Open Standards, Open Formats, and Open Source Version 5.0 January 2007 Final Draft Davide Cerri and Alfonso Fuggetta CEFRIEL - Politecnico di Milano Open Standards, Open Formats, and Open Source Open Standards, Open Formats, and Open Source Davide Cerri and Alfonso Fuggetta CEFRIEL - Politecnico di Milano January 2007 Abstract The paper proposes some comments and reflections on the notion of “openness” and on how it relates to three important topics: open standards, open formats, and open source. Often, these terms are considered equivalent and/or mutually implicated: “open source is the only way to enforce and exploit open standards”. This position is misleading, as it increases the confusion about this complex and extremely critical topic. The paper clarifies the basic terms and concepts. This is instrumental to suggest a number of actions and practices aiming at promoting and defending openness in modern ICT products and services. Keywords: open source, open standard, open format, software development process, software procurement, interoperability. 1. A Critical Problem The impressive development of Information & Communication Technology (ICT) is posing new challenges to governments, users, and industries. The pervasiveness of computers, digital devices, and networks is radically changing our society. Nowadays, every business is heavily based on computers, networks, and sophisticated information systems. Every student, professional, or individual in general has become a user of digital technologies: computers, digital cellular phones and PDAs, MP3 players, and the Internet are part of our daily routine. The ICT revolution is changing our life and the way we work, study, enjoy life. This revolution is going to have permanent and radical effects on the way society is shaped and evolves. Basically, all the modern forms of knowledge and information are managed through digital devices and information.Therefore, there are increasing concerns about the risks and challenges that can derive from an inappropriate handling of emerging issues and problems such as management of intellectual property, control of shared resources (e.g., the spectrum and the telecommunication network infrastructure), software and network standards [5]. In particular, there are three concepts that are considered extremely important in this respect: open standards, open formats, and open source. Open standards define standard interfaces (in general, requirements) of ICT systems and services. Open standards make it possible to have a variety of interchangeable and interoperable products developed by different companies. They are instrumental to increase competition and, in the end, customer satisfaction. Typical examples of open standards are ANSI C and TCP/IP, two cornerstones of modern ICT technology. Unfortunately, the definition of open standard is not “standard”. There are different interpretations of the term and, more important, there are alternative visions about the strategy that should be followed to define and update these standards. Open formats are open standards to store and transmit documents, information, and in general knowledge. Examples of open formats are HTML and XML. It may be sufficient to discuss just “standards” in general, as standard formats are just a particular form of standard. However, since formats play a very important role, it is worthwhile to consider them explicitly in the rest of the discussion. © Davide Cerri and Alfonso Fuggetta, 2007 1 Open Standards, Open Formats, and Open Source Document formats are often defined by the producers of the software packages that generate them: for instance, a major source of discussion has been the approach used in the past by Microsoft to define and evolve the formats of Office documents. In general, if a document has been produced using a specific package (and is therefore stored using a specific format), users who want to access that document are forced to buy and use the package that has generated it. In general, the notion of open format is subject to discussion and needs some detailed discussion and clarification. Open source is an approach to manage the development and distribution of software. Open source means that the user of a software program is able (free) to access the source code of the program, study it, change it, and redistribute it. This can be achieved using particular software licenses that grant the user these rights. Indeed, there are different open source licensing models. The most popular one is the General Public License (GPL), which defines the notion of copyleft as a means to guarantee the free and open diffusion of software. Open source is considered somewhat equivalent to free software. Indeed, even if most practical effects are similar, the motivations of the two movements are different. For the sake of simplicity, in the remainder of the paper the two terms will be considered equivalent. Open source is considered a winning approach for a variety of reasons: technical, economical, and ethical. This paper will concentrate on some of the issues and claims associated with open source.1 In particular, it