FOSS in the Italian public administration: fundamental law principles
Simone Aliprandi,a Carlo Piana,b
(a) ph.d. in Information Society, lawyer at Array and founder of Copyleft-Italia.it Project; (b) lawyer at Array and General Counsel (external) Free Software Foundation Europe.
DOI: 10.5033/ifosslr.v5i1.84
Abstract
We take a first reading of the recent modification to the fundamental law that governs the digital aspects of the Public Administration in Italy. These modifications require Public Administrations to prefer internally made solutions and FOSS solutions over proprietary ones, mandate an increased degree of interoperability and strengthen the push for open data.
Keywords
Italian law; information technology; Free and Open Source Software; public administration; e-government; public sector information; reuse of software programs; open by default;
The Codice dell'amministrazione digitale (“Digital Public Administration Act”, also known with the acronym “CAD”) is the most important Italian law about e-government. It includes provisions that govern the use of information technology as a privileged communication channel between Italian citizens and all the public administration system.
The part of Art. 68 dealing with software procurement rules in the Public Administration was initially modified by Law 134/2012, approved by the Italian Parliament on August 7, 2012.
Here is an English translation of Par. 1 of Art. 68, resulting from this first reform. The first part remained unchanged and read:
Public administrations must acquire computer programs or parts thereof as a result of a comparative assessment of technical and economic aspects among the following solutions available on the market:
a) develop a solution internally
b) reuse a solution developed internally
c) obtain a free and open source license
d) obtain a proprietary license of use
e) a combination of the above
After this paragraph, that makes FOSS an overriding choice by law, the following language was initially added :
Only when the comparative assessment of technical and economic aspects demonstrates the impossibility to adopt open source solutions or any other software solution already developed (at a lower price) within the public administration system, the acquisition (by license) of proprietary software products is allowed. The assessment referred to in this paragraph shall be made according to the procedures and the criteria defined by the Agenzia per l'Italia Digitale, which, at the instance of interested parties, also provides opinions about their compliance.
On December 17, 2012 a new law (commonly known as "Italian Digital Agenda Reform") was approved by the Italian Parliament: a broad-spectrum legislative package about digital innovation for all the Italian Public Administration information systems. It adds a further amendment to Article 68 of CAD.
With this amendment, Italian Public Administrations can choose between 6 options (and not 5 as it was in the previous version): cloud computing solutions are expressly included in the type of solutions that can be evaluated in the procurement process.
What is interesting is that the rest of Article 68 is quite different and more detailed. The principles governing the comparative analysis that every Public Administration is required to perform before choosing one of these 6 options is now set out in Paragraphs 1-bis and 1-ter.
Here is a complete version of the current wording of Par. 1 of Art. 68 CAD:
1) In accordance with the principles of economy and efficiency, return on investment, reuse and technological neutrality, public administrations must procure computer programs or parts thereof as a result of a comparative assessment of technical and economic aspects between the following solutions available on the market:
a) develop a solution internally;
b) reuse a solution developed internally or by another public administration;
c) adopt a free/open source solution;
d) use a cloud computing service;
e) obtain a proprietary license of use;
f) a combination of the above.
1-bis) For this purpose, before procuring, the public administration (in accordance with the procedures set out in the Legislative Decree 12 April 2006, n. 163) makes a comparative assessment of the available solutions, based on the following criteria:
a) total cost of the program or solution (such as acquisition price, implementation, maintenance and support);
b) level of use of data formats, open interfaces and open standards which are capable of ensuring the interoperability and technical cooperation between the various information systems within the public administration;
c) the supplier's guarantees on security levels, on compliance with the rules on personal data protection, on service levels [,] taking into account the type of software obtained.
It is apparent how the criteria established to evaluate the "value for money" of the different solutions are now more detailed and encompass a larger spectrum of factors, in comparison with the former version of the law, which was more blunt and mainly referred to the "price" factor. However, the law is far from clear as to how the different factors must weigh in the evaluation, if they are all equal, if any can be completely ignored.
One thing seems very clear, the procurement of proprietary solutions (or of cloud services for that matter) is an extrema ratio, available only if previous solutions fail. The evaluation between ex ante equally viable solution shall happen only between the preferred ones, otherwise the entire paragraph would lack any conceivable purpose and its words would be read against their very meaning. The only latitude that the Agency can arguably take is to define when "impossible" is impossible, in other words, to establish when no viable solutions exist and therefore the proprietary solution is by far the obvious winner.
Paragraph 2 of Art. 68 has not been touched by the two recent reforms presented above (its last modification dates back to 2010). However, its content is relevant and also noteworthy. It establishes interoperability as a basic principle to achieve true openness in the public sector.
2) In the preparation or acquisition of computer programs, public administrations, whenever possible, must adopt solutions which are: modular; based on functional systems disclosed as stated by Article 70; able to ensure the interoperability and technical cooperation; able to allow the representation of data and documents in multiple formats, including at least one open-ended (unless there are justifiable and exceptional needs).
2 bis) The public administrations shall promptly notify the Agenzia per l'Italia digitale the adoption of any computer applications and technological and organizational practices they adopted, providing all relevant information for the full of the solutions and the obtained results, in order to favour the reuse and the wider dissemination of best practices.
