This document discusses Bulgaria's Electronic Governance Act which mandates that all new custom-built government software be open source and developed in a public repository. The goals are to increase transparency, quality, and cost-effectiveness of government software projects while reducing vendor lock-in. Potential issues that could arise include a lack of enforcement, companies developing software privately instead of publicly, and certain agencies claiming the law does not apply to them. Overall it is still too early to say whether the approach will be successful, but sharing experience with other countries' open source policies provides optimism.

1. Open source - accelerating e-government:
the Bulgarian electronic governance act
Bozhidar Bozhanov
Adviser to the political cabinet of the deputy prime minister for coalition policy and
public administration and minister of interior

2. ● Senior software engineer and architect
● http://techblog.bozho.net
● Adviser to the deputy primer minister of Bulgaria about e-
government, open data & technology
● Realistic idealist
About me

3. “You can’t make the ladies behind the desks use LibreOffice and
Linux!!
Open Source for the Government??

4. You can, but that’s a different story...
It’s not about Linux...

5. ● The government is constantly procuring both specific and generic
software
● The government ignores the “rule”
o if the problem is widespread - use open source software
o if the problem is rare - use an existing commercial solution
o if the problem is unique - order a new piece of software
● The government doesn’t have the personnel to adapt and implement even
ready-to-use open source projects.
Custom software

6. ● Vendor lock-in
● Abandonware
● Low-quality software
● Bugs and security holes
o egov.bg
o (forest) logging registry (?the_wife_of_my_cousin=1)
o ...who knows what else?
● Most of that software is owned by the government
o ...and sits on CDs in basements
● Even projects using WordPress, Drupal, Joomla are de-facto closed source
● Questionable, opaque spending
Status quo

7. ● Websites of ministries/agencies/municipalities/programmes
● Registries
● General clerk software
● Specific information systems
● Accountancy software
● egov - middleware, registries, portal, e-services
Types of government software

8. ● what’s the relation between “government software” and “electronic
governance”?
● The problems of electronic governance
o Lacl of coordination
o Lack of quality
o Lack of vision
Electronic governance

9. (almost) all new projects must be open-sourced
A solution?

10. We proposed article 58a, which mandates:
• All new custom-built software to be open source
• Developed in a public repository from day 1
The electronic governance act

11. ● Reusability
● Higher quality
● Easier extension and support
o from a government “system integrator”
o from other companies
o from NGOs and even citizens
● Transparency
o What did the government spend the money on
o “but...nobody will be watching those projects!” - there are people that
will be watching them, don’t worry :)
Why?

12. ● UK- http://github.com/alphagov (330 projects)
● US - http://www.govcode.org/ (2000 projects); Federal source code policy
● Estonia - e-voting, egov, X-Road
o “All our key projects become open source, including the systems for health care, police, business portals and document
exchange” Siim Sikkut, ICT Policy Adviser
● Switzerland
● The European Commission
● European Parliament called for “the systematic replacement of proprietary
software by auditable and verifiable open-source software in all the EU
institutions, and for the introduction of a mandatory open-source-selection
criterion in all future ICT procurement procedures”
Experience around the world

13. ● Every company, implementing software ordered by the government uses a
public repo
o must use it actively (and not just synchronize an internal repo with it)
o git or mercurial
● Public documentation
● Stable master
● The licence used must be approved by FSF or OSI
o EUPL by default. Allowed: GPLv3, AGPL, Apache, MIT, etc.
Procedure

14. ● no difference for the company writing the software - even now the product
is owned by the government in most cases
● no difference for the government - 10 lines more in the technical
specification.
o and we prepared a template for that
● total cost of ownership is the same in the worst case
● new business models
Why would that work?

15. “Are you listening to yourself, the government can’t open their
systems?!”

16. ● Only the source is publicly available; not the server passwords
● A small portion of the government software is highly critical; a small
portion even have a publically-facing interface.
o The law doesn’t apply to systems regarding national security and
classified information
● WordPress is more secure than any website that any company will build.
● Open-source software is more secure
o ...except for openssl, bash and small, unpopular projects … :)
Security

17. ● not applicable to existing closed-sourced software
● good code != good software
● not every project can be monitored carefully by society
● won’t solve the problems of e-governance, coordination, corruption
● can see opposition in the face of malicious companies
No silver bullet...

18. ● Proprietary components?
o Allowed
● Entire proprietary systems or proprietary base?
o Allowed, but must prove TCO will be lower
● Does it mean the database can’t be Oracle / MS SQL Server?
o No.
● Will we switch to Linux and LibreOffice
o No – a lot of migration required – desktop software, ActiveDirectory,
trainings
o But we will switch to ODF
Typical questions

19. ● The amendments to to the electronic governance acts passed and are in
force!
● We have set up an agency to oversee the process
● We have prepared templates and answers to regular questions
● http://github.com/governmentbg
o Soon – an on-premise system, mirrored to GitHub
● EU programs explicitly require open source
So far...

20. ● Administration not knowing they should do it
o We already have tenders that do not conform with the law
o We have prepared templates and answers to regular questions
● No responsible body for enforcement
o We have set up an agency to oversee the process, not yet operational
● Companies may develop “privately” and push at the end
o http://github.com/governmentbg , soon – an on-premise system,
mirrored to GitHub
● It can be ignored
o “No open source – no funding” works (EU programs explicitly
require open source)
Potential issues

21. ● Put it in the law
● Be explicit that it applies to all projects (websites, registers, information
systems)
o “It does not apply to us” phenomenon
● Find or create a responsible body
● Also put it as a prerequisite for funding
● Talk
● Answer questions
Advice

22. ● Too early to say
● Depends on willingness to enforce
● I will share our experience within a year
Will it work?

23. Open and transparent projects should bring better
quality and lower TCO

24. (image taken from http://exequiel09.github.io/symposium-presentation/)
Questions?