terms may be conflated or mistakenly used within an organization.

In Canada, Open by Default is linked closest with the Open Government Initiative. Open by Default means that Canadians can easily access government data and information in open and standardized formats while ensuring National Security is not put in jeopardy. This includes access to everything from government research, data sets, statistics, personal information, and others.

Open Source refers to any program whose source code is made available for use, modification, and/or redistribution by any user or other developers. It is also an industry umbrella term that denotes topics such as Open by Design, Open Source Software, and Open Source Services.

Global industry usually does not use the term Open by Default, instead it uses the term Open Source to indicate the same open principle. Open Source indicates the industry principle known as "the Open Source Way”, the embracing of the principles of open exchange, collaborative participation, rapid prototyping, transparency, meritocracy, and community-oriented development. Concurrently, industry uses the term Open Source primarily as a way of identifying Open Source technology.

Technology Brief

Since Open by Default is a principle and not a technology this section focusses solely on Open Source. As mentioned in the previous section, industry does not use the term Open by Default, opting for the term Open Source or Open Source technology when discussing technical features of Open Software and Hardware. Open Source is generally defined as the production and development philosophy of allowing end users and developers to not only see the source code of software, but modify it as well.

Although software is not the only product governed by Open Source, it is the most popular, lending itself well to manipulation of its code and add-ons through Open Licenses. Open Source Software is usually developed as a public collaboration and commonly made freely available. It provides a transparent platform upon which anyone with the skills to do so can add to the development and production of the software either for release as a new incarnation of the software for others to use or for strictly in-house development only.

New users frequently make the mistake of believing that Open Source software is synonymous with “free”, and so it is common for the Open Source community to distinguish between "free", meaning zero price, and "free" meaning the liberty and guarantees of use. To help distinguish the two, the term "libre" is increasingly used for the liberty meaning. In terms of Open Source Software, the code is often freely downloadable and changeable, as long as the user follows what is agreed upon in the software license agreement.

The Linux Operating System is one of the best-known examples of Open Source Software technology. The Linux Operating System’s Open Source paradigm is in direct contrast to Microsoft’s approach to development and production of its popular Windows Operating System. Unlike Linux, Windows is built on a closed source paradigm that does not allow the end user the ability to see or edit the code that makes up the Operating System. In fact, certain aspects of the end-user license for the Windows Operating System specifically forbids the end user from attempting to view or modify the code that makes up the software.

Open Source Code and Software can be collaboratively developed, revised, version controlled, shared, and distributed via collaborative web-based Open Platforms such as GitHub and GitLab. Git is the foundation of many Open Source platforms. Git is a free and Open Source distributed version control system. It is primarily used for source-code management in software development but includes almost any files, and it is designed to handle everything from small to very large projects.

GitLab utilizes Git and started as an Open Source project to help teams collaborate on software development. GitLab now provides organizations with a cloud-based single application for the entire Development and Operations (DevOps) Lifecycle. GitLab provides everything needed to manage, plan, create, verify, package, release, configure, monitor, and secure applications. GitHub is another cloud based code hosting platform for collaboration and version control. It is primarily a tool for developers to safely and quickly make changes to code. GitHub is one of the largest code hosts in the world with over 100 million projects. Private, public, or open source, repositories are equipped with tools to help host, version, and release code. Both GitHub and GitLab provide code developers with code review tools in order to make changes, but verify everything is working before the main code, application, file, or website is updated.

One issue that arises with Open Source is related to copyrights.

In the past, the ownership of the software in Open Source license agreements could never transfer to anyone who modifies the software. This usually made it impossible for a developer to take Open Source Software, modify it for their needs, and then sell it. However, today, many copyrights are embedded and copyright issues tend to be less of a challenge.

The issue today is some Open Source licenses allow free use, but any modifications/improvements must be sent back to the core license such as the GNU General Public License (GNU GPL). This makes the service built with the new code difficult for developers to sell as the competition can easily see what modifications were made.

Most of the revenue that companies make from Open Source Software comes in the form of their support for the software technology and its many additions, add-ons, and modifications that often ensue. Most Open Source Software today are freely available to download; however, some licenses still remain with the original creator of the software and does not transfer to anyone regardless of any modifications, improvements, or add-ons made to the Open Source Software. Careful choice of which Open Source license to select is key for organizations looking to leverage Open Source technology.

