= Denmark keeps source code of Coronavirus tracing app secret =
[ Read online: https://fsfe.org/news/2020/news-20200629-01.en.html ]
Like many other European countries, Denmark also tries to track Sars-
CoV-2 infections with a mobile phone tracing app. However, against
advice by health organisations and despite positive examples by other
countries, the app is proprietary, so not being released under a Free
Software (also called Open Source) license.
Smittestop [1], the official tracing app released by the Danish
government, is supposed to supplement the more traditional ways of
combatting the Coronavirus with contact tracing. But instead of
releasing the source code of the app under a Free Software [2] license
and thereby empowering the public as well as the scientific community to
inspect, verify, improve and experiment with it, the app's source code
is kept hidden.
This goes directly against the most recent recommendations from the WHO
[3] as well as the EU Commision's eHealth network. In the referenced
paper, the WHO specifically states that:
"There should be full transparency about how the applications and
application programming interfaces (APIs) operate, and publication of
open source and open access codes. Individuals should also be provided
with meaningful information about the existence of automated decision-
making and how risk predictions are made, including how the algorithmic
model was developed and the data used to train the model. Furthermore,
there should be information about the model's utility and insights as to
the types of errors that such a model may make." Had the Danish
government published the source code under a Free Software license, such
transparency would have been provided to the public, and scientists and
IT experts would have been able to peer review and improve the app's
error margins, possibly helping interrupt more chains of infection.
On the app's homepage, the Danish government explains that the source
code is not being published because of the risk of "security breaches"
and to protect the public against malicious actors. However, IT security
does not arise through an attackers' ignorance of the system under
attack, but due to a proper and well-reviewed security design (also read
p.22 in our expert publication [4] ). This decision, if anything, makes
the app less secure – not more. Moreover, since the app is decentralised
and is wired to nemID, the official Danish digital signature, security
breaches are unlikely to occur.
Such false security concerns have not stopped the governments of Germany
[5], Austria [6], Italy [7] and Great Britain [8] from complying with
the WHO's and the EU Commission's transparency requirements and publish
their contact tracing apps under a Free Software license. In fact,
Germany, Austria and Italy all quoted security as one of the main points
in favour of publishing the source code.
The Free Software Foundation Europe (FSFE) strongly urges the Danish
government to immediately rectify this situation and publish its
"Smittestop" app under a Free Software license, with the source code
fully available to the public.
Discuss this [9]
1: https://smittestop.dk/spoergsmaal-og-svar
2: https://fsfe.org/freesoftware/index.en.html
3: https://apps.who.int/iris/bitstream/handle/10665/332200/WHO-2019-nCoV-Ethic…
4: https://fsfe.org/campaigns/publiccode/brochure
5: https://github.com/corona-warn-app
6: https://github.com/austrianredcross
7: https://github.com/immuni-app/
8: https://github.com/nhsx/
9: https://community.fsfe.org/t/480
== About the Free Software Foundation Europe ==
Free Software Foundation Europe is a charity that empowers users to
control technology. Software is deeply involved in all aspects of our
lives; and it is important that this technology empowers rather than
restricts us. Free Software gives everybody the rights to use,
understand, adapt and share software. These rights help support other
fundamental freedoms like freedom of speech, press and privacy.
The FSFE helps individuals and organisations to understand how Free
Software contributes to freedom, transparency, and self-determination.
It enhances users' rights by abolishing barriers to Free Software
adoption, encourage people to use and develop Free Software, and
provide resources to enable everyone to further promote Free Software
in Europe.
https://fsfe.org
= Hamburg wants to focus more on Free Software =
[ Read online: https://fsfe.org/news/2020/news-20200610-01.en.html ]
In Hamburg, the SPD and the Greens are stating in their coalition
agreement to focus more on Free Software during their future term. The
FSFE welcomes this step and will critically monitor its implementation.
In order to strengthen digital sovereignty of Hamburg, the city wants to
use more Free Software in the future (see the PDF of the coalition
agreement) [1]. The goal is to minimise the dependence on individual
providers and create transparency. Wherever it appears meaningful,
cooperation with other administrations should be established. However,
the coalition agreement contains several loopholes, for example for
procurement procedures and diffuse justification to protect proprietary
software vendors.
Alexander Sander, the FSFE's Policy Manager, explains: "We are pleased
that Hamburg has recognised the problems associated with the use of
proprietary software and wants to focus more on the use of Free
Software. However, the exceptions in the coalition agreement indicate at
this point in time that the implementation could lead to problems and
counteracting the goals. We will critically monitor the process and
demand that first steps be taken quickly to make software developed with
public money available to the general public. If it is public money, it
should be public code as well." Free Software gives everyone the right
to use, understand, distribute and improve software for any purpose.
Administrations also benefit from these freedoms when they rely on Free
Software. More and more administrations all over Europe are using and
developing Free Software in order to benefit from interoperable
solutions, to avoid vendor lock ins, to be transparent and sovereign, to
spend funds in the most efficient way and to foster innovation and
collaboration.
As part of the "Public Money? Public Code!" campaign, FSFE is
specifically campaigning for a change in policy towards Free Software.
The "Public Money? Public Code!" initiative aims to set Free Software as
the standard for publicly financed software. The Free Software
Foundation Europe together with over 180 civil society organisations and
more than 27.000 individuals signed the open letter. We will use the
signatures to contact decision makers and political representatives all
over Europe and convince them to make public code the standard. You are
invited to add your signature to make a bigger impact on publiccode.eu
[2] /
1: https://www.spd-hamburg.de/fileadmin-hamburg/user_upload/Koalitionsvertrag2…
2: https://publiccode.eu
== About the Free Software Foundation Europe ==
Free Software Foundation Europe is a charity that empowers users to
control technology. Software is deeply involved in all aspects of our
lives; and it is important that this technology empowers rather than
restricts us. Free Software gives everybody the rights to use,
understand, adapt and share software. These rights help support other
fundamental freedoms like freedom of speech, press and privacy.
The FSFE helps individuals and organisations to understand how Free
Software contributes to freedom, transparency, and self-determination.
It enhances users' rights by abolishing barriers to Free Software
adoption, encourage people to use and develop Free Software, and
provide resources to enable everyone to further promote Free Software
in Europe.
http://fsfe.org