OSOR is sometimes a catalyst and sometimes a conduit, but our work is always dependent on the continued efforts of the OSOR community and the many individuals and groups who are helping to maximise the benefits of open technologies for Europe. We hope we've contributed through our many activities including events, news items, case studies and country intelligence reports (the latest publications can be found below). It has been a privilege to work with so many great people throughout the year, and we look forward to doing even more in 2024. In this final newsletter of 2023, we have a few last items of news to highlight.

In France, the Prime Minister has instructed government officials to uninstall the messaging apps WhatsApp, Telegram and Signal, and to instead use Olvid. This is a very interesting situation, but it's not a straightforward story of a government increasing their use of FOSS. On one hand, moving from WhatsApp—which is completely proprietary, closed source—to Olvid is certainly a big step towards FOSS. On the other hand, the Telegram and Signal apps are FOSS. What's more, Signal's server software is also FOSS, while the server software for Olvid is closed source and relies on the cloud services of a very large, non-EU company. The Prime Minister justified choosing Olvid by saying that it is the World's most secure messaging system. Indeed, Olvid has been audited and certified by the French cybersecurity agency, ANSSI. With Olvid itself being French, digital sovereignty may also be a factor. What's interesting here is that if governments are starting to understand that source code is required for security audits and digital sovereignty, then this may be a reason for further migrations to FOSS in the coming years. 

In Germany, Bitkom has published their 2023 Open Source Monitor. The study, performed with PwC Germany, found that 59% of the surveyed public authorities are actively leveraging FOSS in their operations and 29% have implemented a strategy for their use of FOSS. The study also looked at what's holding FOSS back and identified 28% of administrations being concerned about a lack of skills and 20% being concerned about security. These blockers are interesting because of the differences in what is needed to address them. If there is a lack of skills, that will indeed take time to address, and probably funding. Dialogue between governments and universities on this might be helpful. But if the concerns are about security, it might be that the FOSS ecosystem could be doing more to document its security record and the security processes that are a unique advantage of FOSS, enabled by access to the source code of the software they use, and full authorisation to audit and modify it. 

As usage grows, there is also growth in the number of projects which exist to help manage records and compliance for software. This month we took a look at Hermine, a set of tools to help organisations keep track of the licence details and their internal licence review for the FOSS they use. The project also provides some simple categorisations of licences, and the full text of each licence for anyone who wishes to check the details. Hermine makes use of SPDX ID's for licences, which software administrators may already be familiar with. 

With that, we close the 2023 series of OSOR newsletters. 

Wishing you a pleasant holiday season, and a fruitful new year full of energy,

The OSOR Team