From a developer’s point of view, Open Source technologies provide a platform on which to build custom solutions. Rather than develop an entire proprietary Operating System like Microsoft’s Windows, developers can build and improve upon the already-existing Open Source Linux Operating System platform. In this way, more time is spent on a specific task to be solved rather than getting an entirely new Operating System to function stably and reliably.

Industry Use

Industry uses the term Open Source rather than Open by Default. The Open Source way is an attitude that promotes the free access, sharing, and distribution of technological data, information, and/or an end product, usually software or program. Open Source may also extend to the implementation and collaboration/design of other objects, reducing the amount of work since multiple contributions are added by many individuals.

Cloud computing, the practice of using a network of remote servers hosted on the Internet to store, manage, and process data, rather than using a local server or a personal computer is an increasingly important aspect of everyday life and as such, cloud computing platforms can be Open Source or Closed Source. Some cloud computing applications, like Google Apps, are proprietary (closed source). Others, like ownCloud and Nextcloud, are Open Source.

An example of Open Source in industry is Open Banking. Open Banking is a system that provides a user with a network of financial institutions’ data through the use of Application Programming Interfaces (APIs).

Open Banking regulations require banks to publish, both online and inside their branches, accurate and unbiased information that lets consumers evaluate their service quality. This is a move towards transparency, designed to motivate banks to provide the best possible customer experience.

Open Banking is meant to improve customers’ banking experience in several ways including forcing large, established banks to be more competitive with smaller and newer banks, ideally resulting in lower costs, better technology, and better customer service.

Open Banking is a major source of innovation in the banking industry. For example,

Open Banking APIs can facilitate the sometimes onerous process of switching from one bank to another. The API can also look at consumers’ transaction data to identify the best financial products and services for them at that time, such as a new savings account that would earn a higher interest rate than the current savings account, or a different credit card with a lower interest rate.

Canadian Government Use

Openness and transparency are fundamental to ensuring Canadians’ trust in their government. Citizens expect their government to be open, transparent, and accountable.

The Government of Canada (GC) is engaged in acting out Open by Default principles through the Open Government Portal, the Open by Default Pilot, and GCcode. The GC, since 2011, is a member of the Open Government Partnership (OGP) – a global multilateral initiative to foster greater transparency and accountability, improve governance, and increase civic engagement worldwide.

The Open Government Portal (open.canada.ca) officially launched in 2014 and aims to provide one-stop access to the GC’s searchable Open Data and Open Information, together with Open Dialogue, as part of the GC’s commitment to enhance transparency and accountability. The data published on the Open Government Portal is made available by GC departments, agencies, and Crown corporations. While each of these entities is responsible for managing their own data, the Treasury Board of Canada Secretariat (TBS) is responsible for the governance, including guidelines and policies, applicable to the data.

With respect to the preservation of the data made available on this site, it is generally subject to the Open Government Licence and the standard rules governing retention and disposition of GC information.

The GC also established the Open by Default Pilot, which demonstrates the proactive release of working information that supports government transparency and accountability. Documents available through the Open by Default Pilot are snapshots of works-in-progress from GC public servants. These can include field notes, research documents, reporting documents, and organizational charts from any of the four participating government departments.

These are the four GC departments currently offering documents for the pilot: Canadian Heritage, Environment and Climate Change Canada (ECCC), Natural Resources Canada, and TBS.

According to the 2014 TBS Directive on Open Government, all mandatory reporting documents (e.g. reports to Parliament, proactive disclosure reports) and all documents posted online or planned for publication via departmental web sites or print (e.g. statistical reports, educational videos, event photos, organizational charts) are to be released and Open by Default. In order to accomplish this, all departments will develop and update on an annual basis, an Open Government Implementation Plan (OGIP). Additionally, the TBS Directive on Management of Information Technology (Appendix D) supports the Directive on Open Government by directing all work and release of APIs be done in an Open by Default manner, using Open Standards, and leveraging Open Source tools and frameworks, where feasible.

