Is open source really cheaper?
It has become popular over the last couple of years for state and municipal governments to mandate the use or consideration of open source software (software which allows users to view and alter the source code used to build the application) for their information technology solutions. This is true both here in the United States and abroad. This trend raises some important questions for IT professionals such as me, and for the taxpayers who will be footing the bill. What purpose is served by restricting the range of choices available to IT professionals in government? Does open source software actually fulfill the stated purpose of these mandates?
One recent example of such a proposed mandate is Oregon’s HB 2892, which was introduced in early 2003, and which would require state government agencies to specifically consider open source software for all new software acquisitions, and would also require each agency to specifically provide justification when purchasing proprietary software (no such justification is required for open source software). Another example is a memo released by Massachusetts’s Secretary of Administration and Finance in September of 2003 that seemed to suggest that open source software would be given preference over proprietary solutions in state procurement (the state has since issued a statement that backs off from that stance).
In both the Oregon and Massachusetts cases, the officials responsible cite cost as one of the primary motivators driving the mandated consideration of open source software. But in neither case do these officials offer compelling evidence that the costs associated with proprietary software are consistently greater than those of open source software. Certainly, it is usually the case that the cost of acquiring and licensing proprietary software is higher than open source software. But left out of that consideration is the cost of training, maintenance, and software updating: costs that may be higher for some open source software, and may eventually outweigh the cost of licensing in the long run.
Unfortunately, it is common for government officials advocating mandated consideration of open source to assert that using open source reduce costs. The proposed Oregon statute states that, “the acquisition and widespread deployment of open source software can significantly reduce the state’s costs of obtaining and maintaining software,” without providing any real evidence that this is consistently true (or true at all). And one need only look at the case of Munich, Germany, to discover that the rosy predictions of cost savings from using open source software don’t always come true.
The city of Munich, in May 2003, decided to migrate some 14,000 computers from Windows to open source operating systems and products. Backers of the project predicted both cost savings and improved security. While the jury’s still out on security, the cost savings have not yet materialized. In fact, according to a story in Wired News, Munich paid more than $10 million more to switch to open source than it would have cost them to upgrade their systems to newer versions of Windows (after Microsoft offered discounted license fees to try to keep their business). The city council insists that the costs will be made up in the long run, but there is little evidence that this is more than wishful thinking.
In addition to the issue of cost, officials in both Oregon and Munich cite increased security as a reason for considering or switching to open source software. HB 2892 asserts that open source “guarantees the user … [e]xhaustive inspection of the working mechanisms of the software,” which is meant as a comparison to proprietary software’s closed-source code, derisively referred to as “security through obscurity”.
Open source advocates often assert that open source software is inherently more secure because more people look at the code, so it is more likely that flaws will be discovered and fixed. There are two problems with this assertion. One is that it assumes that all eyes are equal; that the people looking at the open source code are as skilled as those employed by proprietary software companies. It also assumes that all the code does in fact get “[e]xhaustive inspection.” While this may be true for high-profile projects such as the Linux kernel (the core of the open source Linux operating system), it cannot be reliably asserted for all open source code generally.
While I work primarily with proprietary software in my day-to-day work, I admire the work done by the open source community, and I think that open source software can be useful in the right circumstances and should be considered as one of many options for government agencies. But when governments use wishful thinking and flat-out incorrect assertions to mandate that open-source software be considered before proprietary software, neither the IT industry nor taxpayers are well served. Government agencies, like consumers, should be free to choose from the full range of IT solutions offered on the open market, both proprietary and open source, without the heavy finger of government on the scale. After all, who knows better how to make information technology purchasing decisions? Technologists, or bureaucrats?
G. Andrew Duthie is an author, speaker, and application developer living in Northern Virginia.
11 Comments - add your own
Al Harti, Mazen — March 29, 2004 at 2:19 pm
One wonders how much money this Organization receives from corporations who have a horse in the race over this issue.
Paul Meyers — March 29, 2004 at 3:17 pm
Mazen, why insinuate when you should be direct? Don’t be a wuss. Say it like this: “AFF is corrupt and takes money from Microsoft to promote Microsoft’s agenda. I know this because [insert evidence here]. Therefore, any statements from this author, even if followed up by facts, should be ignored.”
G. Andrew Duthie — March 29, 2004 at 4:08 pm
In the interest of full disclosure, I will note that I have done, continue to do, and will likely in the future do work with Microsoft products, and for Microsoft, as an independent contractor. I have also used, and contributed to, open source development projects (several web sites I manage run on an open source portal software for ASP.NET) in my own work.
Given that, I’m none too impressed by those who would argue that myself or AFF have been “paid off” to write something against open source. Such arguments are particularly unconvincing given that the technology AFF uses for their own web site (PHP) is itself open source.
I’m perfectly happy to defend my statements from factual challenges, but ad hominem attacks on my motivation are not something I will respond to further.
Jerry Brito — March 29, 2004 at 7:58 pm
Andrew Duthie’s article was written by him independently. If you’d like to comment on the merits of his arguments, please do so, but don’t call into question this publication’s integrity. Brainwash exists to promote free, but fair, debate.
Sean Gleeson — March 30, 2004 at 11:19 am
Duthie, I found your article interesting. That may not sound like high praise, but since I usually find the ‘open source vs. proprietary’ debate about as riveting as the daily pork belly reports, that’s no small accomplishment.
