News

Three highlights from Open Source Summit Europe 2023

The Open Source Summit Europe is a conference organized by the Linux Foundation with the goal of bringing together Open Source developers, technologists and community leaders to collaborate, share information, solve problems and gain knowledge. Last week, the Open Source Initiative (OSI) was present at this event, driving three key efforts:

  1. the Open Source AI discussion
  2. the launch of Opensource.net
  3. the future of ClearlyDefined.

Read More »

How The OSI Checks If New Licenses Comply With The Open Source Definition

Earlier this month, we announced completion of the project to review the list of Approved Licenses. The Open Source community needs a resource to confidently and easily identify OSI-approved licenses, and now we have it. This approval registry offers a comprehensive and authoritative listing of all licenses so organizations know that the license they choose for their project allows their software to be freely used, modified, shared and monetized in compliance with the Open Source Definition. But how do we check the compliance of new licenses with the Open Source Definition? The License Review Working Group was formed to examine ways to improve the license review process, with the stated purpose of evaluating or reevaluating:

Read More »

Data Exchange Vendor Metriport Adopts Open Source

Metriport is addressing a problem similar to other IT companies in health care—a service to ingest and clean patient data for tasks such as providing care summaries during a patient transition—but is doing so in a very unusual way: through an entirely open source service. Because the choice to go open source is so central to their business model, I will discuss the importance of free and open source software in health care, then explain Metriport's service.

Read More »

Immunization Information System Interoperability… What We’ve Learned Along the Way

The IZ Gateway initiative (IZG) sponsored by the Centers for Disease Control and Prevention (CDC) is up and running. HLN has helped its Immunization Information System (IIS) clients connect to other IIS via the IZ Gateway from planning through testing and go-live. As anticipated, this electronic data exchange has resulted in an increase in record completeness for patient doses received in one jurisdiction, while living in another. Testing between our clients and other IISs, referred to as IIS-IIS pairings, has spurred productive inter-jurisdictional interoperability discussions, while also highlighting nuances in platform configuration. A few of these nuances are provided below.

Read More »

To Trust Artificial Intelligence, It Must Be Open And Transparent. Period.

Machine learning has been around for a long time. But in late 2022, recent advancements in deep learning and large language models started to change the game and come into the public eye. And people started thinking, “We love Open Source software, so, let’s have Open Source AI, too.” But what is Open Source AI? And the answer is: we don’t know yet. Machine learning models are not software. Software is written by humans, like me. Machine learning models are trained; they learn on their own automatically, based on the input data provided by humans. When programmers want to fix a computer program, they know what they need: the source code. But if you want to fix a model, you need a lot more: software to train it, data to train it, a plan for training it, and so forth. It is much more complex. And reproducing it exactly ranges from difficult to nearly impossible.

Read More »

Understanding the Cyber Resilience Act: What Everyone involved in Open Source Development Should Know

The European Union is making big changes to cybersecurity requirements with its proposed Cyber Resilience Act (CRA). You may have heard about the CRA’s potential impact on the open source ecosystem. But what does the Cyber Resilience Act mean for you? This post is an introduction to the Act and explains how it may affect the open source maintainers and developer community. Note that this post is based on a draft of the CRA from September 15, 2022. The Act is still in a draft stage and getting feedback, and its provisions may differ before it is passed into law. The Cyber Resilience Act was introduced by the European Parliament in September 2022. Its purpose is to establish cybersecurity requirements for devices and software marketed in the EU. Everybody who places digital products in the EU market will be responsible for additional obligations around reporting and compliance, such as fixing discovered vulnerabilities, providing software updates, and auditing and certifying the products.

Read More »

Diverse Open Source Uses Highlight Need For Precision In Cyber Resilience Act

As the European Cyber Resilience Act (CRA) is entering into the final legislative phase, it still has some needs arising from framing by the Commission or Parliament that result in breakage no matter how issues within its scope are “fixed”. Here’s a short list to help the co-legislators understand the engagement from the Open Source community...OSI and the experts with whom they engage are not trying to get all of Open Source out of scope as maximalist lobbyists do for other aspects of technology. An exclusion from the regulation for Open Source software per se would open a significant loophole for openwashing. But the development of Open Source software in the open needs to be excluded from scope just as the development of software in private is. Our goal in engaging is just to prevent unintentional breakage while largely embracing the new regulation.

Read More »

Driving The Global Conversation About “Open Source Artificial Intelligence”

The Open Source Initiative (OSI) continues the work of exploring complexities surrounding the development and use of artificial intelligence in Deep Dive: AI – Defining Open Source AI, with the goal of collaboratively establishing a clear and defensible definition of “Open Source AI.” OSI is bringing together global experts to establish a shared set of principles that can recreate a permissionless, pragmatic and simplified collaboration for AI practitioners, similar to what the Open Source Definition has done.

Read More »

Low-cost Aplication Platforms (LCAP): What They Should Mean to Public Health

Agency budgets continue to run tight, while the demands for data modernization continue to escalate. We are also seeing weakening markets – not strengthening markets – for core public health software systems like Immunization Information Systems (IIS) and Disease Surveillance/case management systems. One of the emerging, promising approaches are Low-cost Application Platforms (LCAP). What exactly are they, where did they come from, and are they a useful strategy for developing core public health applications?

Read More »

Celebrating 25 Years of Open Source at the COSCUP Conference in Taiwan

Navigating uncharted waters often leads to intriguing discoveries. Imagine immersing yourself in a realm that commemorates a quarter-century of Open Source accomplishment. Invited by Open Source Initiative (OSI) to reflect upon the 25 years of Open Source at COSCUP, a conference in Taiwan that focuses on coders, users and promoters of Open Source, I threw myself into these waters by proposing a review of history that is not unique around the globe, taking my perspective from South America and Europe to Asia, where I had never before ventured. You can read a full transcript of my talk here and check my critical take on the topic. After all, to review is to be able to identify where we failed and to be able to proceed from there.

Read More »