Regarding Open Source, Shared Services Canada (SSC) has established and maintains a code sharing / collaboration platform named GCcode. GCcode is based on GitLab Community-Edition and is open to all GC departments.

In the beginning, GCcode was called the “SSC’s GitLab instance” and was first intended to support application development within SSC Corporate Services/Chief Information Officer. In 2015, SSC GitLab instance was renamed GCcode to reflect its GC-wide usage.

The goal of GCcode encourages collaboration and reuse of code across GC departments reducing development costs, increasing software transparency, avoiding lock-in with a specific vendor, increasing customization, attracting IT Talent, and building flexible GC digital operations.

Additionally, SSC is supporting the Canadian Digital Exchange Program (CDXP), previously known as GC Interoperability Platform (GCIP), led by TBS. The CDXP is a platform that enables Government departments to share their data with each other and the outside world in a modern, secure, and unified way, which aims to enhance interoperability for online infrastructure and enable departments to seamlessly share and consume data and information.

Implications for Government Agencies

Shared Services Canada (SSC)

Value Proposition

The primary advantages of leveraging Open Source and Open By Default is the promise of cost savings, improved flexibility, fostering collaboration and innovation, and reducing administrative burdens.

There are many Open Source products and technologies that are freely available to download and use in place of traditionally closed proprietary products. A solution, or a modifiable solution, may be freely available through a pre-existent Open Source program. In this way, an organization’s employees save time and resources by spending the vast amount of working hours on modifying certain aspects of the Open Source program to custom fit business needs.

Additionally, the support costs tend to be lower when using Open Source. Commercial vendors often ensure they will be the sole providers of support for the product they produce for an organization. Whereas Open Source can be self-supported, either by trained in-house expertise, or supported through the Open Source community.

Organizational support strategies can be much more flexible and potentially much less costly as the number of individuals and groups that can be relied upon to fix Open Source problems is larger than the support provided by a commercial owner of proprietary software. The Open Source community is a major benefit as it can fill the expertise and resource gap that federal agencies often suffer from.

Flexibility is a major strength of Open Source technology. This is due to having access to the source code. Access to source code can be an issue with proprietary software, which may prohibit the modification, customization, or reuse of the software for the same or similar purpose in other business lines. However,

Open Source is highly iterative and can change code in parallel without changing the main code of the software until the changes have been approved. Since most Open Source software is built upon Linux, this provides the ability to change code on the fly to suit and tailor to business needs and processes without having to take the system offline in order to make the changes. Open Source also offers flexibility in providing organizations with a way to avoid vendor lock-in and help organizations transition to a more interoperable ecosystem. Open Source encourages the sharing of projects through collaborative platforms, frees up and increases resources able to work on projects, and boosts innovation.

Open by Default, augmented by Open Source platforms, can help to reduce administrative burdens such as Access to Information and Privacy (ATIP) requests. Open by Default aids in transitioning more information into a state of transparency, ideally on a collaborative Open Platform designed for collaboration, rather than within a closed-off government system. This helps GC employee’s direct ATIP requests to the Open by Default platforms instead of requesting GC employees to scour information systems and emails.

Open Source can promulgate Open by Default principles and ensure GC data and information are freely open to public scrutiny on Open Source Platforms that are capable of collaboration and interaction. Additionally, Open by Default can enable greater transparency, higher levels of citizen trust, better public service delivery and more-effective policymaking by including encouraging citizen participation and by developing policy in an open environment.

Challenges

To achieve the vision of a more transparent, accountable and responsive government, an Open by Default and Open Government lens need to be increasingly applied through the use of Open Source technologies to new or renewed programs and service designs at all stages of the policy, service development and implementation. The shift to greater sharing of data and information, via Open Source technology, requires a great deal of work and a fundamental shift in the GC’s way of doing business.

The biggest problem with Open Source is under management. Although Total Cost of Acquisition (TCA) for Open Source is almost always zero, the critical issue for organizations from a low-burden acquisition is that the assets are either undermanaged or totally unmanaged once established within the organization.

There are serious long term costs, including maintenance, which organizations need to be prepared for when using Open Source. Labour costs can be higher than expected (approximately 5%-10% higher) in order to manage the required monitoring and management of Open Source Software. Since Open Source is not a closed and fully tested product, it can be prone to bugs and security patches, which would require attention.

