Monday, March 04, 2013

Podcast: Mark Bohannon on government open source, open standards, and open clouds

Mark Bohannon is the VP for Global Public Policy and Government Affairs at Red Hat. He was in our Westford facility recently to give a talk and I was able to grab him for a few minutes and sit him down in front of a microphone. Mark has a lot of great insights about how government procures and uses software. In this podcast, he talks about how government attitudes toward open source have changed, the role of government in open source and open standards, and why governments are taking open approaches as they adopt cloud computing.

Listen to MP3 (0:17:39)
Listen to OGG (0:17:39)


Gordon Haff:  Hello, everyone. This is Gordon Haff, cloud evangelist with Red Hat. I'm sitting here with Mark Bohannon, who is the VP for Global Public Policy and Government Affairs at Red Hat. Welcome, Mark.
Mark Bohannon:  It's great to be here, Gordon. Thank you.
Gordon:  Mark, first of all, tell us a little bit about your background.

Mark:  Sure, been at Red Hat about two and a half years. Prior to joining Red Hat, I was the General Counsel and Senior Vice President for one of the largest associations of software companies, working with not only open source but a wide variety of proprietary as well. Did that for about 10 years, and then I spent much of the 1990s working as an official at the US Department of Commerce on technology, security, intellectual property issues.

Gordon:  That's great. In this podcast, we'd like to talk about open source and government ‑‑ and not just US government. I think we sometimes maybe get focused on one country, but as you know, there are a lot of differences around the world...

Mark:  Absolutely, yes.

Gordon:  And also about how some things ‑‑ like cloud computing ‑‑ are developing in government.

Mark:  Terrific.

Gordon:  Let me start off with a big‑picture question. Historically, when I think about government, they were kind of known for everything was proprietary. A lot of it was project, one‑off‑based. And yet today it seems that, in a lot of cases, government is maybe even out in front around open source. What's changed and how has this evolution come about?

Mark:  That's a great insight, Gordon. I think that, certainly 10 years ago, government was still the heavy recipient of fear, uncertainty and doubt about what open source was. I remember the first time, in 1997, when across my desk there was a request to review an open‑source license and everyone was like, "What is this, and what are we going to do with it?" I think, by contrast today, open source has become very mainstream inside the government. I think the way to think about government, first of all, there is not one entity. As you said, we're talking about this globally. We can certainly talk about governments in general, but it's really going to vary depending on the state of IT investment that a country has in its government services. Obviously, some countries are way ahead. Some are still trying to figure out how to modernize their IT systems to deliver online services to their citizens.

It's important to talk about open source in different contexts. We can certainly start with the US, where for decades the approach was to do big, customized, large projects as the way to do IT investment for the government. But much like the private sector, which saw that as a deep sinkhole of financial and technical commitment, the government began changing its own views.

One of the ironies is, while the US government may be, abroad in its trade and intellectual‑property policies, one of the biggest supporters of proprietary software, which does create jobs in the US, the irony is I think the US government was probably one of the earliest adopters of open‑source technology. As you well know, the whole history of SELinux has to do with collaboration with US government. The US government was one of the first to say, "We're going to stop doing the big projects and start looking at things that are more modular, that can be reused, that can be customized and componentized, in order to benefit from the value that things like open‑source software and open‑source products provide in terms of that flexibility of modularity and reuse."

Gordon:  Government is obviously a big consumer of software, big user of software, but the government also plays a role over and above what, say, a large company would play in terms of open source and open standards. What do you see the government's role as being there?

Mark:  I think the government plays a number of roles, and your point about the government being a big IT user is very important. Keep in mind that the US government is the largest ICT [Information and Communications Technology] market in the world. Conservatively, the estimate is they spend about $80 billion a year on ICT. That eclipses almost any other market globally, whether it is financial, transportation, or anything else. Their decision about the kinds of technology they will take up through procurement is obviously going to affect markets, the availability of products, help in the mainstreaming of it. The second thing that governments can do is make sure that there's not discrimination. We now have either de facto or de‑jure policies in over 40 countries that make sure that there is no discrimination based on the kind of license or the kind of technology that government agencies can use when they're making choices. It's really about looking at which software is the best value, the best for the need, and which can achieve long‑term objectives about modularity and reuse.

At minimum, the role of government is to make sure there's nondiscrimination, make sure there's a level playing field ‑‑ and, quite frankly, as they've done in many cases, to address the fear, uncertainty and doubt about open‑source software that comes from a lot of the large proprietary software companies.

