Open source is at the heart of the Internet infrastructure, of the software used by individuals or governments, and of the innovation processes of tech companies. Faced with threats to the security and sustainability of the open source model, governments are getting a hold of the topc, which is becoming increasingly geopolitical.
Open source plays a central role in software : it is the foundation of critical software bricks, and has become a major factor for companies’ innovation processes. It is also an attractive alternative to proprietary solutions.
However, open source is a victim of its own success. It suffers of a lack of resources dedicated to the maintenance of open source components, even though vulnerabilities in open source code can have serious consequences, as illustrated by the Log4Shell vulnerability in December 2021.
Private companies have been investing ever more money and human resources in the development and maintenance of open source software, and have acquired structuring roles in the governance of the ecosystem. This support, however, is not without risk for the open source ecosystem, which is increasingly shaped by the private interests of Big Tech companies.
Meanwhile, governments are getting increasingly concerned with the cybersecurity implications of open source software, and with risks of accidental vulnerabilities, and of manipulation of codes by criminals and foreign agents.
An analysis of the United States, Chinese and European cases show that government involvement in open source is not only pragmatic; it is increasingly politicized, and serves to uphold governments’ ambitions for national security, international influence, or digital sovereignty. The study highlights the dilemmas that emerge, for public authorities, from the tensions between the desire to secure universally used, critical open source components, the desire to develop “sovereign” technologies, and the risk of encroaching on the horizontal and decentralized functioning of open source.
This publication is also available in French: Sources d’influence. Enjeux économiques et géopolitiques des logiciels open source
A conference organized by Ifri and the French Navy.
Your registration request has been successfully submitted.
Ifri is concerned about the respect of your personal data. As part of the European regulation GDPR (General Data Protection Regulation) entered into force on May 25, 2018, we collect your personal data to send you invitations to our events. By signing this form you consent to the processing of your data..
These data are saved in our file and we remind that you can request anytime the modification or the suppression of your data to the direction of development: Yann Roland / email@example.com.
Note that any programming tips and code writing requires some knowledge of computer programming. Please, be careful if you do not know what you are doing…
Post expires at 3:49pm on Wednesday March 15th, 2023