Risk management is needed, as well as long-term coordination to handle both common and large-scale issues. Common problems are usually born by the organization, or expertise is leveraged by the Open Source community. However, big problems with Open Source can be devastatingly crippling for organizations who are unprepared. In using Open Source technology, the focus is often on the backend processing of information and not on user interfaces. Microsoft Windows has arguably one of the easiest interfaces with which to work. Often, Open Source software, such as Linux, requires the user to have specialized knowledge that cannot be configured with just a click of a mouse.

Open Source projects often do not have good documentation to walk the user through the learning and using of the technologies. Having the right employees with Open Source expertise, in order to resolve technical challenges, can be a difficult obstacle for any organization. While Open Source innovation is generally a cheaper commodity, it is usually adopted by new companies as entrenched legacy companies have difficulty in changing their processes and culture.

Due to the burden of management, there have not been mass or large successful initiatives conducted by the public sector in transitioning to full Open Source technology.

Another weakness of Open by Default initiatives is how to determine if the initiative has actually produced greater transparency and has resulted in an actual increase in trust between the GC and Canadians. Measuring the successful increase in trust and transparency is a difficult task that will need both quantitative and qualitative measurements to prove progress.

Considerations

Open Source technologies can fundamentally transform GC business by providing a range of possibilities to work with, customize, collaborate, reuse, showcase, and experiment with quality data and information. Similarly, Open by Default can fundamentally transform the relationship between the GC and Canadians by providing improved government transparency, increased citizen trust in their Government, and reduced administrative burdens, such as ATIP requests.

A major consideration for SSC is the amount of resources, funding, and expertise that will be required for the continued support of and experimentation with Open Source technologies. The continued development and hosting of services through Open Source platforms, such as GCCode and CDXP, to encourage data sharing and the participation in the creation, development, and revision of code needed for delivery of GC digital services may require continual review of SSC capabilities, including the burden of providing needed access to data in a secure environment.

Further understanding of how to leverage Open Source is a main consideration for SSC if Open Source is to be further developed and leveraged within the GC. Low levels of adoption can sometimes be attributed to a lack of understanding of the potential benefits of Open Source, accompanied by a risk-averse technical and procurement culture, compounded by significant levels of misconceptions about Open Source security and its ecosystem services.

SSC, as a service provider, may consider its leadership role in the promotion and development of guidance for Open Source Software and Open Source Standards in the GC.

In Canada, the TBS 2004 Open Source Software Position is relatively neutral by stating that Open Source Software be considered just like other types of [proprietary] software, as long as the acquisition is aligned with the principles of the 2001 Federated Architecture Program.

SSC may wish to consider how it would benefit from leading a preference for Open Source technology in the GC. Although the Open Source community doesn't serve as an official standards development organization, along with other organizations using Open Source, they often become a de facto standards creator due to momentum and enterprise demand.

With the growing expectations Canadians have for increased transparency, access to, and proactive release of federal GC data and information, this will require SSC to consider the requirements needed in order to ensure data and information resources are eligible for release, are easily discoverable and are reusable. SSC should consider the breadth of the task in order to ensure data and information is proactively released for public viewing and collaboration.

SSC could consider conducting an options analysis of the top ten costliest software products currently provided to the GC in order to assess whether credible Open Source solutions could be leveraged in place of traditionally high-cost proprietary software (i.e. open source vs. commercial software) in order to realize greater operational efficiencies and cost savings.

It should never be assumed that an organization should rely only on commercial products or on Open Source. An organization should not prefer one over the other; instead consider evaluating service and business lines to determine where Open Source could be leveraged. Wide-sweeping Open Source initiatives and change-overs are to be avoided.

Moving full-scale from traditional closed source products is not a prudent strategy for organizations who are not built in an agile or flexible way. Regional governments have been successful in using Open Source as they are smaller in size.

Evidence and effective monitoring are important to prove the impact of the Open Data agenda. This should include the use of quantitative indicators where possible. But in most cases, it will also revert to qualitative evidence, such as through impact case studies or other narratives.

References