Gordon:  How do you see things playing out around open standards? There have been a number of controversies ‑‑ which certainly are, by no means, over – with… I might call them pseudo‑open standards, perhaps, to be generous. How do you see that playing out?

Mark:  That's a great question. We need to make sure that everyone understands the difference between open source software and open standards. Open source software is a model of development of software that has a particular license that is associated with it, whereas an open standard is a very formal definition of a standard that has worked its way through an accredited standards process and which is unencumbered by patent claims or by demands for royalties or moneys to be able to use it. The most classic examples are many of the standards we use on the Internet. There may have been at one time patents associated with them, but we've made sure that there are no patents associated with those standards so that they can be freely used and adopted without having to pay royalties.

The issue of open standards has gotten complicated. There are some recent positive developments and there are recent not‑so‑positive developments.

One of the more positive developments was in the United Kingdom, which issued its open standards policy in November of last year, after a three‑year consultation process, that Red Hat and our team in the UK, working with others, were very active in promoting. It's one of the most progressive open standards policies that says the government will use, for software interoperability, standards that do not have patents associated with royalties or encumbrances so that they can be freely used by any vendor to implement into their products and grow the vendor base of potential purchases that the UK government can provide.

On the other hand, we have efforts by some software companies who want to have more FRAND‑associated standards in the standards process. We're active in trying to educate that this is not a model that is good for the software industry. It comes out of the telecom model, which is not the same as the software model. We're actively working to help educate that encumbering standards with patents that require royalties or limits on use are really not where the future of innovation in software is going, and we're very active in working on that.

Gordon:  Could you just explain FRAND briefly for our listeners?

Mark:  FRAND, for those who do not know, stands for "fair, reasonable, and nondiscriminatory." It is a technical term of art in the standards community, which says that if you do have a patent that's associated with a standard, you will license it on fair, reasonable and nondiscriminatory [terms]. There have actually been antitrust cases recently about what is FRAND. It's a murky area, because there is no recognized, consistent definition of what is FRAND. When Red Hat looks at these issues, we think that standards, to fulfill their role in the software industry, need to be unencumbered by patents. We're pleased to see that groups like W3C have a no‑patent policy for their standards, and in fact, we're pleased to see that, on the whole, most standards in the software industry don't have patents associated with them for this reason; but it's one thing we have to be vigilant with.

Open standards are important to open source because many of our customers want things to work together. They want environments to work together. Open source and open standards are often talked about in the same breath because they try to get at the same goals of interoperability, being able to reuse, without being locked into a particular technological approach which down the road may prove more expensive or less adaptable as missions and needs evolve.

Gordon:  Of course, open source also essentially gives you this reference platform for an open standard, which has been another issue, on occasion, with standards that were ostensibly open but were so complex that nobody outside the original vendor could actually build them.

Mark:  Exactly. When you look at it from our customer base, what do our customers want? They want things to work together. Things work best together when, in fact, standards are freely usable as they were designed, so that many vendors can take advantage of those published standards technology to help have everything work together. It's ultimately in the customers' best interest that they are not taxed by standards that may have patents associated with them.

Gordon:  What are some of ‑‑ from your perspective ‑‑ the more important dynamics and developments going on right now? Put another way, what should our listeners be really keeping their eyes and ears open for?

Mark:  That's a great question, Gordon. I think there are a lot of things that they should be keeping their eyes and ears open for in this context, depending on where they live. If a government is still at the early stages of modernization ‑‑ that is, using IT to deliver more effective and consistent services to its citizens through the Web ‑‑ there's really a very high likelihood that that will usually be done based on open source. I was down in Chile in November, and it was great to see the Chilean government really make a commitment to its online services. They're using Red Hat Linux and JBoss to actually deliver that open platform so that services can be delivered. Really, as it was explained to me, their goal is to make sure that no citizen ever has to stand in line for a government service. When you see countries starting to talk about modernization, I think that's a key place where the opportunity for open source and the likelihood that open source is going to be used is going to be very high.

In other places I think we're seeing more interesting developments that really get past the traditional understanding of open source as operating system or middleware. I'm really excited about where things like the cloud are going and the desire by many governments, many of whom are at the more developed level of IT evolution in their systems, looking at cloud and wanting to make sure that the clouds that they are using ‑‑ which probably in the government space are going to be private or some kind of hybrid‑private ‑‑ are in fact open, because they want to avoid the vendor lock‑in that occurred with the old, custom‑built large projects. Cloud is an opportunity to really make sure they continue to have that message.

