Germany weighs law that could mean more trouble for U.S. tech heavyweights by Barb Darrow.
From the post:
Barb quotes a Wall Street Journal article which summarizes the issue as follows:
The draft law, which is still being hammered out, envisions new requirements like revealing source code or other proprietary data for companies that sell information technology to the German government or to private companies that are part of industries Berlin deems critical to the country’s security.
To which she observes:
This is in part a response to Edward Snowden’s revelations last year of U.S. intelligence agencies spying on European citizens — includign German chancellor Angela Merkel — often using U.S. technology as their conduit. But, in truth, European companies, acting out of self-interest, started pushing for national clouds built on home-grown technology long before Snowden became a household name. In September, 2011, for example, Reinhard Clemens, then CEO of Deutsche Telekom T-systems group, pushed German regulators to create a new certification to enable super-secure clouds to be built in Germany or elsewhere in Europe. France Telecom execs subsequently pushed for similar moves in their home country.
Reading between the lines, the “vendors” pushing for smallish clouds are the same vendors who hope to build those clouds.
Reading “vendors” as in customers of current cloud providers, nationalism isn’t enough of a line item in a budget to pay more for less, short of legal requirements.
Rather than fighting a rear guard action against nationalistic legislation as it comes up in every country, a time consuming and ultimately losing position, U.S. IT should take the offensive against such efforts.
For example, the major cloud providers should start preparation to open source their software products.
Before anyone has to reach for their heart pills, remember what it means to open source software.
Sure, you could download the XXX-WordProcessor source code, but who is going to compile it for you, integrate it into your existing systems, customize it for your enterprise use?
You local street corner IT shop or vendors with decades, yes, decades of IT support and who originated the software?
BTW, before you worry too much about the coins that will drop off the table, who will be hit harder by an open source policy for software vendors? Vendors with fifty (50) million lines of code projects or vendors with < one million lines of code projects? There is another upside to open sourcing commercial software, at least if commercial use is prohibited, can you say "detection of software piracy?" On a level playing field, where disclosure is the norm, seems to me that piracy becomes very difficult to sustain. Rather than an impediment for current cloud vendors, open source requirements, if managed properly, could lead to:
- Minimal impact on current enterprise vendors
- Better tracking of innovation in smaller IT shops
- Better detection of software piracy
Will the big four or five of the Cloud and open source ride down Germany, France, the EU(?), like the four horsemen of the apocalypse?
PS: I am personally interested in open source requirements because it creates one less place for U.S. intelligence agencies to hide. No, I don’t credit their protests to be acting in good faith or on behalf of the citizens of the United States. Why would you credit a known habitual liar?