will discuss the relationship among open source, open standards, open formats, and, in general, the protection of customers’ rights. Indeed, many consider open source as the most appropriate (or maybe the only) way to define and enforce open standards and open formats. This view is simplistic and misleading, as the remainder of the paper will try to demonstrate. For these reasons, the ultimate goal of the paper is to provide a coherent, even if preliminary, framework of concepts and proposals to promote the development of the market and to address customers’ needs and requests. The paper is organized as follows. Section 2 provides some examples of the different meanings that can be associated with the expression “open standard”. Section 3 identifies and illustrates different levels of openness in standards. Section 4 deals with the relationship between open standards and open source software, and Section 5 discusses why and how “openness” is important for the protection of customers’ rights. Finally, Section 6 proposes some concrete actions and practices aiming at promoting openness and defending customers’ rights in the ICT market. 2. What do we mean by “open”? Terms such as “open standards” and “open formats” are certainly quite popular, but their meaning is far from being unanimously shared. Let’s consider for example some of the definitions and interpretations of the term “open standard” that can be found on the Internet. Wikipedia proposes the following definition: Open standards are publicly available specifications for achieving a specific task. By allowing anyone to use the standard, they increase compatibility between various hardware and software components since anyone with the technical know-how and the necessary equipment to implement solutions can build something that works together with those of other vendors.2 A more restrictive definition of open standard is included in the European Interoperability Framework for pan-European eGovernment Services: The following are the minimal characteristics that a specification and its attendant documents must have in order to be considered an open standard: 1 The reader is invited to consider additional sources for a detailed discussion of other aspects of the problem (see ,for instance, [1] and [2]). 2 http://en.wikipedia.org/wiki/Open_standard © Davide Cerri and Alfonso Fuggetta, 2007 2 Open Standards, Open Formats, and Open Source The standard is adopted and will be maintained by a not-for-profit organization, and its ongoing development occurs on the basis of an open decision-making procedure available to all interested parties (consensus or majority decision etc.). The standard has been published and the standard specification document is available either freely or at a nominal charge. It must be permissible to all to copy, distribute and use it for no fee or at a nominal fee. The intellectual property - i.e. patents possibly present - of (parts of) the standard is made irrevocably available on a royalty-free basis. There are no constraints on the re-use of the standard.3 This definition goes well beyond the one proposed by Wikipedia, as it considers also the process according to which the standard is defined and maintained. It also requires that the standard can be implemented without having to pay any royalty fee. Bruce Perens on his web site proposes an even more articulated definition: An Open Standard is more than just a specification. The principles behind the standard, and the practice of offering and operating the standard, are what make the standard Open.4 Perens proposes a number of principles and practices. In particular, he stresses the fact that the standard should be “free”, based on a “free” reference implementation, and should be articulated in such a way to make predatory practice impossible, i.e., it must include “license terms that protect against subversion of the standard by embrace-and-extend tactics”. On the Internet, it is possible to find also additional references to the notion of standard. For instance, this is taken from the Microsoft MSDN website: In August, 2000, Microsoft, Hewlett-Packard and Intel co-sponsored the submission of specifications for the Common Language Infrastructure (CLI) and C# programming language to the international standardization organization ECMA. As a result, ECMA formed two task groups (TG3 and TG2, respectively) within TC39, its technical committee responsible for programming languages and application development. During the next year, the co-sponsor companies, in conjunction with other ECMA members and guests (including IBM, Fujitsu Software, Plum Hall, Monash University and ISE), refined these specifications into standards. In December, 2001, the ECMA General Assembly ratified the 1st edition of the C# and CLI standards as ECMA-334 and ECMA-335, respectively. A technical report on the CLI, ECMA TR84, was also ratified. In late December, 2001, ECMA submitted the standards and TR to ISO/IEC JTC 1 via the latter's Fast-Track process. In April, 2003, ISO ratified the standards as ISO/IEC 23270 (C#), ISO/IEC 23271 (CLI) and ISO/IEC 23272 (CLI TR).