Serkan HolatOpen Source as Critical Infrastructure - A White Paper by Block, Inc., with input from the Open Source Initiative đź’Ż
https://opensource.block.xyz/blog/open-source-critical-infra-whitepaper/
1/
(Fixing the thread 🤷🏻‍♀️)
"This vulnerability [in Log4j] existed in software maintained by a handful of volunteers, highlighting the dangerous asymmetry between open source’s economic importance and its resource allocation. In fact, the Harvard study found that just 5% of developers create 95% of open source’s economic value, yet most work without compensation or institutional support.
2/
This creates what economists call a “tragedy of the commons” scenario: everyone benefits from open source, but without coordinated protection, the resource faces depletion through maintainer burnout, security vulnerabilities, and project abandonment. The free-rider problem inherent to public goods means that rational economic actors will continue consuming open source value without contributing to its sustainability, necessitating policy intervention."
3/
"The policy imperative is clear: treating open source as a public good means establishing sustainable funding mechanisms, creating liability frameworks that don’t burden volunteers, supporting security audits for critical projects, and ensuring that the $8.8 trillion in annual value creation doesn’t collapse due to market failure."
4/
"Just as society doesn’t rely on voluntary contributions to maintain roads or power grids, it cannot leave the digital infrastructure underpinning a significant proportion of the economy to the goodwill of a handful of maintainers."
"Open source is a civic resource and a public good. Let's make sure it's treated like one."
5/5
Aral Balkan@coni2k Now if only we could also adopt that mindset for free software that exists to benefit people, not corporations.
@aral The paper mentions German STF as an example, which supports FOSS across the field. Do you think that’s not the case?
I think it’s quite positive that the “FOSS should be treated as a public infrastructure” argument coming from a US-based company like Block. That alone probably can shift some minds in this space.
Next steps should be:
* Scale the public funding structures (data-driven + usage-based funding), ideally at the EU-level.
* Tap into the tax system to capture the value of FOSS and channel the tax income to the fund (instead of fixed budgets).
* Allow any entity to contribute to the FOSS ecosystem and generate revenue (minimize proprietary / maximize FOSS), again across the board.
I tried to expand this position in my input for the EC’s Open Digital Ecosystems call. I’d be happy to hear your thoughts:
