Submitted by Glavistock on Wed, 2012-06-06 16:07

Reuse is key. Public services should be reusable and improvable. We need mandatory open source everywhere as a principle and open innovation. The foremost important thing is to preserve the liberty of the public and open source is helpful in that way. Just think of the proud Estremadura people who broke away from the software monopolists. Public services which are determined by the capabilities of software (written outside the EU) which then gets customised to local needs are a great danger to the sovereinty of the people, a danger to democracy.

We democratically make and modify our own laws, govern ourselves for the people and by the people, and we have to be able to make and modfy our own software. Software that is powering public e-services. Because as a computer scientist once said, CODE is LAW.

We, the people of Europe, the people in our community have to be in control of our e-services. We have to ensure access to the source code and availability for checking. We have to be able to inspect how the service works and propose changes to them. And in the community of Europe we want to share with each other, share our best achievements and again here only open source licensing guarantees the frictionless exchange of public e-services between different bodies, and that nothing paid by public money gets wasted.

Group audience:

Digital Public Services and Sustainability

Comments

Hi Marten,

Submitted by jamal.shahin on Fri, 2012-06-15 10:03

Hi Marten,
Not only computer scientists think that code is law :)
I understand the sentiment you address, but do you think that this would benefit most citizens?

I understand co-designing services: but completely being in control of them? I guess that we first need to address awareness of how to use online services before we can get people controlling them?

I do understand where this is

Submitted by Engberg on Mon, 2012-06-18 14:48

I do understand where this is comming from.

One main point is simple - is does not help to know the code of a process that is not designed to put you in control.

E.g. knowing the code of a surveillance camera or having access to its output does not give you control of the surveillance camera - you are still the target left defenseless without any security in an environment open to attack from anybody.

E.g. PKI can never give you control of over data - control will always transfer to the serverside system.

Whereas e.g. some negotiated and contextxually specific escrow (many differnet models possible) for the first and a blinded key for the second - perhaps even combined if you are to sign a contract - would render you with erifiable control and not having to trust some system.

Code inspection might help you trust the system works as intended, but how can we ever be certain that the system is running the inspected code?

These - CODE implementing something and the Security model implemented by some code - are orthogonal issues.