 I am happy to introduce our last keynote speaker, Julia Reda. She's a member of the European Parliament for the Pirate Party since 2014. She has a legislative focus on copyright and internet policy issues. She was therefore responsible for the parliament's evaluation of the copyright reform, which was very well received. Today she talks about free software and public administration. She says if the code is public, the public also has a responsibility. She will talk about how and why public administrations should care and promote free software, should also care about the code and about its security. Please welcome Julia Reda. Thank you. Thank you very much. I want to talk about the relationship between free and open source software and government. Being a politician, not a very surprising topic, but from what I heard, it is a topic that has resonated with quite a lot of the talks this weekend, and it's certainly a topic of a lot of interest, whether and how governments and public administrations are using free software. And there are also lots of good arguments about that that we've heard about how free and open source software can make you more independent from a specific vendor. It can help the administrations to adapt to new tasks. And of course it can also save costs. But these are all different arguments that I don't want to go into so much in this talk. What I do want to talk about more fundamentally is what is a government and what does that have to do with free software? On a very fundamental level, at least the ideal is that government is all of us. It should serve everybody and it should be accountable to everybody. And one very important function that even the most critical people of governments recognize what a government does is that it provides infrastructure. So it makes sure that there are streets, it makes sure that there are cables in the ground, perhaps it doesn't actually run the internet and telephone services, but at least it makes sure that they're available and safe to use. But we can argue that for civic software, for software that is used by the government, especially in the interaction with the public, that this is also a public service. And the only software philosophy that would really make sense for a government that takes its accountability to the public seriously is that it uses, it takes responsibility for and it also contributes to free and open source software. I think that this task, making sure that government uses free and open source software is today more urgent than ever. That's because of two different distinct developments in society and technology that together can become quite dangerous. The one is the importance of technology in society. The other is what I call losing the freedom to tinker. The combination of these two developments means that technological progress can lead not to a gain in autonomy like we have all hoped, but to a loss in autonomy of the people. That the great promise of autonomy that it will empower everybody that the free and open source software community also stands for is at stake. So if we lose this fight, the technology can become a tool just for the powerful in society and not for everybody. So I've chosen a rather provocative term for the role of software in society that algorithms rule the world. You've probably read this in newspapers, usually in kind of a context where they say that software is somehow magic and only very few people know what's happening and we're all slaves to those new software magicians. This is not what I'm talking about. And it's also not to be understood in the sense of some politicians who are basically saying let's ban all technology. But I mean this more in the sense that computers are no longer limited to particular parts of our lives, but rather that they're an integral part of the physical world. So the best example of that, I guess, is that nobody really talks about real life anymore when they mean offline. I've come across this development, the importance of software in several sometimes rather unexpected parts of my work. And one that was most revealing to me was my work in the inquiry committee on the so-called diesel gate, the diesel exhaust fumes scandal. This is not just a scandal where governments turned a blind eye to obvious fraud by powerful companies. It's also a scandal that is based on the fact that cars are computers on wheels and our legislation is not adapted to this reality. The defeat devices that is the cheat codes inside the cars can be completely software based. And actually in the process for allowing a car to go on the road there is no check even to make sure whether the software run on the car that is tested is actually the same as the software that is sold to customers. So even if the car that is tested in the laboratory is completely safe does not have too high emissions, if it's the software alone that can influence this, our tests are completely inadequate for actually testing whether the cars on the road are safe because from a purely computer point of view they could be completely different devices simply because they're running completely different software. Another interesting aspect of this is that defeat devices can actually be legal in a very small exception and that is if it's necessary to protect the engine from damage. And unfortunately there is actually no requirement in the law that a car maker who uses such a defeat device that is switching off the NOX abatement technology simply to save the engine that they don't have to disclose this to the regulators in any way. That means they don't have to expose the source code not even to the regulators and they don't have to explain what the software on the car actually does. What this means in practice this is a slide from the CCC talk by Felix Domke and Daniel Lange this year is that in the case of Felix Domke's VW car there was actually a function programmed into the car that was switching off the NOX abatement technology whenever the distance driven by the car was deviating significantly from the test procedure that was written into the law. So in order to find this out I mean this is a very obvious fraud of course but in order to find this out Felix Domke actually had to reverse engineer the software on his own car and of course it would make a lot more sense if a car manufacturer actually had to disclose the software to the regulators and explain if there is a defeat device what exactly is it for and how the hell is this