 Yeah, great 430 Wow, so great to be here at the open source summit Europe. I almost Missed missed it. There were store heavy storms up north and My plane got delayed and initially sort of my layover would be missed But then the layover was delayed as well. So I ran for it and here I am It's especially nice to see that so many are sticking around for the last session, even though it's so fun sunny outside and There is party afterwards So I hope you will definitely enjoy this last session here So my name is Hans Christian. I work for the Norwegian government more specifically the labor and welfare Administration or nob for short and I get back to what nob is So I've been a part of the open source Community for as long as I can remember I started back in the golden days of Apache web server and PHP CMS systems I still remember that we had our own source code hosting before we moved to subversion Git was not the not the still not the thing at that point Fast forward a decade and I became part of the What's today known as the node JS foundation when we forked node created IOJS and instituted an open governance model. What a time and Now I get the code in the open full-time as a part of my job at the Norwegian government Mostly in go playing CNCF go where you try to catch as many CNCF projects you can while building a developer platform so my team is responsible for the application platform at That all the teams at nob develop their application on top of and in many ways it was what sparked What I would be talking about here today How we are building an open government government with open code and open source So first for those of you not from Europe a sort of what is this? Norwegian government and welfare and labor Sort of it's part of what's called the Nordic model. It's a socio-nomic and political system and Commonly associated with the Nordic countries my infographic here is a little bit wrong We are missing Denmark and we are missing Iceland in addition to Norway and Sweden and Finland and there's no sort of single agreed upon definition, but the sort of is Characterized by these six pillars here. So a very strong focus on social welfare with free Universal health care and sort of a safety net for all That live in the country income this income distribution and sort of progressive tax tax taxing a tax model labor market flexibility and Strong workers right where you sort of you cannot be just fired with no cause on the day strong gender equality which sort of the labor and welfare administration also provide support to With their welfare benefits there as well as sort of free education So more specifically what is Nov so nov's mission is to contribute to people's social and economic Security and to promote the transition to work with the goal of creating an inclusive society with equal opportunities And the word nov means spoke as the spoke in the wheel because it's a central hub that makes the Norwegian society go around and We often say that we help through all phases of life all the way from the start with child support parental benefits sickness benefits unemployment benefits as Well, it's pension pensions. So literally from cradle from cradle to grave and Just to sort of set it a little bit into perspective and what we are talking about here So we still have code from the 1970s running in production today We And without revealing too much that's almost twice my age I wonder if my cubanities clusters are going to run for that long at some point. I really don't hope We also manage one third of the national national budget of Norway through our welfare schemes We have 20,000 employees about 800 developers at least those that have account on github Which includes our consultants and we just crossed the 2000 public github repositories mark before this summer So just to sort of get the scale of this operations. It's by no means a small operation at least not in a Norwegian scale So before we continue a sort of a personal story of mine so I became a parent for the first time in back in 2014 and It's the most wonderful and the most stressful thing in your life for those of you our parents And we have some truly great better parental benefits here in Norway Where the parents get close to a Full year of paid time off that they can divide between their parents according to some rules and When I say some rules I mean quite a lot of rules So this was what sort of faced me And It was this form here that you had to print out you had to fill out It didn't really offer much of an explanation and if I don't recall correctly I think I got it in return at least once because I filled it out correctly So not the best user journey one would say Fast forward to 2021 I became a parent for the third time And to my surprise sort of this form that you had to print out that was completely gone now You just logged on with your personal ID and the sort of a national logon system for all Services in Norway and you were prompted with congratulations here are your Parental benefits. How would you like to set up your parental leave and we we could then fill out this form together and The button that sort of was sort of submit It became green once everything was in order and you got sort of real Error message back and sort of said that oh this needs to be so and so So a much larger a much better user experience and it sort of sums up a little bit why I'm here today because this is There's been a lot of great work going on in the Norwegian government for the past years But if we then go back again Not so long ago That wasn't the case. It was with a Back with a paper forms that you had to print out then now I've looked something like this on a sort of a very very high level You have stakeholders in one part of the organization and then you had it as another part of the organization Typically had sort of architects and manager project managers and then they made sort of Very very detailed specification of what's needed to to be built and then they shipped those two contractors That's where the ones that were building the systems and As you can all imagine this was very costly very costly for the Norwegian state It was also painstakingly slow this process here It was very error-prone. So not only did it take long time there didn't result in any good Product at the end And as you can imagine there was a very very low engagement People didn't really feel that this was a thriving place to work when the system was this sort of set