In a world increasingly dependent on technology, the European Union has been embracing a focus on driving innovation, ensuring cyber security and strengthening its digital sovereignty. At the heart of this strategy is a commitment to open source software which is reflected in theOpen source software Strategy 2020-2023.
In parallel, the European Union has also carried out numerous antitrust and trade practice investigations related to large technology companies. Thus, in 2018, the European Commission imposed a record fine of €4.34 billion on Google for abuse of dominance with android, in 2020 opened an investigation into Apple´s App Store practices, in 2021 Facebook was investigated for its use of the data it collected to gain an advantage over its competitors. And, in 2023 Microsoft has been accused by the EU of imposing Teams on Office users.
In this article, we will briefly explore the main points of the European Comission´s strategy to harness the power of open source software and identify some of the results and achievements that support this initiative.
The European Commission with open source software
The European Commission has recognised the value of open source software as a key handle for achieving its technological and digital goals. It has therefor focused the strategy on the following points:
Promotion of open source software in Public Administration: the Commission launched the open source repository for the EU institutions: code.europa.eu in order to, according to its IT General Director, Veronica Gaffey, “move from being an organisation that consumes software to one that builds its own solutions…”
Investment on open source projects: the European Commission has asigned funds through the H2020 programme to support and encourage open source research and developmen projects.
Improvement of the cibernetic security: the strategy includes security audits of open source project used in the EU´s technology infrastructure through the FOSSA (Free and Open Source Software Auditing) initiative. These audits have helped to identify and correct security vulnerabilities, thus strengthening cyber security in Europe.
Promoting collaboration and community developer: one of the initiatives in this regard has been the European Commission´s collaboration with GitHub to provide students and teachers with free access to GitHub Education, which has fostered training in open source software development and thus European talent.
Digital sovereignty: to reduce dependence on foreign technologies, strengthening the EU´s digital sovereignty.
Interoperability and open standards: by promoting open standards and interoperability to ensure that EU systems are compatible and share data efficiently. An example of this has been the Joinup platform which fosters the exchange of open source solutions and offers reusable software components.
In short, the European Commission, through its open source software strategy aims to promote open source to boost innovation, cyber security and interoperability in the European Union, as well as to strengthen Europe´s digital sovereignty
Results and impact
Although, it is not easy to obtain concrete figures on the impact that theEuropean Commision´s open source software strategy is having, it is possible to list in general terms some of the achievements:
Significative economic savings: the adoption of open source software in public administration has led to considerable savings in software licensing costs estimated at several million euros per year.
Strengthening of the cyber security: FOSSA security audits have identified and addresses critical vulnerabilities in open source software projects used in the EU, improving cyber security in the region.
Better interoperability: the adoption of open source software has improved interoperability between systems across the EU public administration, facilitating collaboration and data exchange between member countries.
Fostering the innovation: investment in open source software projects through the Horizon 2020 programme has stimulated innovation in key areas, such as artificial intelligence, cyber security and cloud computing.
Resistance from organisations and users
The strategies deployed for years by large technology companies – allowing the use of services for free without restrictions and based on increasingly closed ecosystems and even on the acquisition of emerging services with the possibility of competing or threatening their supremacy – continually creates users and companies dependent on their products that, due to resistance to change, try to avoid the use of other services that are more unknown to them, and that prevent other technology players with limited resources, but with great ideas, from competing on equal terms and offering interesting products.
At CARTIF, as an affiliated institution of RedIris, Spanish academic and research network that provides advanced communications services to the national scientific and university community and that also promotes the development of free software knowledge in the academic-scientific environment, we are convinced of the benefits of using open source software and therefore we try to use and support the technological tools and services that this institution offers. In addition, we also develop our own tools as a strategy to motivate, attract and maintain talent through the generation of knowledge, and we raise awareness and promote the use of open source software tools among our users over the services and platforms of large technology companies, something that is not always easy due to the resistance to change of organisations and users.
