Sunday, August 26, 2007

Policy challenges for “Open Standards”

India's Department of Information Technology has taken a great first step by mandating open standards. Now it must take the next step and come up with a clear definition of open standards to protect national data


During India's independence movement, Mahatma Gandhi said, “Real swaraj will come not by the acquisition of authority by a few but by the acquisition of capacity by all.” Several decades later, Gandhiji's statement rings true in the context of the Open Standards movement which seeks to protect users' freedom to access their data.

One of the unintended consequences of the digital revolution is that users have often found their data locked up in proprietary file formats. As a result, users own the data they have created, but have no control over the format in which they are created. This is akin to a situation where a builder transfers the ownership of the house but retains control over the keys to the house. Software vendors have often exploited this situation by changing file formats from one version to another and thus forcing users to keep upgrading their software. Clearly this is an untenable situation and this is why India's Department of IT (DIT) has wisely chosen to mandate the use of open standards for data storage.

DIT's move needs to be applauded because it addresses serious political and economic issues that concern India's long-term security in the world of IT. The Government is the custodian of the citizens data and it therefore has the responsibility of ensuring that this data is accessible for centuries and is not locked down in proprietary file formats that are known only to the creator of the software. As a sovereign country, we cannot allow data that belongs to the people of India to be controlled by individuals or corporations.

It is a fact that the life of the data is often much longer than the life of the software which creates it. Twenty years ago Unix ruled, today it is Windows, tomorrow it may be Linux and day after it may be a software that has not even been imagined today. If data is tied to software platforms, we will need to recreate the data every time the software changes. This is neither practical nor desirable. For example, land records last for over four hundred years. If we take the average lifespan of a software platform as twenty years, this means that the data locked in proprietary file formats will have to be ported or recreated twenty times for it to be available to future users. The only practical solution therefore is to clinically separate the data from the software that created it. This what the open standards movement seek to achieve by giving users the freedom to encode and decode their own data.

Unfortunately, DIT's mandate has also resulted in several spurious proposals that claim to be “open standards.” Just as we need to be vigilant against adulterated medicines, we need to be vigilant against proprietary standards masquerading as “open standards.” The increasing move to open standards in India and abroad has forced some of the most adamant companies to now seek the coveted status of “open standards.” For example, the maker of a popular word processor that has supported only closed formats since 1983 is now demonstrating indecent haste by seeking to “fast-track” their proposal through international standards bodies. They are seeking to undermine the very sanctity of the term “open standards” by seeking to rush through craftily worded standards and hastily drafted proposal through standards bodies. E-government institutions across the country, and DIT in particular, must avoid being deceived by such wolves in sheep's clothing.

To avoid such situations, the Open Source Initiative has published the Open Standards Requirement (OSR). By implementing standards that follow the OSR, organizations can ensure that they retain full control over their data and avoid paying extortionate royalties and license fees for accessing their own data. The Open Standards Requirements are:

1.No Intentional Secrets: The standard MUST NOT withhold any detail necessary for interoperable implementation. As flaws are inevitable, the standard MUST define a process for fixing flaws identified during implementation and interoperability testing and to incorporate said changes into a revised version or superseding version of the standard to be released under terms that do not violate the OSR.

2.Availability: The standard MUST be freely and publicly available (e.g., from a stable web site) under royalty-free terms at reasonable and non-discriminatory cost.

3.Patents: All patents essential to implementation of the standard MUST be licensed under royalty-free terms for unrestricted use, or be covered by a promise of non-assertion when practiced by open source software

4.No Agreements: There MUST NOT be any requirement for execution of a license agreement, NDA, grant, click-through, or any other form of paperwork to deploy conforming implementations of the standard.

5.No OSR-Incompatible Dependencies: Implementation of the standard MUST NOT require any other technology that fails to meet the criteria of this Requirement.

The purpose of Open Standards is to include and not exclude. As we have seen from the growth of the Internet, open standards bring tremendous benefits with them. Today the Internet has more than a billion people who use it as a platform to socialize, communicate and transact. The common, unified standards like HTML has enabled the Internet to grow rapidly. Since the specifications for HTML are freely available, anyone can create tools that create (encode) HTML and tools that read (decode) HTML. Software developers, web site designers, Internet portals, social networking sites, bloggers, photo sharing sites and many others use HTML as a global means of reaching out to others. This would have not been possible with proprietary standards because that would mean that the data is accessible only through a specific software to the exclusion of other software.

For example, in 1995, both Netscape and Microsoft came up with their own extensions to HTML. This lead to a profusion of websites proclaiming "Optimised for Netscape" or "Optimised for Internet Explorer." Both these companies came up with proprietary extensions to HTML which could be viewed only with their own browsers and this development threatened to fragment the Internet. Fortunately, pressure from the World Wide Web Consortium and users forced both companies to back down and adhere to common standards. Unfortunately, bad habits die hard and we still see organizations optimizing their systems for one particular browser instead of following open standards that can be accessible through any browser.

We have all gained enormously from unified standards for data exchange and the Internet. The best standards like ASCII, Unicode, HTML etc are ones that are created through consensus and collaboration. This promotes choice, encourages competition and brings down cost for end users as companies come up with the best implementation of the standard.

As custodian of citizens' data, the Indian Government must come up with a clear definition of open standards that protects Indian citizens and enshrines their right to encode and decode data. The Open Source Initiative's Open Standards Requirement (OSR) is a good first step for arriving at such a definition. Such a definition will ensure real swaraj by ensuring “the acquisition of capacity by all” and not the “acquisition of authority by a few.”

Venkatesh Hariharan is a member of the Open Source Foundation of India. He can be reached at venkyh [at] gmail dot com.
This work is licensed under Creative Commons Attribution License and freedom is granted to reproduce this article provided this notice is retained intact.