I liked how you shot down the ‘cost’ and ’security’ justifications for HB 2892 (and any similar proposed laws). Cost and security are valid concerns when procuring software; but to build an unfounded prejudice (that open source trumps proprietary software on these factors) into the procurement policy is most unwise.
However I’m disappointed that you didn’t address the other arguments for HB 2892. It seems from a reading of the bill, that it cites three other reasons to favor open source, which you did not mention. I think those reasons could be called ‘permanence,’ ‘compatibility,’ and ‘control’ (although maybe you experts have other terms of art for them).
I wish you had mentioned these additional reasons, either to concede that they are true, or to dismiss them with examples of where they proved untrue, as you did with ‘cost’ and ’security.’ I, for one, don’t know if they’re true, though they do have a prima facie plausibility to the layman.
G. Andrew Duthie — March 30, 2004 at 12:31 pm
Sean:
Thanks for your comments. As for your concern about the points in HB 2892 that I did not address, what I can tell you is that I chose points about which I have specific expertise and/or for which there is evidence available to support my arguments.
Additionally, the points that I chose to address were common across all three of my examples (Oregon, Mass., and Munich), so those points seemed more important to address.
I would welcome comments from anyone who wishes to offer evidence either for or against these points (’permanence,’ ‘compatibility,’ and ‘control’). Personally, I don’t find those points compelling, not necessarily because they are invalid (again, I don’t have enough information to make that judgement) but because I have an inherent distrust in the judgement of bureaucrats when it comes to making decisions on technology and economic matters, rather than allowing the experts in those fields to make the decisions.
PJ Doland — April 5, 2004 at 2:47 pm
I think there is a fundamental difference between procurement for office productivity suites for civil servants and procurement for software where transparency is very important, like voting machines.
Look at the Diebold fiasco. One need only read the report by Avi Rubin to see the potential dangers of closed source in some situations. We were **lucky** Diebold screwed up and the source became available.
I’m all for mandating “consideration” of Open Source to the extent that such “consideration” will affect market prices. Look at what Microsoft *offered* Munich. It was a win/win situation.
G. Andrew Duthie — April 5, 2004 at 6:53 pm
PJ,
I’m not nearly so sanguine as you about the impact of government on market prices. What you are suggesting sounds a lot like legalized extortion. If governments can legitimately use the club of open source mandates to extract price concessions from vendors, it seems to me that has the potential to introduce significant distortions in the software market.
Just one example: suppose a large government entity extracts a price concession worth millions of dollars by threatening to mandate the use of open source alternatives. Depending on the vendor, they may not be able to simply absorb the cost of that discount. If that’s the case, who pays the difference? The answer, ultimately, is other consumers. And the consequence, ultimately, can be the failure of technologies that, in the absence of government interference, would have been successful.
So while I think it’s very much appropriate for governments to negotiate hard on price, and based on volume licensing, I think using threats of legal sanction such as mandates is inherently anti-market and very problematic.
PJ Doland — April 5, 2004 at 11:31 pm
Sounds like you’re arguing for a labor theory of value to me. Prices aren’t based on production costs–and other consumers wouldn’t necessarily have to “pay the difference.”
Let’s not throw around the e-word lightly, either. Extortion requires the threat of force, which is absent entirely from the debate.
There’s also a clear difference between mandating the use of open-source software and mandating the consideration of open-source software.
G. Andrew Duthie — April 8, 2004 at 2:32 am
PJ:
“Prices aren’t based on production costs–and other consumers wouldn’t necessarily have to ‘pay the difference.’”
Wouldn’t they, though? I think you’re conflating separate issues here. Production costs have nothing to do with my argument, which is based on revenues. When the government takes actions that artificially reduce the revenues a company is able to earn, it’s to be expected that they will attempt to make up those lost revenues elsewhere. One way they might do this is by charging other customers (the ones who aren’t able to threaten legal regulation) more for their products.
“Let’s not throw around the e-word lightly, either. Extortion requires the threat of force, which is absent entirely from the debate.”
What else should we call government regulation, other than a threat of force? It is, after all, only the government that has “the power of the gun”, as Randians would put it. Force is what ultimately stands behind the government’s regulations, the ability to expropriate property, imprison, etc., those who do not comply, so I think the word extortion, while strong, is certainly appropriate to the discussion in the context. Just because in this case the government would be negotiating by threatening a company’s revenues through regulation, rather than threatening to directly fine them or jail their officers makes it no less a threat of force.
“There’s also a clear difference between mandating the use of open-source software and mandating the consideration of open-source software.”
Certainly that’s true, and I didn’t intend to argue otherwise. But either policy can distort the market, and in fact, both are intended to do just that, in the sense that such policies deliberately replace the operation of market forces with the “judgement” of bureaucrats. We can argue about whether or not this particular distortion of the market is justifiable, but I just don’t see how one can argue that such mandates, whether for “use” or “consideration” do not distort the software market.
PJ Doland — April 12, 2004 at 5:42 pm
A business will attempt to maximize their revenue in any market they can–be it government or private. Prices for each should only be a function of what the market will bear. No shell game can reasonably compensate for diminished revenue. You don’t “make up” for lost revenues in a different market by raising prices if you could have raised them all along and increased revenue.
When the government considers alternatives to procuring something from a particular vendor, there is no real act of force or extortion involved. That’s like saying a welfare cut is extortion.