A few updates to report on the Open Source Developer-Government Co-op project (but nothing new to report regarding a better name for this thing).

1. Early on, I said my big concern was avoiding the legal landmines that forbid the federal government from accepting free work. Tom Bruce at Cornell’s Legal Information Institute felt my pain and connected me with some former government IT acquisition executives. They have been incredibly helpful, making light of technicalities that would have taken me months to discover on my own. The gist of what they’ve told me:

  • The federal government is loathe to accept products for free, unless they are also offered to everyone else for free.
  • Charging the government $1 for a service or product is better than giving it away; that means the buyer and seller have agreed on a price, a point that may not be disputed in the future.
  • You cannot attach for-profit maintenance/service agreements to a low-cost sale or giveaway. That’s rightly seen as non-competitive.
  • Educational institutions are great vehicles for ideas like this one. They are funded outside the government and have the public interest at heart. When working with such an organization, government buyers can be confident that the sellers do not have any plans to make a mint off of taxpayer dollars.

Finally, and most importantly:

  • Almost all federal acquisitions have to be competitive. In *most* cases, it would be illegal for an agency to go directly to an organization, non-profit or otherwise, and retain their volunteer software development services. Instead, that agency must go the usual route of requesting bids from the rest of the industry; if the volunteer organization’s bid wins, only then could they proceed.

Ah, but I said *most* cases. The exception is the infamous sole source, aka no-bid, contract. (Disclosure: I was awarded a sole source contract in 2006. It wasn’t dirty, though. Promise. In fact, any sole source contract that awards little or no money should not draw suspicion. Sole source contracts appear to be the only means for achieving the Open Source for Government goal. Is this means an honorable one? I think so, as we would be working for free. But I’m open to dissenting opinions.)

So, when is a sole source contract justifiable? There are seven circumstances, all outlined here under section (c). Of particular interest to me were 1 (“the property or services needed by the agency are available from only one responsible source”), 2b (“to establish or maintain an essential engineering, research, or development capability to be provided by an educational or other nonprofit institution”) and 7a (“the head of the agency determines that it is necessary in the public interest to use procedures other than competitive procedures in the particular procurement concerned”).

Our charge is clear: to identify government buyers who think our model can achieve things the current model cannot, who like our price (not hard), and who think our organization will benefit the public good.

Keep in mind that this applies only at the federal level; states’ policies could be identical or the complete opposite. Because of that, I am keen to identify states with looser acquisition policies, as they’d be ideal early adopters.

2. A few weeks ago, I attended the inaugural BarCampMil in DC, a sort of one-day expo for tech tools with defense and humanitarian applications. While there, I found this juicy nugget buried in the House Armed Services Committee’s report on the 2009 defense bill:

The committee is concerned by the rising costs and decreasing security associated with software development for information technology (IT) systems. These rising costs are linked to the increasing complexity of software, which has also resulted in increasing numbers of system vulnerabilities that might be exploited by malicious hackers and potential adversaries…

Open source software (OSS)…provides greater rigor in the software development process by making it available to a diverse community of programmers for review, testing, and improvement. The Linux operation system and Internet Protocol internet addressing system are examples of high quality products developed within the business sector using the OSS standard.

The committee encourages the Department to rely more broadly on OSS and establish it as a standard for intra-Department software development…The committee believes…the wide-spread implementation of an OSS standard will not only lead to more secure software, but will also foster broader competition by minimizing traditional constraints imposed by an over-reliance on proprietary software systems.

This made me beam. This is as close as we could get to a government body saying, “Open source software developers deserve sole source contracts, because they can do things the current model cannot.” Within the government, the notion persists that openly visible code is inherently more vulnerable. Having a House committee on our side will do wonders to help us dispel this myth and win those sole source contracts.

3. In case you missed it, Dave Witzel hosted an online interview with me a few weeks ago. Most of it focused on the open source project.

4. I came across an editorial in the Times on Sunday, blasting the government’s effort to fix the terrorist watch list. Railhead, as the reform project is called, has cost the government $500 million. And yet the resulting product cannot perform basic searches. (There’s more information, including a link to the House reports, here.)

Downright shameful. It’s time for a better model.