Legal & Policy
From Policy To Practice; Open Source in The Dutch Government
<p>In 2020 the Dutch government adopted the 'open, unless' principle, promoting the use and procurement of open source software, unless impossible. But what happens after such a policy is published? This isn’t as straightforward as we’d think. Within government projects, we still regularly need to answer practical questions such as “are we allowed to build or buy this? Are we allowed or required to publish our code? What do we need security wise? What do our procurement policies say? Where do we put the code? Does code need to be archived like documents? How do we collaborate with other government tenants? And how do we support the open source communities whose code we use?” The ‘open, unless’ principle is clear on paper, but applying it turns out to be more complex.</p>
<p>In this talk, we will look at how the Dutch are putting 'open, unless' into practice inside the Ministry of the Interior (BZK), through the daily work of our Open Source Program Office (OSPO). Instead of focusing on just policy, the focus is on the operational side. Once the choice for open source is made, what challenges arise then? This will be illustrated with concrete project examples. The first is MijnBureau, a sovereign open source workspace for the government, that has been built openly from the start. The second example is the Dutch Government Codeplatform, a shared development environment, based on Forgejo. A third example is OpenKat, a collectively built open source vulnerability scanner. Together we’ll explore how 'open, unless' is applied in a consistent way (spoiler alert: it’s not). </p>
<p>These examples show what “from policy to practice” actually looks like for the public-sector. For instance, many open source projects start bottom-up. How do we ensure proper top-down alignment with national strategies, adequate funding and sponsorship? When a project is done, who is going to manage and maintain it? How do we make sure we don’t take advantage of open source communities? </p>
<p>This talk is aimed at anyone interested in public-sector open source, OSPOs, procurement and policy implementation, or in understanding why “just publish code” is rarely as easy as it sounds, and what we can do to make it easier.</p>
Additional information
| Live Stream | https://live.fosdem.org/watch/ub5230 |
|---|---|
| Type | devroom |
| Language | English |
More sessions
| 1/31/26 |
<p>DevRoom organisers welcome all to the Legal & Policy Issues DevRoom</p>
|
| 1/31/26 |
<p>Legal and licensing issues are a vital part of the Free Software ecosystem. While many Free Software developers may have a good idea of the legal and licensing requirements that turn their project into Free Software, there are many more attending FOSDEM who may lack the knowledge or have misconceptions about the legal issues in Free Software.</p> <p>This session hopes to provide an introduction and background to the legal concepts that underpin the freedoms in Free Software, and how the law ...
|
| 1/31/26 |
<p>Open protocols underpin much of Europe’s digital infrastructure, yet they remain a blind spot in European digital policy. This talk highlights why supporting open protocol governance is crucial for Europe’s digital sovereignty, interoperability, and innovation. It explores how policymakers and developers can together address this gap by recognising protocols as foundational infrastructure and shaping policies that enable resilient, interoperable, and decentralised systems.</p>
|
| 1/31/26 |
<p>Open source initiatives usually bubble up from the grassroots community, and while governments have been paying more attention recently, policy is often subject to the whims of election cycles. This means long-term continuity is never guaranteed.</p> <p>Even when policies are in place, their implementation can be hampered by two significant factors: civil servants' open-source literacy and existing legal/regulatory bottlenecks. Sure, enshrining open source into law would make it mandatory and ...
|
| 1/31/26 |
<p>In this Q&A session we will address all the questions our audience might have on the CRA in relation to Free Software. We will kick of the session with a short introduction focussing on current challenges around the implementation of the CRA with a specific focus on Open Source Stewards and Attestation programs and how and where financial support is needed in order to make the CRA work.</p>
|
| 1/31/26 |
<p>Software Freedom Conservancy (SFC) sued Vizio in October 2021 because Vizio did not provide the required source code for the GPL and LGPL works that Vizio chose to use in its TVs, preventing SFC from making privacy and security enhancing changes, among other improvements that the GPL and LGPL require that companies allow in devices they sell. SFC brought the case as a third-party beneficiary of these copyleft agreements, to demonstrate how users of copylefted software can directly enforce the ...
|
| 1/31/26 |
<p>A number of countries are introducing "online safety" laws, which generally impact providers of online services. An example of these is the UK's Online Safety Act 2023.</p> <p>It purports to have extra-territorial effect, applying to anyone, anywhere in the world, who provides a service to people in the UK, if certain criteria are met.</p> <p>While the ostensible aim of these acts is to address concerns relating to the largest social media providers, they are not always well drafted, or else ...
|
