Voices of Open Source

OSI Policy Team

Building A Scorecard

In my previous posts, I’ve drawn an analogy between open source software and organic food, hinting that in both cases the rush to create a working brand lost some of the essence of the vision. I’ve suggested that having businesses identify “open source” purely on the basis of one “input” – using an OSI-approved license – is no longer adequate, because the success of the open source approach has led so many different companies to want to exploit the name. The need is clear; so many companies want to describe themselves as “open source businesses” that debates about “open-core” and “open source business models” were dominant at Open World Forum.

To address this, I’m proposing the Open Source Initiative go beyond the Open Source Definition and the Free Software Definition to devise some sort of a Software Freedom Definition which articulates a holistic vision of software freedom against which businesses can be benchmarked. I propose also creating a self-certified score-card which companies can complete to indicate the approach they are taking to promote software freedom as part of their business model – maybe “the Open Source Audit”. I’d then expect abuses to be policed by the community at large with final arbitration from OSI.

What would be included in the two? My initial thoughts are that it should include 7-10 elements, each of which have a “yes/no” answer and each of which should be backed by a more detailed definition to make clear whether the answer is yes or no. Sample questions might include:

  • Is the license OSI-approved?
  • Is the copyright under diverse control?
  • Is the community governance open?
  • Are external interfaces and formats standards compliant?
  • Does your community operate under a patent peace arrangement?
  • Are trademarks community controlled?

and so on. Suppliers could then state “This product achieves 4 stars on the 10-point Open Source Audit” as they self-certify. In addition, procurement policies could then state they required a minimum number of stars for products and services they procure. And the only companies that could claim to be “an open source business” would have all products scoring 10/10 – probably very, very few. A focus on software freedom – the code, rather than the company – is the answer to the issue.

[By Simon Phipps, OSI Board observer. Also posted here where commenting is easier. I’ve also delivered a talk on this subject which you can watch.]