Bulgaria Got a Law Requiring Open Source

Bozhidar Bozhanov | The Policy | July 4, 2016

Less than two years after my presentation titled “Open source for the government”, and almost exactly one year after I became advisor to the deputy prime minister of Bulgaria, with the efforts of my colleagues and the deputy prime minister, the amendments to the Electronic Governance Act were voted in parliament and are now in effect. The amendments require all software written for the government to be open-source and to be developed as such in a public repository.

It means that whatever custom software the government procures will be visible and accessible to everyone. After all, it’s paid by tax-payers money and they should both be able to see it and benefit from it. As for security — in the past “security through obscurity” was the main approach, and it didn’t quite work —numerous vulnerabilities were found in government websites that went unpatched for years, simply because a contract had expired. 

With opening the source we hope to reduce those incidents, and to detect bad information security practices in the development process, rather than when it’s too late. A new government agency is tasked with enforcing the law and with setting up the public repository (which will likely be mirrored to GitHub). The fact that something is in the law doesn’t mean it’s a fact, though. The programming community should insist on it being enforced. At the same time some companies will surely try to circumvent it...