Although this is clearly a provision that does not favour any licensing or business model, it is apparent that it creates an environment where FOSS licensing has a certain edge, at least in principle, because of the possibility to peruse the permissions that are embedded in it even without the cooperation of the copyright holders.
Another part of Article 68 which was involved in the second reform discussed above is Paragraph 3. This part of the Article provides a definition of two relevant aspects that contribute to define a healthy ecosystem for FOSS.
The first definition is about open formats:
an open format is a data format which is public, documented exhaustively and neutral with respect to technological tools for the use of data
The second definition relates to open data.
open data are data that:
1) are available under the terms of a license permitting their use by anyone, even for commercial purposes, in disaggregated format;
2) are accessible through the information and communication technologies, including public and private telecommunication networks, in open formats; are suitable for automatic processing by computer programs and equipped with relative metadata;
But this is not the entire story. The Italian lawmaker decided to introduce an “open by default” principle for all the public sector information. This choice, that sounds quite revolutionary for the Italian legal order, has been made operational by modification of Article 52 (entitled "Electronic access and re-use of public administrations' data"), where we now find the following paragraph:
Data and documents, which the public administrations own and publish without the express adoption of a proprietary license (as defined in Article 2, paragraph 1 of Legislative Decree 24 January 2006, n. 36), are released as open data in accordance with the definition provided in Article 68, paragraph 3.
This provision is particularly important as it paves the way to open data by the Public Administration to an unprecedented level. Although it does not actually mandate the open data principle, and by all means it does not per se mandate the publication of data in general, it requires an actual decision when desiring to restrict the use of data that are published.
This also marks an additional U-turn in the field. Before this legislation, Italian PAs were facing a constant threat from a restrictive reading of the liability rules of public officers. Said reading was that if the PA could have been in the position to obtain benefits from the release of data (even to other Pas!) for a monetary compensation and failed to do so, the public officer making this decision could be asked to restore the loss suffered by the PA. Now, with the enactment of the opposite principle, the decision is clearly authorized –nay, defaulted to– by law, and it becomes clear that the widest release open data is a goal of the Public.
To our knowledge, Italian law is the farthest-reaching law to date favouring the use of FOSS in the Public Administration and the general openness of their IT systems to create a public commons created by public money. The decision was made in a dire situation of the national economy and inspired by practical reasons (spending review) rather than idealistic ones. It seems however a new direction that can hardly be changed. Only it can be made less compelling by a slack implementation, if not outright non compliance.
Vigilance is therefore required.
About the authors
Simone Aliprandi is an Italian lawyer and independent researcher who is constantly engaged in writing, teaching and consulting in the field of copyright and ICT law. He has an additional degree in Public Administration Science and he holds a Ph.D. in Information Society at the Bicocca University of Milan. He founded and still coordinates the Copyleft-Italia.it project and has published several books devoted to openculture and copyleft. He also collaborates as a legal consultant with Array (http://www.arraylaw.eu).
Licence and Attribution
This paper was published in the International Free and Open Source Software Law Review, Volume 5, Issue 1 (MARCH 2013) It originally appeared online at http://www.ifosslr.org.
This article should be cited as follows:
Aliprandi, Simone and Piana, Carlo (2013) 'FOSS in the Italian public administration: fundamental law principles', International Free and Open Source Software Law Review, 5(1), pp 43 – 50
DOI: 10.5033/ifosslr.v5i1.84
Copyright © 2013 Simone Aliprandi, Carlo Piana.
This article is licensed under a Creative Commons UK (England and Wales) 2.0 licence, no derivative works, attribution, CC-BY-ND available at
http://creativecommons.org/licenses/by-nd/2.0/uk/
As a special exception, the author expressly permits faithful translations of the entire document into any language, provided that the resulting translation (which may include an attribution to the translator) is shared alike. This paragraph is part of the paper, and must be included when copying or translating the paper.
1The law indeed uses both naming convention: “free/libre” (libero) and “open source” (codice aperto)
2An updatetd and verified text of the CAD is available at http://www.digitpa.gov.it/amministrazione-digitale/CAD-testo-vigente. Last accessed on 2013-03-19.
3Carlo Piana is also a member of the consulting commitee appointed by the Agenzia to advise in the process of defining the evaluation criteria, called for at http://www.eupl.it/opensource/lagenzia-per-litalia-digitale-emana-una-call-per-la-formazione-di-un-tavolo-di-lavoro-volto-a-definire-i-criteri-di-valutazione-ex-art-68-cad.html.
4See Art. 69 CAD, which provides the basic principles for the so-called “reuse of software programs” (within public administrations). Here is an English translation of par. 1: “Public administrations owning computer programs made on specific demand by the public sector have a duty to give them in source code form, with the complete documentation, at no charge, to other public administrations that require them and want to adapt them to their needs, unless justified reasons.”
5The Agenzia per l'Italia digitale shall establish, with deliberation, exceptional cases, identified according to objective, transparent and verifiable, in which they are made available at higher rates to marginal costs. In any case, the Agency, in the treatment of exceptional cases identified, will follow the guidance provided by Directive 2003/98/EC of the European Parliament and of the Council of 17 November 2003 on the re-use of public sector information, implemented by legislative Decree 24 January 2006, n. 36.