The digital transformation seems to have become the lifeline of administrative, educational and business sectors in the face of the serious health and economic situation that we are going through. The urgency of incorporating more traditional activities into the digital world has revealed the existence of numerous gaps and deficiencies that are currently being addressed through the incorporation of technological tools and means.
However, are we prepared as a society to take this step? The problem is that it is not possible to digitize these activities overnight. Digitization is an evolutionary path that not only consists of implementing technology and making use of it, but also requires a cultural change that has to be people-centered and must be worked from the base.
If we search in Google introducing the words “education” and “digitization” all the results speak of “digitization of education”, “digital transformation of education”, “digitalization in the classroom”. As soon as we navigate through any of them, we will see that, in the educational field, all efforts are focusing on providing tools.
The clearest proof of this is that in June 2020 the Government of Spain approved the Educa en Digital Program, whose objective was to promote the technological transformation of education, nothing to do with its title, because, with a budget of 260 million euros, the main purpose has been the purchase of electronic devices.
Promote the development of a high-performance digital educational ecosystem.
Perfect digital skills and abilities for digital transformation.
The first priority is not only to provide infrastructure, connectivity and digital equipment, but also to train teachers and educational staff in digital skills and confidence.
The second priority focuses on objectives such as digital literacy, computer education, knowledge and understanding of existing technologies, and effective and responsible use of digital media, all aimed at preparing and training in digital skills from early ages and to the generation of digital specialists in older ages.
There are many problems that demonstrate the need to replace the current approach, which only focuses on the provision of technological means, by one that proposes the incorporation of digitization as one of the priority objectives of the current educational model, and that the EU proposes for the next few years.
According to the EU Kids Online survey carried out between October and December 2018 on activities, mediation, opportunities and online risks of minors between the ages of 9 and 17:
More than 32% of minors see inappropriate and harmful content on the Internet.
33% have experienced some form of harassment.
26% have received sexual messages.
40% have contacted strangers online.
19% have met an Internet contact in person.
A study published in the Journal of the American Medical Association (JAMA) shows a significant statistical association in the increase from 4.6% to 11 % of cases of adolescent students with attention deficit hyperactivity disorder caused by hyperconnectivity and exposure to digital media.
These figures are undoubtedly the reflection of a deficient, inadequate or non-existent education in digitization of our children and young people who, at an early age and throughout their lives, make an increasingly intensive use of different devices, apps, social networks, etc., without receiving, in a standardized way, information and basic notions of access, good practices, recommendations and existing risks.
Without any doubt, the incorporation of a study plan on education in digitization, in the different educational stages, would help to close the existing gender gap. The change of model in vocational and university training should encourage the development in our young people of advanced digital skills to generate more specialists as a result of the commitment to studies and digital careers.
One more fact that shows the lack of preparation of our society for the world of digitalization is that, according to the Internet User Safety Office (OSI), 93% of security breaches correspond to social engineering attacks. These types of attacks are based on the principle that “the user is the weakest link”; in Wikipedia they are defined as “attacks based on tricking a user into accessing their information”. And they are so successful because no one has made us aware of the dangers that accompany the digital world or prepared us to know the measures we must take in order to detect and protect ourselves.
In short, the absence of educational plans in digitization weighs down the preparation and adaptation of our young people to a society that demands and needs that their companies and businesses include digitization as something innate and not as a tool that is introduced by “force” and , at times, as a traumatic change and a threat.
According to Nelson Mandela, “Education is the most powerful weapon you can use to change the world”; but currently we are only using technology to make that change.
The regulation and inclusion of materials, resources and content on digitization in the educational curriculum of the different school stages (infant, primary, secondary) and pre-work (Vocational Training and University) would help prepare and train the society of the future. Make no mistake, if the generations of “digital natives” do not receive an adequate education in this sense, they will inherit many of the current problems and will suffer other different ones that will arise taking advantage of the poor preparation of these new generations.
Meanwhile, today’s companies and businesses trying to modernize must use the same principle, adding awareness, education and training of their employees and managers to their technological priorities, which will undoubtedly lead to a cultural change and the review of their productive processes and business models. All this to increase the chances of success of the transformation project, which will help companies respond to an increasingly digitized society and economy.
