Open source is national security

English · EU · National Security · Open Source

2 minutes

It’s dead Jim

The friendly global market died in the beginning of 2025. The idea that software & services (yes, hardware too) can be procured from anywhere and used where needed died with it.

The European Union cannot rely on operating systems made in the USA, or host our own services in US data centers. Now, this is actually not new - we already had regulations around software from other parts of the world where we felt we were unable to trust them not being in the service of less-than-friendly governments.

The difference is that we didn’t have a deep tradition of following their lead, as we do now when it comes to the building blocks we’ve based our digital society on.

Our own grassroots are greener

This is where the goals of national security and the goals of the Open Source movement suddenly find themselves aligning perfectly. See, Open Source started out by claiming that it wasn’t possible to trust software you couldn’t vet yourself, couldn’t make changes to yourself - and couldn’t keep using if for some reason the maker went out of business. And this is exactly the situation we now find ourselves in with the two major desktop operating systems Microsoft Windows and Apple macOS. And the two major mobile operating systems Google Android and Apple iOS. And the three major cloud computing platforms Amazon AWS, Microsoft Azure and Google GCP.

While some might claim that the EU is fully dependent on these platforms, unable to fulfill our own needs if we try to start up competitors now, we simply don’t need to. Thanks to all the work already made by people tirelessly working with open source we already have well functioning alternatives. What we can do, however, is to start funding the ones we prioritize, and “funding” in this case means both sponsoring the people already working on them as well as putting our own employees on furthering their development hands-on.

Never again

The EU just launched an internal marketplace for open source that has been developed with public money by any EU country, for use by any of the others to implement or build upon. What we need to do is simply to continue expanding that marketplace, whilst at the same time mandating that public institutions within the EU must migrate to existing open source solutions where such exist.

And they are many.

This is now a matter of national security.