Governments and Open Source

Since the first edition of this book came out in 2005, I've worked with various U.S. government agencies, at the federal, state, and municipal levels, to help them develop and release open source software. I've also been lucky enough to observe, and in a few cases work with, some government agencies outside the U.S. These experiences have convinced me of one thing: government is different. If you work at a government agency and the material in this book so far has made you shake your head and think "Sure, but it'll never work here", you have my sympathy  — I know exactly what you mean. Governments differ from individuals and from private-sector organizations in some fundamental ways:

There are good reasons for all of these things; they've been true for decades if not centuries, and they're not going to change. So if you're a government agency and you want to start a successful open source project, certain adjustments will be necessary to compensate for the structural idiosyncracies mentioned above. Much of that advice is also applicable to non-governmental organizations, and is already present elsewhere in this chapter, so what I'll do here is simply list the sections that I think are most important for a government agency:

In addition to the above sections in this book, there are many excellent online resources for doing open source in government. I won't even try to include a complete list, as there is too much and it changes too quickly. Here are a few sites that are likely to remain good starting points for some time to come, especially for government agencies in the United States and in countries with procurement and civil service systems similar to those of the U.S.

Finally, there is one issue in particular that I have encountered over and over again in government-initiated open source projects. It is so common, and so potentially damaging to a project, that I have given it its own subsection below.

Being Open Source From Day One is Especially Important for Government Projects

In the section called “Be Open From Day One”, I explained why it's best for an open source project to be run in the open from the very beginning. That advice, particularly the section called “Waiting Just Creates an Exposure Event”, is if anything even more true for government code.

Government projects have greater potential to be harmed by a needless exposure event than private-sector projects have. Elected officials and those who work for them are understandably sensitive to negative public comments. Thus even for the most conscientious team, a worrying cloud of uncertainty will surround everything by the time you're ready to open up hitherto closed code. How can you ever know you've got it all cleaned up? You do your best, but you can never be totally sure some hawk-eyed hacker out there won't spot something embarrassing after the release. The team worries, and worry is an energy drain: it causes them to spend time chasing down ghosts, and at the same time can cause them to unconsciously avoid steps that might risk revealing real problems.

This concern doesn't only apply to government software, of course. But in the private sector, businesses sometimes have competitive reasons to stay behind the curtain until their first release, even if they intend for the project to be open source in the long run. Government projects should not have that motivation to start out closed, at least in theory, and they have even more to lose.