`````Cybercrime en Cyber Security Nederland
PRISCILLA F. HARMANUS OVER ONDERZOEK INFORMATIE VEILIGHEID EN VITALE INFRASTRUCTUUR IN DE DIGITALE OVERHEID

Home » Digitale overheid » Actueel » Onderwerpen » Bijdrage » Contact

2020/12/10

Open Collaboration and Public Code

A UNIQUE MOMENT 🇳🇱

Last week, the Ministry of Health, Welfare and Sport delivered an unprecedented performance in the Netherlands with an innovative process to develop an app that can help the GGD to track contacts of corona patients faster and better [1]. First of all, we would like to express our compliments to everyone who has worked on this day and night. We believe this is an impetus for a model that in the future, albeit under less pressure, can lead to optimal cooperation between government and society when assessing technological solutions.

This webpage is translated from Dutch (original) to English by Priscilla Harmanus

The approach in which the public was able to watch has been extremely successful. The livestream and the availability of the individual pitches are highly appreciated by the Code for NL community. Never before has Code for NL had the opportunity to be so actively present in an ICT project of the government. And with success: several hundred experts from different fields watched throughout the weekend and immediately checked everything that was said and the source code that became available during the weekend.

🇳🇱

WHAT ARE THE LESSONS LEARNED?

The main thing is that the Ministry has achieved a great deal under great time pressure. However, the question is whether in an IT process, which will have such a major impact on Dutch society, the chosen speed has not worked out negatively. Parties that responded to the tender were only able to provide limited insight into their ideas and the assessment by experts was, partly because of this, unstructured and based on incomplete data and assumptions. Time constraints forced some app vendors to withdraw from the process. It is important to include these signals in the further process and subsequent trajectories.

As a result of all the public questions regarding the public nature of the code, we see that Open Source has become an important part of the assessment of the applications. This led to in-depth discussions within the Code for NL community (and beyond) and resulted in extensive analyzes and recommendations [2] [3] [4] and [5]. The experts from the community have a good idea of ​​what the different apps do, but also which essential fundamentals are missing. Errors and security issues have already been discovered in the source code of a number of apps and some of these have subsequently also been picked up by the media. This gives the seven app developers the opportunity to fix the problems early, which in turn contributes to confidence. We therefore call on the Ministry of Health, Welfare and Sport to continue the open cooperation and to find a method in which the recommendations and found defects from the experts and society are included in the further approach. We think the approach like this weekend could work for more IT projects in the government. There is of course room for improvement, but the direction is good and the motivation is there.


WHAT NOW?

Last week, the Safe Against Corona coalition [6], of which Code for NL is part, spoke out clearly about the requirements that must be imposed on applications that have such a major impact on the ability to monitor citizens. The only way to continuously monitor this from society is when such applications are open source available from the start under an appropriate open license. Code for NL believes that public money should lead to public code, as recently submitted in a letter to parliament [7]. We support the Standard for Public Code [8] as a suitable guideline for testing the openness of applications.


We would like to emphasize that we are not yet convinced of the effectiveness of an app. There is still much debate regarding the stated goal. In addition, it is also not yet clear how the government can guarantee that the app and any data collected cannot be used improperly (in the future). For the time being, we see division and a lot of people will not want to use an app.

During the appathon it became clear in any case that the user wishes of the GGD [9] conflict with the requirements included in the request with regard to the processing of personal data. We therefore advise the ministry not to opt for one of the seven Appathon solutions now. But first, based on the insights from the past week, to investigate to what extent an app can be effective in supporting the contact investigation by the regional GGDs. Sharp, on the basis of the results of this research and insights from the proposed solutions, the requirements and desired functionality of a possible app. Fair, and inclusive digital government and society.





Home » Digitale overheid » Actueel » Onderwerpen » Bijdrage » Contact

 
Map
Info