supposed to protect the engine. Another area where we're seeing an increasing importance of software is robotics and implants so it's not just that the cars that are driving on our streets will eventually not be driven by people anymore and will become robots we're also introducing robots into healthcare at the workplace in a way that they're directly interacting with humans and we also have software running inside humans a less scary example of this is perhaps a friend of mine who wears a cochlear implant which is a digital hearing aid that can transform a sound into a digital signal and allows him to hear if there's a software vulnerability in this kind of device perhaps the worst thing that could happen to you is that you don't hear something that is there or perhaps even that you hear something that is not there something more scary a more scary example of software not doing what it's supposed to would be software on a pacemaker and there was an accident talked by the security researcher Mary Moe called Unpatchable Living with a Vulnerable Implanted Device now that sounds a lot more scary actually in her case she was wearing a pacemaker she was not able to inspect the source code on this pacemaker and it turned out that it had a bug and when she suddenly fell down when she was walking up a flight of stairs they couldn't simply see what exactly the software was doing instead they basically had to put her on a treadmill and troubleshoot her so what Mary Moe is saying about this is that I want to know what code runs on my body which I think is an incredibly reasonable demand from government but this is also something that the European Parliament is discussing thankfully however whenever there's a good idea of what we should do with new technology there's also a bad idea so the European Parliament is also discussing whether robots and artificial intelligence that create new works for example an algorithm created song whether there should be copyright on that which I think is a terrible idea so these questions are definitely something that is under development in the governments at the moment and something that we need to pay attention to something that's a much older debate is the use of technology in elections in the US voting systems have not been considered critical infrastructure by the Department of Homeland Security so even though there are lots of independent reports that show that a lot of the voting systems the voting software that is being used on a municipal or regional level even though it's known that it's unsafe it isn't really treated like much of a problem another good example from Estonia that is already doing online elections they had actually one invalid vote via the online voting system which apparently comes from one member of the pirate party so I think it's really important that we also have the possibility to inspect any kind of software that is basically being used to fulfill extremely important functions of course the Estonian online election system is not 100% free and open source software then there's also this debate about whether Facebook algorithms can influence election outcomes which I guess are more social debates but really show that there is quite an issue that needs to be discussed one more example what we call predictive policing which is basically the use of data about previous crimes to predict where future crimes are going to take place I think this is a really good example of showing that machines basically can only learn from our own dump behavior so for example this predictive policing has been criticized for perpetuating racist stereotypes so for example in the war on drugs on average white people take more drugs than black people and also engage more selling and buying however the number of black people actually arrested on drug crimes is a lot higher so if you base your predictions of future crimes on what has happened before you're not actually basing it on the real incidents of crime but only on the crime that we know about so there is a real danger that if we don't know how exactly this kind of software works we can't find out whether there are biases that are built into it and I think from a fundamental rights perspective it's extremely important that whenever a public administration the police or a government does something that is directly to your disadvantage that they owe you an explanation of why they came to this conclusion and if we use proprietary software in order to make decisions this is certainly not the case and perhaps on a less serious note everything's becoming internet of things sometimes it makes free software more critical because if you have Windows 10 running on your fridge basically if you have more proprietary software running on everything there are more fun ways how your software can fail so this is one part of the problem but I think the fact that there is more technology around us is not a problem as such it becomes a problem if at the same time we are legally barred from controlling this software and this is something that's happening on quite a lot of fields Edward Felton who was an academic and is nowadays the deputy CTO of the United States he coined this term of the freedom to tinker in the early 2000 and it's one that goes beyond just the mere act of being able to access source code but it's a full freedom to inspect, to understand, to repair to modify both software and hardware and it's based on the idea that you can't actually learn to write only by reading so you do have to interact with the system in order to fully understand it and also to be able to build something new based on the things that you've learned so this freedom to tinker is really important as the basis of education as the basis for innovation and also in order to give people autonomy over the devices that they buy and I think this freedom to tinker should be protected in a similar way as the freedom of speech there are recently some lobby groups who are working particularly on protecting and enshrining this freedom to tinker a lot of them at the moment are based in the US there's for example I am the cavalry which is a group of security researchers that are really trying to make the hardware that is part of our lives trustworthy and secure and allow people to understand them there's also the right to repair group and other groups that are working on this theme but the freedom of tinker is under attack from a lot of different types of legislation one is quite a fundamental problem with the way that digital content is dealt with in the law that is that information is governed quite differently from physical goods so as a simple example if I buy a book I own this book if I buy an e-book I have a usage license that is perhaps not transferable so if I have a big collection of e-books I can't actually give this collection to my children when I die and of course when more and more products are kind of a mixture of physical good and information what the manufacturers and the industry try to do is to transpose this logic from the dealing with information onto those products and try to rent us things rather than have us buy them one good example of this was the controversy around the John Deere tractor where the manufacturer was basically saying that the people who had bought this tractor were not allowed to actually repair the tractor themselves because they were just license holder of this tractor and they were not able to modify it yeah it was said in the beginning of this talk that I had made some recommendations around copyright reform that were actually adopted by the European Parliament for example I fought for public domain status of official work so that would mean that any kind of work of art, of photography, writing, whatever that was created by an employee of public administration during their work time was considered to be in the public domain and was not covered by copyright another demand was that the circumvention of technological protections for legal purposes so for example if you have legally bought a CD and you've already paid the levy for being able to make copies of it then you should be able to actually circumvent the DRM to make copies even though quite a lot of such common sense demands were supported by the European Parliament the European Commission's proposal for copyright reform has now been leaked and all of these common sense ideas have been shot down instead we're going to get a new right for news publishers to control how we share news online and an obligation for any kind of internet platforms that have user generated content to use technology to scan for copyright infringement so this is a topic for another talk and I will be working on stopping these terrible developments for months to come but it's also another way of showing that also in the area of copyright there is no positive development yet that would actually give us more control over the stuff that we buy another area that is becoming more and more concerning are trade secrets so trade secrets started out as being a way of defending against anti-competitive behavior so basically if you're one car manufacturer and somebody from the other car manufacturer breaks into your office and steals all your plans that would be something that would have traditionally been covered by trade secrets nowadays it's no longer about whether or not there's a competitor involved it's the information as such that is protected so a car maker can claim for example that the software on the car is a trade secret and therefore the regulator can't even look at it to find out whether they're cheating on the emissions tests and of course the regulator is in no way in a competitive situation to this car maker so it actually doesn't make any sense quite concerningly the United States are slowly introducing this into trade agreements with other parts of the world and their argument is if you allow governments to require companies to disclose software then basically China is going to copy all our innovation and give the information to their own companies so I think we have to make sure that if we want to mandate more source code disclosure from manufacturers we have to make sure that in international trade our governments actually remain able to do this there are not just legal but also social developments that I think make free software and open systems more important on the 28th Chaos Communication Congress Cori Doctorow was warning about a future in which more and more devices have their functionality crippled on purpose so something that is sold to you that could be a fully functioning computer is somehow locked in that only certain functions of it work and of course we know nowadays that with every smart phone and every smart fridge and smart home we buy that we are coming closer to this reality because the consumer simply lose the expectation that if they buy a computer they are actually able to do what they want with it and that they are actually able to install the operating system that they want and so on so I think that is definitely really important and dangerous social and technological development finally there are also some moves from new laws regarding what kind of software and firmware can be installed on routers once again there is kind of a public security argument for that that is that the manufacturers of the router should make sure that users cannot accidentally or non-accidentally use the wrong spectrum with these devices but at the same time in order to allow competition for example the FCC in the United States has found that they should allow firmware from third parties to be installed but how do you do this how do you on the one hand limit what the third party software can do and on the other hand still keep it open to different firmware so I think what is going to happen one possible reconciliation is that on routers we are also going to have kind of trusted computing solutions with a cryptographic signature for any kind of firmware that can be installed on them and this is already the case for most computers that are being sold with secure boot and so on and is of course especially for lay people making the installation of Linux incredibly more challenging so a lot of these examples are kind of bad things that are going on in the legislative process but also some broader societal things so what can the government do about it and can we actually rely upon the government to do anything I think it's important to recognize that we can influence the government in activities if we actually decide to prioritize on this and to not just build software but to actually make sure that governments understand how free and open source software is in their interest and for that we do need the practical arguments that government administrations already rely on free and open source software in a lot of cases and that's in their interest that the software is secure that it's well maintained and that there's a community behind it that can actually do its work and it's not hindered by counterproductive legislation so in other words the government has to start taking responsibility and further the goals of security, safety, etc. that are represented by the free software movement so there are some positive examples of how this is being done there are simply funding ways like the prototype fund in Germany where basically money is directly given to open source projects and the prototype fund also not just gives money but also helps the project deal with the bureaucracy around it and make the process easier for people who are not used to working with public administrations on a daily basis but perhaps a more pretty obvious thing from recent news that's also important are security audits so in 2014 we had the hard bleed and child shock vulnerabilities that demonstrated that a lot of infrastructure is relying on free and open source software but quite often there's no responsibility even from large companies and governments that are using this software to actually contribute to its functioning to finding software bugs and to making sure that they're giving something back to the community that is developing these solutions so the European commission upon the initiative of a colleague of mine and myself has started a pilot project for free and open source software auditing now we had to somehow convince the commission that it's a good idea to try to build relationships with the free software community and to show them how this also has a benefit for themselves so some parts of this project that have already been placed is that the European commission was investigating different methodologies for how to do audits, how the software code is being maintained and governed in different existing community projects and also to do an inventory of all the free and open source software that is currently being used in the free software in the European institutions or that they use in order to build new software that is commissioned by themselves existing software libraries etc and the purpose of this is also to find common interests so to see this is a software that the European commission is really relying on but it also has a great value to the community at large so in order to find out which projects actually do have this common interest and that would be most interesting for the community to also be looked into in order to do that we did a public survey where we basically asked out of a number of different free software projects that were in use in the institutions which ones the community would like to see audited and from this public survey we had two projects that got the most votes namely the Apache HTTP server and KeyPass of course Apache is already widely used in not just in the European institutions but also beyond KeyPass is actually not used by huge numbers inside the commission so far but it got a lot of public votes and I think it's a good example of a user space software so something where the security is really important for the end user and there's really it makes sense to them why this kind of software should be audited so this two years pilot project is coming to an end there's currently a company that is doing the audit of these two projects and in the running of this project we've also run into some challenges that are mostly to do with how to make sure that the European commission as basically a public administration that so far has not had a lot of dealings with the free software community actually understand what they're doing how they get the expertise from the community and how we can hold them accountable that they actually listen to it and in this process the free software foundation Europe has been extremely involved and really always trying to push us in the right direction because I have to say as a member of parliament the amount of time that I can spend on running after a consultancy that is doing an audit is limited but I think we do have identified also how we can improve this project so we're trying to continue it to get a budget for the next few years and to eventually make it a permanent part of the EU budget and one thing that we really want to do is in the future to do a bug bounty program where we directly take a large part of the money that is put in the budget in order to make people the experts in the community themselves look for bugs and get remunerated for that so for projects like this I think the involvement of the community is really important but also the patients of the community because of course working with the big administration can be quite frustrating and I think especially in this cases it really pays off to be organized as a community to actually have an advocacy organization that is doing this work for you so what's going to happen next what can we actually achieve I think on the one hand of course simply developing the software the direct action on that is incredibly important but at the same time it's also very important to try to work within the system and to try to build networks between the free software community and politicians who actually care about these issues because I'm certainly not the only one we can also look at some success stories where open source policies have been passed there's recently been one in Bulgaria there's also the US federal source code policy which you know are not perfect policies so what the US is doing for example is saying okay all software that a government agency commissions needs to be reusable for the entire government which just makes a lot of sense and they have a goal of actually publishing 20% of the software that they commission as open source software which is well not what we are going to aim for but it's certainly better than nothing and more than a lot of European governments are doing at the moment the European commission does have an open source policy but it's very well very basic in the sense that for example they commit to not disadvantageing open source solutions in public procurement which is nice I mean I think if simply offering a free software or open source solution were considered disadvantage that would certainly be a problem but where we want to get to of course is that they actually consider it an advantage and that they make it a requirement so here's my call for action and this is something that I think the free foundation has already laid the ground work for is that we need to move towards a sustainable public procurement system and that every government in the EU as well as the European commission actually have a free software policy that means that all the software that is developed with public money will actually be published in a public under a free license and is reusable for anyone at the end the government is acting in the public interest the FSFE is already starting a mapping exercise to see what is already out there what inefficiency could be addressed with free and open source software and if you want to get active in that I think they definitely well come people who maybe experts with what different municipalities are doing or simply have the technical expertise to contribute to that our goal needs to be to make government not just tolerate and use free and open source software but to actually promote and improve it thank you very interesting talk now it's time for question and answer first thanks for your talk thoughts about auditing software I think it's not enough to just audit the code because that is opening Pandora's box you also have to audit the processes of the people who create it are they actually reacting to security problems which brings the next problem if you audit code and you find a huge number of bugs in keep us for example you are being the nice person you put them all in their bugzilla and then you have a problem so it also has to be fixed how can you make sure that happens should that be public resources as well what are your thoughts on that well one thing that we really try to push for and as far as I know that actually has happened is that before the commission or the company that the commission has put in charge of doing the audit before they actually start doing the audit they do have to get in touch with the community with the developer that they know that this audit is going on that they are the first to be informed and that they can actually process this input in a meaningful way I think if we go towards the model of bug bounties of course actually fixing the bug can be a part of that and I think that's probably more easy to do if we create incentives for the people who are already developing the software that they can actually work on fixing those bugs the processes are actually part of the pilot project in the sense that the first step of it was that there was a comparison being done between the processes of software development within the European commission and in different free software projects however there were apparently some problems with that in the sense that not every free software project that was supposed to be contacted actually was contacted and so some inaccurate information actually ended up in the report I think if we do manage to get funding to improve or to continue the process and to do a next step based on this pilot project this criticism that also to a large extent was collected by FSFE and given to me is extremely invaluable because I don't have the expertise to know everything that may go wrong so to have actually the community actively involved and know who to tell either in the parliament or in the commission if something's going wrong is really important Hi, thanks for the talk here so I wanted to ask you said that software that is developed with public resources should be released and should be free and released as open source so you might have said this but what is the status of that? I mean is that something that is about to happen is that happening in every city in every European country but how does that work? At the moment it's certainly not happening everywhere I think it's more the exception rather than the rule that a public administration actually has a policy like that and we do have similar rules for example in the in the sciences funding by the European Union so the horizon 2020 program for example requires you to release all the research results under open access but unfortunately so far this doesn't include any software that may have been programmed as part of this research exercise so I think at the moment there's really a lack of commitment to this goal and as far as I know at least to my knowledge Bulgaria is the only country in the EU that I know of where this is basically a national level government policy there may be others but certainly in Germany it's not the case Yeah thanks for the talk so sometimes it appears to be like you're the only person in the European Parliament at least for me to understand some topics and what is the situation in the European Parliament and what would be your suggestions for normal people like me just FSE fellows to support the cause and to prevent stupid decisions in the commission and maybe you know also in European Parliament someone who can be just nudged in the right direction or yeah Well I think there are different strategies and certainly not the only person who is working on these topics but sometimes you have to draw a connection between the thing that the parliamentarian is really interested in and then your topics so for example all my colleagues from the Green Party are extremely interested in the diesel gate scandal and how exactly it worked because they're really interested in doing something about pollution so being able to somehow connect the topics to the topics that people are already working on is a really useful strategy but I think another thing that's important is that for volunteers it is still quite difficult to have the same level of influence as the industry so actually having an association that is represented in Brussels with people working full time on this is also really important but in comparison to I would say a national member of parliament the number of people who contact MEPs directly is still rather limited so if it's about stopping a bad proposal then sometimes just getting lots and lots of people to write to their representatives to all their representatives about this can be a useful strategy but that works much better if you want to stop something bad than if you want to get people actually interested in changing something for the better but we do have an intergroup that is made up of people from different political parties that deals with internet policy on a broader level and they do sometimes take positions I mean it's certainly the more progressive members of the parliament even though there are people represented from all over the board and for example they have been really active in opposing this new copyright for publishers for newspaper articles so I think yeah if you want specific names you can certainly write me an email but other than that organizing as an association and actually sending people to Brussels to knock on people's doors is extremely important Hi, what you've talked about there for free software is a very good move but one of the problems at the moment is that if you report a security vulnerability against some closed source software there's no requirement on the manufacturer to actually fix it so are you making any moves towards actually requiring that manufacturers support software or at the very least provide definitions of when they'll support it and when they won't I'm not directly involved in this I know that one of my colleagues Jan Philipp Albrecht was trying to get some vulnerability disclosure requirements into the network and information security directive which is mostly about like critical infrastructure and so on there are some moves in the areas of consumer law so basically if you buy a device that you have certain rights as a consumer as to continued support of the software running on that but this is really still in very early stages and these are the only developments I can think of where this is being addressed but at the moment there doesn't seem to be such a requirement so we have as technology makers and especially government the responsibility to make all technology accessible to every citizen you didn't talk a lot about that but that's also an important thing to make software free so anybody can extend them in different ways there's many people with disabilities of any kind or have not very powerful computers and so on doesn't matter any kind of so does that come up in conversations that or somebody's also mentioning that in the conversations? We haven't actually made the connection between accessibility and free software too much so far but it's actually a really good point the European Parliament recently passed the web accessibility directive which will at least force public administrations to make their websites and apps and so on freely accessible and of course in many cases actually doing that can be much easier by using free and open source software and you already have people who are kind of working on the software also to make it more usable for themselves and so I hope that this can give some positive impulses in this direction unfortunately I mean the web accessibility directive alone which is relatively limited in scope really to the government administrations will still take years to go into effect I mean you basically have really strong lobbying from the municipalities who are saying they don't have any money to do this even though actually forcing somebody with a disability to go personally to the administration and have them deal with the things that don't work in their software can be a lot more expensive and I hope that there's going to be more of a change in the mindset in the municipalities that making things accessible is actually a priority a human rights issue and also simply make sense in their own procedures this is something I'm wondering about this somebody who's kind of involved with FSFE do you think that it would make sense for us as an organization to also target national lobbying more or should we like focus our efforts on the EU because that makes the most sense I think both make sense because for example if you want your municipal I don't know your city council or your public administration to use free software then the European Union will have a very difficult time mandating that what you can get at the European Union is to make sure that we have sensible information policy laws so when it comes to copyright to trade secrets and so on and of course to get the European institutions to actually use and promote free software but as a general rule the national states they have bigger budgets they have a lot of oversight over the different public administrations that are really right in front of your doorstep so I would say that definitely both approaches make perfect sense hi additional question on the releasing the software as open source so as I understood there is no plan to enforce that right it is more of a suggestion to the government to start making software and releasing it or is there a law is there any plan to enforce that no there is no law yet so there is nothing to enforce but I think that should be our goal and it's something that I think if the governments really well get informed about the topics we realize that it actually makes sense for them too but I think what would make the most sense for an organization like FSFE is to actually lobby for such a law to be put in place both as regards the European institutions as well as on a national level but at the moment such law doesn't exist in well pretty much all of the European countries okay thank you so great speech I like the the fact that our funds now to do audit on security issues I was wondering if it would be feasible to do auditing compliance to interoperability to see if software is actually following the standards that we set as a community and currently it's actually very profitable for companies to not follow interoperability standards and this is costing us a lot of money so it would be great if we would set some money aside to actually check that software that we're buying follow certain standards that we require because currently there's very little information about that usually it's the member states that have to make sure that European laws are being enforced and that there's actually enough money to enforce them so I'm not a hundred percent sure whether it's possible to pay for that through the EU budget because it would basically be well admitting that the member states are not doing their jobs what the commission can do is if a member state is not following its requirements which usually includes enforcing the law the commission can start an infringement procedure against this state which can become relatively costly for the state but yeah I would have to look into that whether it's possible for the commission to actually or for the European Union budget to directly fund enforcement of existing laws because well this is something that they should be doing anyway so in the US I see some positive improvements like you already mentioned this White House policy which is of course not perfect but what I also see in the US and I at least had heard two talks like from the digital infrastructure agency or something and 18F so they're like groups of people building up I don't know exactly how the structure looks like but the government funded who are writing free software open source software which is all like on github great people they all do startup mentality in agile do you see any future for this in Europe because I think this would also drive this forward without any policies because if you have a body of people doing great work and free software then you don't need to reach out to proprietary vendors anymore right well as I understand this this project the prototype fund is that it does something like that so it basically gives money directly to projects that are building open source software for different uses and those could of course also be uses that have a direct use inside the government so but you know the prototype fund and also the open source security audit by the commission they have a budget of around a million euros so this is nice but it's basically just a start and it can't really finance such projects on a grander scale so from what you've described I would think that probably these projects have bigger budgets and that's probably something that we need to work on and therefore it's also important to make sure that these small projects that do exist actually become successful and that basically it becomes well useful for a politician to promote something like that if they see okay this is something that people are interested in is something that can win them points and they're likely to try to do it again well all this talk we've heard now was mainly about software written by the government or for the government and all the scary things we've seen in the beginning were about cars and pacemakers and things that are certainly not written by the government or for the government wouldn't it make more sense to put pressure on that sites to require the companies that write that code to make the code free software so that it can be expected sure I think there's not always a clear line the same software is the same free and open source software is being used inside government and inside large corporations to some extent but of course a lot of the problems are with proprietary software and but I do think that the government will be much more likely to actually mandate disclosing of software in critical devices such as cars if they are already using open source software themselves because if they feel like this mandating can actually make somehow their own governmental procedures insecure then they're probably much less likely to go down this route so I think it's probably important to go down both alleys but as a first step I think it's really important to kind of to try to get the government on your side on these free software topics and if they're not using free software themselves then they're probably not going to see the merits of it hi I just wanted to say that not only software is important but to be computed as you just in the hardware as you just try to lock down the hardware in the last years and it would be really important that we look at that and say that it has to be possible to have open systems which are not in lockdown for government institutions or for anyone really so one of those laws that we are working on is this router lockdown directive or that's what we like to call it where as far as I can tell nobody realized at the time that this directive was passed that it would create problems for like Freifunk and other open Wi-Fi communities and that it would make it difficult to run free software on routers so I think basically having people there who actually understand free software and who can look at the legislative process as it is going on and jump in there and point out problems is sometimes all it takes and at the time there was nobody there who was doing that so now we have to try to somehow avoid the problem down the line as the member states are transposing this directive international laws. Thank you. I have a question regarding the open source audit what are the arguments if somebody has concerns that the European Commission is helping one product by funding their security audit and thus making their position on the market better. Yeah we were discussing that but we decided it's not really a problem because if they find something this improvement at the end of the day benefits everyone and if for example there's a fork of this project that is developing it in a different direction which seems to be the case with key pass to a pretty large extent there's a good chance that any vulnerability that could be found is also relevant for that other project. So of course whenever the government is funding something that is organized by citizens or organized by the private sector there may be 10 different projects that don't get funded and you can say that this is unfair but I think it would be probably we would all be worse off if we reacted to this by not having any public funding for public interest goals at all. I have to say that Julia really has to leave in point so we have time for two last questions. At least in the UK we're seeing the increasing privatization of public services. Has there been any discussion that you've witnessed with regard to overseeing the use of proprietary software by these private organizations providing essential public services like education? Well there's certainly a discussion about all the problems that we have thanks to some of the privatizations that have taken place and how they have taken place. I'm not sure that the use of software by these companies as such is being addressed but I would have to look into that. I can't think of an example right now. Final question for you. The final question. So the aged cynic in me cannot help but remember that the proprietary software vendors have taken every opportunity to point to any areas in open source as being a big problem and because they're open you can see them whilst they're as a hidden. Is there any effort to also take the pieces of closed source software that are being used by the commission and get them also audited so that they can't go saying these flaws that have been found in open source they are then faced with the well yeah and look at yours which they're not as easy to deal with are they? Right. I have to admit I have not thought of that at all but I'm thinking about it now. Thank you very very much what an inspiring weekend we had haven't we? I hope you guys have shared a lot of ideas shared some software. Eric had shared his flu with me so before we carry on I would like to invite KDE up here they will be they will be doing their academy award so I expect a lot of film stars to come up here by now oh there's our first film star okay yeah tradition time so it's the year of academy again and I have the honour this year to give out the academy awards to people that have contributed a lot of good work to the KDE community and we will start with non-application contribution award which has been decided by this year's jury to go to Alex Paul for his continued work throughout all of KDE thanks a lot man you could have gotten lots of developer awards as well but we thought this one was good so then we continue with I think the application award which goes to something where we thought it's kind of odd that they didn't ever get the prize so far this year the award goes to Christoph Coleman and Dominic Hauman for their work on K-Tex editor K-Ride and Kate how long has it been 15 years your time has come thanks and then the jury thought that the jury award goes to another developer and actually the whole community it's actually this year for Daniel Rattl and the other KDE pimsters for his work and their work on Aconadi and keeping our mail safe so thanks a lot Daniel where are you come up thank you Dan and last but not least of course we want to thank and please everyone give a big big shout out to the organizers this year come up here and receive your award for your work on actually making this event happen Kenny Coyle it's you yeah thank you thank you and this prize definitely includes all the other volunteers from the other communities for helping out on this weekend thanks a lot everyone well we are in the part of just saying thank you so I would like also to say thank you to the representatives up here they are by far not the persons that done the most I don't even remember seeing last at a single meeting but they represent each of the subgroups that have been doing an excellent piece of work to make this happen it's seven or eight months ago since somebody got the idea why don't we get these what at least on the face value looks very diverse group to work together to create an event like this and we did and can you please for all those groups give them a big hand thank you very much it's been a really great few days thank you everyone for coming when we were thinking about this a year ago I definitely didn't imagine this so thanks for making this happen everyone who helped make organized this but also everything our attendee who made it great thank you very much and I've been told that if they are volunteers who didn't yet get a t-shirt or who still want another one they can go down to the registration after this and get more for academy we are going to continue tomorrow at the technical university everyone is welcome to join us there for hacking buffs and more thank you thanks I'm Felix I'm representing here and I'm one of those board members there and we're happy to be part of this weekend and we're excited to actually meet users which is something we don't do and to even welcome users to our codec talks about low level mathematics of how videos work and it was really nice for us and I hope enjoyable for you and maybe see you next year thanks I'd also like to extend another thanks to everybody who has really helped organize the event you know it's something like that people came to me and said why don't we organize a bigger conference together with KDE and then somehow FSFE came in and video land came in and I thought it was great and it's great to see so many people that came here to this event you know discussing for a weekend about you know the stuff that they're passionate for what they're doing and I think you know from all I've heard so far you know it has been a really great weekend for everybody you know we got lots of good stuff out of that and in the end you know it's all of you who are doing all that work on this project that will help us push this forward so thanks a lot to all of you for really contributing to the projects we had our first FSFE summit here at QtCon and I think it was a big success given the good feedback I've heard which is also due to the very good cooperation that we had here among us organizers of the communities that makes me happy but makes me even more happy is when I heard that fellows from the FSFE political activists were joining developers meeting here and developers were joining our political talks and also how I became aware that there are a lot of people here inside to contribute to more than one community who are part of FSFE end of KDE or end of VLC and this makes me really happy and I hope that we can have this a similar thing in the future I think this was a very good thing for all of our communities so one of the hopes we had when we started this journey was that you guys would not just go to your own so the KDE developers go to their KDE meetings and so on so we've been talking a lot about so did people do that so I would like you to be completely quiet if you didn't go to anybody's other talk clap a bit if you went to some of the other talks clap a bit harder if you went to quite a few of talks outside of your own domain so can I hear you awesome we can clap our own shoulders up here as long as we want but this wouldn't have happened if it hadn't been for the more than 140 people who volunteered to do presentations here so should we all please give those hand a big hand for doing this it would neither have happened if it hadn't been for those people that had spent their last three days sitting running the cameras sitting in booth sitting in front of the presentations and making sure that they would shot up on time so anybody who volunteered during those three days could you please stand up quite a few of those so last but not least I want to hear how many of you managed to go to all the talks of this conference just see if there was somebody starting clapping there again the good news is that a lot of those talk has been recorded already so if you go to the acutecon.org page then at the front page you will find a link or find a number of links to where you can find those talks that you missed you can also find the slides if you click on a presenter or click on a talk there you can find the slide as soon as the presenter remembers to upload his slides so let that be a reminder to the presenters and finally I'm afraid to say this is over now have a pleasant trip home thank you