up this way here and In many ways sort of this is from the Phoenix project. I may maybe it's modeled over From what now looked back in the days, I don't know, but this sort of sums also sums up how how now and I Would guess a lot of the public sector and large organization would look like and Then something changed. So this is a graph of Average weekly deploys to production per year. So until 2015 you typically had quarterly releases where everyone would get into the office and you typically I can imagine sort of a line Where people like having their newly baked system Freshly compiled and sort of like can I put this into production, please? And if someone before you failed then the rest had to go home because then the IT would or the operations people rather Would have to clean that up revert back and it just Didn't didn't offer that sort of agile continuous delivery as we might maybe we are used to today So something clearly happened. What was what happened? Well in 2015 we got the new welfare Director and we also got the new head of IT IT director and First order of business was actually to them employee developers up until that point There were no developers hired in that part of the Norwegian government We we can see we get a little bit of bump in the deployment frequency in 2018 we started open sourcing our work and from there you can see that the weekly deploys just Started climbing and climbing and actually reached all time high during the pandemic or a little bit after the pandemic And then it went down. I think we can see some that we have reached that plateau there. That's the Means of going putting something into production isn't really what's holding our us back anymore So what was really sort of the reason behind this and where am I going with all of this? Well, it's this product team. We what also happened with their sort of influx of newly hired developers was that We reorganized how we were actually structured. So instead of having this very tedious pipeline or factory we sort of drew up the map again and divided all of the domains and put people into those domains. So for instance, here is a team that's responsible for parental benefit The team doesn't really need to concern themselves about unemployment benefit or pensions or anything else They only need to concern themselves about parental benefit understanding the domain understanding standard understanding the users and then being as creative as possible and delivering the best service within that domain and So what happened when they and then because they were really given a very free realm. They were giving as Much autonomy as they could within their domain Of course keeping within sort of this is these are the laws and regulations For this particular particular welfare service. So what happened? Well, as you can imagine they took decisions and suddenly we saw a huge influx of open-source tools and technologies being introduced to our organization And because this was tools that they really they had tried personally they have used in prior jobs and Which they really felt that this is solving a problem for my team and What else happened then get to happen because they didn't really like the experience that we were having in our previous source code repository and They were really at that point. No, no, but better alternative that they could find easily get They were easily available and Then they started opening all the repos Everyone everything was suddenly sort of oh, this is public. This is public this and it was a little bit chaotic and Anarchy at that point So we had to take a step back at that point because there were no internal policies There were this accidental publishing of things that could contain sensitive information passwords certificates or internal information that isn't really What we were supposed to happen so guidelines were clearly needed. We couldn't really say that. Oh, it's free for all without any Anything to sort of guide them so we created our our open code guidelines open of course they are Open in our github account from day one It's written in a region though Fair warning, but sort of explain the motivation behind. Why are we doing this? What's the benefit to Nav of having coding in the open and what are the requirements from the developer's perspective? What are the requirements on them and what should they do and what shouldn't they do when it comes to opening their repositories? Because why would we do such a thing? Well We believe that since we are funded by the public the code that we create should be available to the public We should be open and transparent. What are we doing with the money and how are we? Making sure that your rights as a Norwegian citizen are taken care of in a good way that when you apply for parental benefits That the systems that will automate and handle that for you It's actually written in such a way that it does what this should be and it up to the standards that you should expect as a citizen We also feel that this is being sort of one of the largest Largest largest consumers of open source at least in nor in Norway It's important that we contribute back that this code here if it can be reused if there's some Reusability that it should be reused there that we shouldn't Reinvent the wheel over and over again, especially in the within the public sector We also thought that Having the code open would make the developers think a little bit more about quality that not taking too many shortcuts Because people will actually look at the code. You cannot be completely missing unit us. You cannot have bad Horrible coding practices. You need to think a little bit more You need to be a little bit more conscious and not thinking that no one will ever see this because at this point they will And we actually see that that has that sort of Thinking about it actually makes our developers write better code And we also saw that or thought at that point that this was a good way to attract talent that this would Make now more visible and it would also be more fun and more engaging for our developers if they were able to Showcase what they are working. So having some pride in their work so Luckily, we were not alone in this sort of doing this so a huge shout out to Gov.uk that sort of been sort of a beacon in this here this process and very very early on wrote about the benefits of Coding in the open and why would was great for a security perspective as well and Sort of embracing