Should governments be able to force source code to be open? Arguably, yes. But the Trans-Pacific Partnership agreement prevents authorities from requiring that, as the Electronic Frontier Foundation warned recently. As a result, the TPP places severe restrictions on open source software.
The TPP, which was finalized this October, is a trade agreement between a dozen countries in the Pacific region. Among its many stipulations is an interesting one regarding open source code. As the EFF observed, an article of the TPP reads:
“No Party shall require the transfer of, or access to, source code of software owned by a person of another Party, as a condition for the import, distribution, sale or use of such software, or of products containing such software, in its territory.”
In other words, the trade agreement bars governments from requiring that software source code be shared if the entity that owns the code does not wish to share it.
This may not seem very remarkable at first glance. Most of the licenses and copyrights that protect proprietary source code already prevent it from being shared without the owner’s explicit permission. In fact, obtaining and reusing the source code of proprietary software without authorization by the code owners would be a crime in most situations.
But as the EFF notes, there are situations where it could make sense for government regulators or other authorities to require that source code be open to certain third parties, if not to the public at large. Those situations involve public health and safety.
For example, regulators might have a reasonable interest in inspecting software on devices that host personal data for flaws that could violate users’ privacy. IoT devices like home alarm systems and wearables could be safer if a third party were able to check their code for malware. Connected cars and medical devices are hard to check for safety if the only people with access to their software source code are the manufacturers.
How governments are to regulate software on devices like these, and the extent to which such code should be open source in the traditional public sense, are questions still being answered as software continues to evolve from something that powers only traditional computers to an ubiquitous presence that controls nearly every aspect of human life.
It seems clear for now, however, that explicitly preventing regulators from requiring code to be opened for inspection, as the TPP does, is probably a bad idea. It also seems like a step backward in an era when the clearly dominant trend in software is to make code more open, not less. After all, even Microsoft has learned to love open source in the past year.
Does that make the TPP one of the worst threats to open source software of 2015? It just might.