The US government "cloud first" policy, for example, which has been in effect now for about three or four years and which was really kind of the playbook for where the government wanted to go, really emphasizes openness, modularity, open source and open standards. Even the current CIO of the US has really said our policy needs to be default to open and that's how we need to evolve in terms of cloud, use of APIs, with delivery by mobile, as well as other systems that they are investigating, to make sure that they are as open and open source is a key component of agencies looking at what the solutions are.

Gordon:  That's, of course, been one of the concerns around cloud computing, to use the term broadly, is that it really [can be] this new mechanism for centralization of control, for vendor lock‑in, for creating a new proprietary stack, effectively.

Mark:  First of all, I think that governments around the world are at different stages of gaining an understanding of what the cloud is. I think it really depends on which governments we're talking about and where they are in their investigation of this. In the US, I think the perspective on cloud is probably a little more advanced. They were pretty candid about why they went to the cloud. Cloud was their way of doing two things – data center consolidation, which was taking a big part of the US ICT budget. Early on, the current administration wanted to reduce that by several billion dollars, and they've achieved part of their goal, not all of it.

The second is, as one CIO said, "I've got a problem in my agency where I have 16 different email systems. How am I going to get around those legacy barriers? Cloud is the way to do that."

Cloud achieves a lot of IT reform goals that have been the nub of many government policymakers and budget‑meisters. But they also know that unless the cloud remains an open platform available to all kinds of applications, there's a risk that it could repeat itself. I know it's very much in the forefront of the consciousness of government policymakers who are working on this. I think the challenge is putting rubber to the road when it implements the policy.

Gordon:  Predictions. I know predictions are always hard about the future, but what do you see over the next year or two? We talked in a macro sense about developments, but in the next year or two, what do you think a hot button or two is going to be in the open area, the cloud area, the regulatory area?

Mark:  That's a great question, Gordon. It's important, as we answer that question, to realize there are a lot of big issues on the minds of policymakers these days, from, in the US, how do we keep jobs and the economy growing, to what are we going to do about the fiscal cliff. It's important to understand there are a lot of big policy issues on the minds of policymakers. As many of these issues get focused on and take time and attention, I think we'll continue to see the growing desire, that when government invests in IT, much like the private sector has done, they do it in a way that is more modular, more reusable, more effective at scaling and quickly adapting to mission changes. We'll still always see, from time to time, the big, large‑scale IT projects; but I think those days are over. And I think that, as we see the growing mainstreaming of open source in government, we're starting to see it expand to areas like virtualization.

Increasingly we see, in government procurements, not only reference to proprietary virtualization products but also saying, "Make sure KVM is a key component of that." Even, interestingly, the AMQP standard, which Red Hat has been very involved in developing, we're starting to see Customs and Border Patrol in the US use AMQP as a key component of, really, some of their Big Data cloud elements as they try to manage just tons of data that they have.

I think we're going to start seeing growth in other areas besides operating systems and middleware, into other areas that we're starting to see the enterprises go, getting more niche, getting into more refined implementation environments and therefore starting to see a lot of broader use. Certainly, the area of Big Data is one where the government has, across the board, been an active player ‑‑ they just haven't known it ‑‑ for many years. It starts with the tremendous work of, based on the science, R&D, the Weather Service, NASA. They've all been Big Data players for years.

I think we're going to start seeing more engagement by the government in Big Data, and inherently that's going to be more open‑source discussion, open formats in terms of data, and I'm very excited to see the government moving into that area.

Gordon:  The interesting thing about Big Data is, as you know, in many cases, open source came onto the scene as a cheaper alternative to proprietary software and then subsequently increased in functionality and surpassed proprietary software in many ways.

Mark:  Absolutely.

Gordon:  But around the Big Data space, it's really almost all open source.

Mark:  You're the expert, Gordon, on this. As I understand it ‑‑ but for open source, Big Data would not exist. I think that right now what is going on is the government's really focusing on what can be the kind of tools that enable a broad base of users to take advantage of Big Data. I expect we'll start seeing more efforts to do app contests, do the kind of things that, once again, reinforce open source, but at a different level of the IT stack, at the end‑user level. I think, inevitably, the focus on open source will continue, I think it'll become more mainstream. It doesn't mean that those who are worried about the dynamic innovation of open source won't be worried and try to create fear, uncertainty and doubt, but I think we have a very positive message and one that has a lot of positive attributes for the future.

Gordon:  Thank you, Mark. Anything else you'd like to add?

Mark:  No, this is great. It's always great to be with my colleagues here in Westford. Thank you for taking the time.

Gordon:  Thanks, Mark.

No comments: