On 20 December 2007, the Dutch Ministry of Economic Affairs published (pdf) an English translation of its 17 September 2007 plan entitled “The Netherlands Open in Connection” announcing the steps that the Dutch government will take in the coming years to further the adoption of open standards and open source for software in use in the Dutch public sector.

In this month’s post, TLC will highlight some key points from the plan, but not before adding a little background on its history.

History: 2002 Lower House Motion on Open Standards and Open Source
The plan currently before us is the follow-up from the Ministry of Economic Affairs to a motion adopted by the lower house of the Dutch parliament in November 2002, requesting that the government (the executive) make (paraphrased) a maximum effort to ameliorate the situation that, since the supply-side of software is highly concentrated, sub-optimal use is made of the potential benefits of software to society and that high switching costs exist; and furthermore requesting that the government ensure that by 2006 all software in use in the public sector complies with open standards; and finally requesting that the government pro-actively stimulate the dissemination of open source software in the public sector, and to this end formulate concrete and ambitious goals.

The 2006 deadline from the motion not having been met, last summer the (new) government was prompted by a lower house committee to formulate steps to further the motion adopted, which resulted in the plan now before us. Most importantly, the plan contains obligations for the public sector to, going forward, use software that supports open standards. In addition, the plan contains the requirement that government bodies formulate a strategy for the adoption of open source software.

Part 1, Open Standards: “Comply-or-explain and commit”
Pursuant to the plan, the Dutch government will promote the use of open standards for use within the public sector. From the report:

“The Cabinet intends to encourage the use of open standards within the public and semi-public sector. The key focus here is: use open standards, or come up with a very good reason why this is not possible, and indicate when open standards will indeed be implemented. This is the principle of ‘comply or explain, and commit’. Through this the use of open standards will be given a firm foundation.”

What is, and what is not, an open standard is often a point of debate. Perhaps for this reason, for purposes of furthering the goals of the Dutch government, a body of it will:

“publish a basic list of open standards (checklist) in January 2008 for the benefit of citizens, businesses and government bodies. This list will then be maintained and further supplemented.”

Those who have in one capacity or another dealt with standard setting bodies may welcome this particular part of the plan.

Further to furthering open standards in general, one standard in particular is supported, whereas government bodies will be required to support the ISO standard ODF by 2008, in advance of switching to ODF altogether in 2013:

“Central Government Departments will from April 2008 support ODF alongside existing file formats for reading, writing and exchange of documents.”

(See also Brenno de Winter here on Macworld, via Slashdot.)

Part 2, Open Source: Preferred When Equally Suitable
Further to concrete goals of furthering the use of open standards within Dutch government operations, the 2007 plan also mentions a number of actions to be taken as regards open source software. More concretely, the plan dictates that:

“All ministries will have developed an implementation strategy by January 2009 for tendering and purchase and the use of open source software – by June 2008 more than half of the ministries.”

And, part of the reason for doing so is that:

“By using more open source software itself, the Dutch government can stimulate activity in the field of open source software. This provides social and economic benefits.”

These are possibly the more important parts of the 2007 report from the Dutch government on the adaptation of open standards and open source. TLC will report on its progress. In the meantime, I would like to invite you to the report (pdf) itself.

(And, off-topic: many thanks again to Arnoud Engelfriet for guest blogging last month. Yay!)

‡‡ [This is a post from Technology Law Culture: http://tlc.oosterbaan.net/. Olivier Oosterbaan, IT and media lawyer in Rotterdam, the Netherlands, maintains this blog.]

(Picture: Dutch Minister for Foreign Trade Mr. Van Heemskerk on the phone, used under permission.)

Recently, I was enjoying a rare quiet evening when my phone rang. No caller ID. At 9:30pm, I wasn’t expecting a telemarketeer, so I took the call. It turned out to be a telemarketeer after all, but a peculiar kind: a police officer told me in a stern voice that I had been seen biking at night without my bicycle lights on. That couldn’t be right: if I had been seen, my lights must have been working!

But when I tried to interrupt the officer to tell him that this wasn’t true, I was in for another surprise. This wasn’t a real officer - it was a voice recording!

Was this a joke by one of my friends? Far from it: officer Van Geel was part of an official Dutch campaign to promote bike lighting.

We Dutch like our bikes. We have millions of them, but virtually none of them have a working head- or taillight. This causes over 10,000 accidents, killing 40 and wounding 500 cyclists every year. Although the law has been on the books for decades, the Dutch consider it unfair to suddenly start ticketing people for 20 Euros. This prompted the government campaign “Lights on!” as part of their general “Gets you home” promotions for road safety. That campaign makes sense. But this part of it didn’t.

Telephone spam has been illegal since 1998. Before that, people would get unsolicited telephone calls with prerecorded messages they couldn’t interrupt or turn off. You’re thinking, why not hang up? The computer would just call back a minute later. Most annoying indeed. Thankfully, Directive 97/66/EC and its Dutch implementation outlaw the use of “automated calling systems without human intervention (automatic calling machines) or facsimile machines for the purposes of direct marketing” unless the operator had prior consent. And yes, that includes messages in the public interest.

Still slightly annoyed at being disturbed during the one free evening this month, I blogged about it and returned to my beer. The next morning, my stats had gone through the roof: Dutch shock blog Geenstijl had picked it up! Soon thereafter news site Webwereld opened with a response by the organizers: this was educational so it wasn’t spam. And besides, one of your friends had to have given them the phone number first.

Excuse me?

Yes, that was exactly how this campaign was organized: go to a website, enter your friend’s phone number and they will be called by officer Van Geel. Sure, there was an attempt to get consent by e-mail from the victim first, but that was so easy to fool it wasn’t even funny.

Is this how to teach kids to treat their friends’ personal data? The campaign was aimed at children, after all, including a nice big poster for schools. Kids should be careful whom they give their personal data to, except when someone who looks like a cop asks for it apparently. Right. Not surprisingly, this tattling aspect caused big criticism from the Dutch organisation Parents Online and even from political parties.

It thus shouldn’t come as a surprise that the next Monday, officer Van Geel got an early retirement.

Arnoud Engelfriet is a Dutch IT lawyer and a European patent attorney. He writes about law and technology on his website IusMentis.com. His bicycle lights are in perfect working order.

Last week, I attended the bi-annual IFCLA (International Federation of Computer Law Associations) conference, “IT Law – The Global Future, Achievements, Plans and Ambitions” in Amsterdam.

The program [pdf] included such interesting speakers as Peter Hustinx, the European Data Protection Supervisor; Cleary Gottlieb’s Maurits Dolmans (whom I used to work with (for) in Brussels); and Professor Michael D. Scott of Southwestern Law School.

Below, a few highlights of what was discussed during the two-day program. (For sake of brevity, I have not mentioned all the excellent speakers that shared their insights and knowledge; see the full program otherwise. I’ve also split this post in two, as it runs too long otherwise: Thursday sessions this week, Friday session next week.)

Day One, Thursday morning: David Bender & Peter Hustinx on Privacy

David Bender, with White & Case in New York, shared the findings of a quantitative study [pdf] of the Ponemon Institute that his firm had sponsored. According to the report’s findings, as relayed by Mr. Bender, U.S. companies ensure a higher level of privacy for their customers or employees. To me this was surprising; surely the EU-based national rules are much more stringent?

There is a quote of Mr. Bender in White & Case’s press release for the report that sums up the reasons why the study found that U.S. firms achieve a higher level of protection:

European companies are much more likely to have privacy practices that restrict or limit the sharing of customer or employees’ sensitive personal information and are also more likely to provide employees with choice or consent on how information is used or shared, but the research also revealed that US companies are engaging in more security and control-oriented compliance activities [emp. added, ed.] than their European counterparts. As a result, US corporations scored higher in five of the eight areas of corporate privacy practice.

The next speaker, Mr. Peter Hustinx (the European Data Protection Supervisor) responded briefly in his talk to Mr. Bender’s findings; stating that European privacy law is built on the premise of a “conservation of safeguards” (Well, that’s my paraphrasing, Mr. Hustinx did not literally say it like that.)

Mr. Hustinx continued by providing a quick rundown of how his office was involved in supporting the European Parliament in its succesful appeal to the ECJ (European Court of Justice) for annulment of the agreement between the EU and the United States for the sharing of passenger data (so called PNR: Passenger Name Records). This is the first time that his new office joined a case before the ECJ. (In its decisions, the ECJ annulled – on technical grounds – the adequacy finding of the [European] Commission, and the agreement of the Council; see Joined Cases C-317/04 and C-318/04 here.)

Finally, before the break, Mr. Hustinx shared with those present that the [European] Commission would publish an evaluation paper of the Personal Data Protection Directive (95/46/EC) this year. The spoiler: no changes to policy or the law are expected. (A Commission paper on the related eCommunication Directive will be presented this July.)

Day One, Thursday afternoon: Outsourcing

The afternoon session included a presentation from Robert Zahler and Trevor Nagel of the DC office of Pillsbury Winthrop on recent developments in global outsourcing. They presented an interesting visualization tool (well, grid actually, they call it a mosaic) mapping existing IT processes in a corporation; with color-coding showing who is responsible for what. How I understood their explanation is that they have 79 fixed steps to describe the entire process, and that’s it. I imagine it helps greatly, but can also imagine that it would fail at exactly the same point as the more linear, text-based contracts: the vague description of a discrete element in the information processing structure. Except, this time you’re trying to fit an element into one of the 79 boxes, which then doens’t exactly fit. So, it’s the same problem, but you might have actually hid it by using the pre-defined steps, until it becomes a problem.

Stephen Matthias of the Bangalore Office of Kocchar & Co continued the session on outsourcing by highlighting a few advanced Indian-law specific issues relating to outsourcing to India: most notably a priority-issue for software patent filings, the need to exercise (work) assigned rights to keep the assignment valid and the end of a tax-holiday for local outsourcing firms in 2009 and the likely results of that (possibly an increase in price, or a move of the firms themselves to special economic zones; SEZ).

Next week: Public Procurement, Hybrid Open Source, FRAND Licensing and Web 2.0 Licensing

Thanks for sticking around until the end of the post. Next week, more on Friday’s sessions: Public Procurement (Pekka Takki of Fennica in Helsinki and Steven De Schrijver of Van Bael & Bellis in Brussels), Hybrid Open Source (Ian Kyer of Fasken Martineau DuMoulin in Toronot), FRAND Licensing (Maurits Dolmans of Cleary Gottlieb in Brussels) and Web 2.0 Licensing (Prof. Michael D. Scott of Southwestern Law School in Los Angeles).

Did I enjoy it? Yes I did!

So, until next week, but let me already give you my own concluding remarks ^^. Scanning the program, I found the topics disparate and wasn’t sure what to expect. Having actually participated in the conference, I once again realized that, diverse as these topics might be, most IT and IP law lawyers actively practice in one or more of these area’s, and that most of the issues and challenges are indeed often global in nature. Also, they all share the common denominator of being related to technology, law and culture. or maybe that’s just me :)

(A 160-page book with papers was published with Elsevier for the conference, but I can’t find a place to buy it online. If you want to get your hands on a copy, e-mail me.)

‡‡
[This is a post from Technology Law Culture: http://tlc.oosterbaan.net/. Olivier Oosterbaan, ICT and media lawyer in Rotterdam, the Netherlands, maintains this blog.]

(Picture by: me, some rights reserved.)