Bulgaria passed a law on the compulsory publication of source codes for state software

    Like some other Eastern European countries, Bulgaria for many years suffers from the fact that government orders for software development are “cut” between close firms owned by relatives and friends of officials. Gostenders became a formality. Bribery, nepotism, and kickbacks flourished.

    Officials and the public who were not involved in the division of the feeding trough tried their best to deal with this. The press published stories about tenders for 300,000 euros for the development of a static site and so on. Nothing helped, stories with "cuts" were repeated again and again.

    Nevertheless, the activists of the open-source movement managed to achieve their goal. Despite the strong opposition of individual officials, they have achieved the adoption of amendments to the lawaccording to which from now on, state procurement contractors are obliged to publish in open access the source codes of all programs developed for budgetary funds.

    According to the text of the Law on Electronic Governance , when preparing technical and functional tasks for conducting state tenders for the development of computer programs, administrative authorities are now obliged to include the following requirements in the technical task:

    1. Computer programs must comply with open-source principles.

    2. All copyright and related rights to the corresponding computer programs, their source code, the design of interfaces and databases that are the subject of a state order must be presented to the customer in full, without restrictions on use, modification or distribution.

    3. Development should be carried out in a repository maintained by the Agency, in accordance with clause 18 of Article 7c (public national repository and version control system - most likely, its mirror will be posted on Github).

    Amendment text (in Bulgarian)
    Ch. 58a. (Nov - DV, br. 50 dated 2016, entry into force 07/01/2016) When assigning technical and functional tasks for checking the company for development, supervising citizens or introducing them into the information system or electronic services, administer the organization in tasks
    , keep an eye on the insights: 1. in a case, someone’s subject to inclusion on the computer is developed on computer programs:

    a) computer programs are programmable and they will discourage code on the criteria for software;

    b) copyright suits and akin to the right to answer one’s computer program, the program code has been released, the interface and base design has been developed, the subject has been developed for use, the shake and the cost for the owner of the file has been covered, it will not be used;

    c) for the development of a rag, and even the use of storage and system for control on the version, support from the agency according to the terms 7c, t. 18;

    The requirements of the law do not apply to the purchase of licenses, that is, government agencies still have the right to purchase, for example, proprietary software from Microsoft and Oracle instead of LibreOffice and similar free programs. However, this is a step in the right direction.

    Opening the source of state development is a logical and correct requirement. If society pays for the work, then it has every right to its results, that is, to the source codes in the public domain.

    Amendments to the law were carried out despite the warnings of individual “specialists”. For example, the executive director of Information Services JSC (this company received the lion's share of government orders for the development of information systems), Professor Mikhail Konstantinov said on televisionthat in no case can you publish source codes. For example, opening the program code for counting votes in elections “will allow anyone to hack into the system.”

    But open-source proponents have been able to reasonably prove their position that the “security through obscurity” method is not the best way to ensure security. In recent years, many vulnerabilities have been found in government websites and information systems, and the bugs found have remained unclosed for a long time, simply because the contract with the contractor has expired. Static sites for 300,000 euros fell under the slightest load.

    The publication of the source code for all projects should reduce the number of such incidents and reduce the amount of abuse.

    The Bulgarian activist Bozhidar Bozhanov, who participated in the promotion of amendments to the law, warns that the adoption of the amendments does not mean their observance. Large contractors are likely to try to get around them and find loopholes, so as not to spread the source code. Therefore, close public scrutiny is required.

    Bozhidar Bozhanov expressed hope that other countries will also follow the example of Bulgaria in this “radical” approach to combating corruption and kickbacks in the field of state orders for IT.

    Also popular now: