Search form

The question on whether a standard is open is interesting. Because if someone answer "yes" or "no", then the person either has not really understood the complexity of the question, or has really dived into the dungeons of problems you encounter when trying to find out what the answer is.

Still, to require "open standards" to be used in a number of places is absolutely the correct thing, but when doing that it is important to define "open".

A report by the Swedish Government (Den Osynliga Infrastrukturen - http://www.sweden.gov.se/content/1/c6/08/45/58/fd029160.pdf in Swedish with summary in English) explain this in quite a good way, but let me explain.

Traditionally, "a standard" is developed by a recognised standard organisation. That implies the formal organizations (ISO, ITU etc) that countries are members of. Nowadays, I normally call them "formal standards".

Nowadays many standards come from either industry consortia, multistakeholder organisations or specifications published by individual entities. But which ones are open?

A simple way of explaining this is to look at a number of questions I think should be asked, and if the answer to all of them is "yes", then the standard is definitely open. If the answer is "no", then the standard is definitely not open. But something that has "yes" on some, "no" on some, they maybe it is "open enough". I will explain later, but lets start look at the questions.

1. Can anyone participate in the development of the standard?
2. Can anyone access the draft specification?
3. Can anyone participate in the decision making process when the decision is made that the draft becomes a standard?
4. Can anyone veto and block a draft from becoming a standard?
5. Can anyone appeal the decision?
6. Can anyone access the standard (at all) when it is a standard?
7. Can anyone access the standard for free when it is a standard?
8. Can anyone implement the standard without cost?
9. Can anyone implement the standard without an explicit license?

I think we can stop there, but you sort of understand I hope. In short, one can divide the questions in three categories: The draft phase, The decision making phase, The Implementation phase.

Most important to me is the implementation phase. That anyone can access the specification and implement it. Without signing any agreement, and without paying any license.

Secondary importance to me is the development process. That anyone can give input to the draft, and influence the outcome. Specifically important if there is a risk the draft is dependent on a standard (or even overlapping with one) developed in a different standard organisation.

Third is the decision making process. This should be a quality assurance step. And participation there is not as important, although it is important that a specific entity (or stakeholder group) have special rights regarding veto. All stakeholder groups must have the same say. Participation in the decision making can also be indirect, via elected officials that make the decision.

Now, take the questions above, compare with the process in many SDOs, and you will see that in many cases the formal SDOs has many "no" as answers. They require explicit membership fee for participation in the development process, governments have special rights regarding voting, and the standards cost money and in many cases require licensing being paid for usage.

Modern SDOs, like IETF, is different. Anyone can participate (by signing up to a mailing list), anyone can appeal a decision made by appointed officers, and the standards are freely accessible and in most cases do not require licenses. Some people do btw believe the IETF do have a requirement that anyone can implement an IETF standards freely, but that is not the case. It is what I think better than that. During the decision making process, both the technical solution, the implementability and licensing terms is evaluated during the decision making process. So if the community find all three of those "good enough" the draft will become an RFC (as the standard is called).

That Commissioner Kroes now require Open Standards is good. Very good. But equally important is the next step, to look at what she implies with "open".

Open Source, and Open (free) software, are two different things. Equally important to discuss, but open standards is bizillion times more important. Because without open standards, we do not get competition between available implementations. Regardless whether the implementations are free or not, and whether they are open source or not.

Open Standards is the way forward for innovation and competition. There are no excuses for pushing it. Specifically today when we see more and more popular services are not based on standards (Facebook, Twitter etc). Sure, they use HTTP, HTML and in some cases have published an API, but when will we see an RFC for Facebook that make it possible for me to run my own Facebook server that give the availability for me, on my server, interacts fully with the servers run by Facebook?