For a month, almost since the end of the confinement, we have received daily news about the cases of regrowth, which have not stopped increasing in number and incidence.
In Spain we are told, through the media, about how important the work of trackers is to keep outbreaks at bay, and how necessary it would be to increase the number of them to improve infection detection rates. community. But the truth is that cases continue to increase, to the point that there are already European countries that have begun to take measures against travelers from Spain because the incidence of the virus in our country does not stop growing, I repeat, only a few weeks after the end of confinement.
We all already know the ability of this virus to spread rapidly. We can say that the moment a person comes into contact with the virus, community transmission can be exponential, that is, one person can infect ten others, each of those ten to ten others and so on.
In addition, if we come into contact with the virus and have to provide a list of our contacts during the last 14 days, it is hard to believe that we are able to remember all the people we have been close to, even more so when depending on many of these people we do not know about our daily activities.
Responsibility, honesty or the personal circumstances of the respondents also play a role in the reliability of the answers obtained by the trackers.
Taking all this into account, it is clear the doubtful effectiveness of the work of a tracker who, through telephone calls, tries to locate and identify all the possible contacts of a contagion case.
It is at least curious than in the technological era in which we are, in which the tools that incorporate artificial intelligence, big data, blockchain, Internet of Things are multiplying … to make our lives easier, solve daily problems and help us in the decision making, these same tools are not being used to face the greatest health crisis of the 21st century and we are turning to manual tracking as the main measure to try to control outbreaks.
Contact Traceability Apps have already proven in other countries (China, Korea or Singapore) that they are an effective technological solution and it would only be necessary to establish the standards under which they should be used.
Existing contact-tracing systems offer resources for the development of apps to help identify contacts of those infected by Covid and to allow citizens to know if they have been close to Covid patients. These applications are exchanging identifiers (anonymized numbers) with all the phones of people who remain within reach of our phone’s bluetooth for a minimum of 15 minutes, and keep them for a maximum time of 14 days. In this way, when a citizen reflects in his App that he is positive for Covid19 or is reported in an official health system, the codes collected by the infected person’s phone will be uploaded to the cloud. Each smartphone is periodically downloaded and compared to these codes and, if there is a match, the notification is automatically generated informing that it has been in contact or near an infected person and what measures to take.
The implementation and operation of these apps is so simple and the result if all of us had them installed on our phone – in Spain more than 90% of Spaniards use a smartphone – so effective that it is difficult to understand why they are doing crawls manually.
One of the reasons offered by the authorities for not using this type of app is the protection of citizens’ data. But when can this type of application threaten privacy? Very simple; when they are designed to misuse or interested use of the information that they are capable of collecting.
In this type of apps there are two conceptions, centralization and decentralization:
Decentralized apps when the information that is collected is hosted in a distributed, analyzed and compared way only on the users’ phones and the servers that intervene only do so as points of dissemination. In this case, two large technological giants that are directly competitive in the world of technology and mobility and with very different business models, Apple and Google, have agreed to offer IOS and Android app developers the necessary tools to that can create contract-tracing apps based on the decentralized model. In addition, they require the authorities to bet on their APIs, a commitment to make use of them only for the pandemic and not for other purposes as a way to provide certainty and answer questions about privacy and other hidden purposes.
Centralized apps when the information that this type of app can capture is hosted on servers controlled by a company or body and the match or match analysis is carried out on those servers.
But, haven’t we pointed out that the data collected by Bluetooth is anonymized identifiers? There is one of the problems, that the information collected is not really anonymous and that the objective of its collection is not only to notify possible contacts of a positive case of Covid.
The problem of privacy and the lack of a standard means that European countries have not been able to agree to create and use a tool, so each one is waging war on their own. In Spain, in the middle of the second wave, nothing has been heard since on May 20, Nadia Calviño, Minister of Economic Affairs and Digital Transformation announced the testing phase in the Canary Islands of an app, based on the decentralized model, that used the resources and APIs provided by Apple and Google.