open source and really encouraging open code within the public sector so in 2020 we actually changed our Policy and said that now it's open by default up until that point It was very sort of in these cases here now. It should be the default. We had such a great experience With very very little challenges after we introduced the policies and then we but we instituted There are three exceptions to the rules if your repository contains keys or any other Identifiable information that might be test data or something like that. It's an immediate no go of course if it's fraud detection algorithms, we tend to not be Open sourcing putting those public and also if it contained Unimplemented regulations so at some point there might be sort of discussions and we would see how would the code? How would the system be coded in order to sort of fulfill this regulation here? And we wouldn't really like to publish something that isn't published. It's not been made into law But at the end of the day the teams had the final say so it goes into their autonomy that they had the final say when it comes to Open sourcing their repository and sort of this has been our Ospo Believe it or not. It's this open source Slack channel and we don't that now have any anyone that's sort of full-time or sort of has an official capacity. It's sort of I Wouldn't say well and tear-based because we are employed by the government But sort of their the engagement into sort of the open source community It's a community effort and sort of people that have Engagement and sort of have enthusiasm and sort of feel that this feels strongly about it And for the most part it just keep ticking along and people will have some questions There would be answers and sort of we have this community inside our organization regarding open source So we do have some success stories to To share as well, I would be sharing four of them probably more that I haven't heard about So the first one is nice And it's the team that I work on as well. That's why I put it first So it's our internal developer platform It's made to sort of make our teams as autonomous and be able to take full responsible of their application So from development deployment and all the way through production and to the end of life of that application It's not handing it over to your production team anymore It's based on cubanites and sort of where The inception of the nice platform was we shortly after cubanites was open source as well it runs across our Unpremise environments and our cloud environment as well and sort of provides this unified layer So then very very few differences from the developer point of view running their application either on-premise or in our cloud environments and by this point we have close to 2000 applications or services running on our platform and sort of a recent survey said that 97% of our teams have one at least one application in the Nice platform, so we have a really really broad sort of Adoption but it's still optional. There is no Requirement that you have to use this platform here. It's sort of autonomous all the way Of course, then if you chose to use something else and for that matter run it yourself There are so much that you need to think up that the teams tend to choose the easiest path And then is that is to use the platform So for those of you familiar with cubanites, the platform looks like this. It's mainly providing CRD for the developers. So this is what we call a nice manifest So for those of you familiar with cubanites, it should look fairly Fairly familiar and then we have different operators in our cubanites cluster that sort of does separate things So we don't have Everything in one operator. It's sort of dispatching more resources as you sort of enable different features of the platform And this is what I've meant with the CNC of go Sort of this is So that it's building on the shoulder of giants It's of course building on cubanites and it's building on top of a lot of open source These are just the CNCF project That we are using they're using a lot of other Open source products and technologies that sort of deserves mentions, but I only had that much time So these are the ones that sort of got place in this slide So if you remember this graph here that I showed you earlier There's an empty spot between 2016 and 2018 and guess what that is where the platform So it sort of plays into this role and sort of been one of the key pillars why we have this sort of Why we have autonomous teams and why we have such high velocity in our teams as well So and this wasn't possible without open source There's no one no one arguing that we could never have built what we have today without the help of open source and but it goes Larger than just the welfare and labor administration. It's sort of outside Navas well We have collaboration with the tax authority the Norwegian police statistics Norway mapping authority food safety authority, and these are just a few That we have very very close collaboration with so you are already seeing that there are this Across the across the public across the government a collaboration here and stop reinventing the wheel in every single Authority or part part of the government, but rather starting to share and starting to collaborate And this was actually so successful and we have created Sort of a grass-root community called public pass Norway or offensively pass as we call it in Norway So this is just a it's a volunteer community, but we have at least for the 40 sort of member organization as of today and it was basically Nav and the tax authority that met during cube con 2017 and sort of Saw and talked with it with one another and that we are building the same thing. We should we should talk We should we should collaborate and see that or find out how we can actually Share information share knowledge, and then they just invited their friends and by word of mouth they're sort of the Community spread and the picture below there are the Norwegian delegates on cube last year's cube con EU and Then the other pictures there are from our last meet-up. That was last week actually in the offensively pass Community and just really really nice, and I got asked them and these are the word cloud here It's Norwegian unfortunately, but I asked them. What is the sort of what's the the main takeaway? What's the why do we have this and what's your sort of? The what comes to mind when we have this public policy and they said the sharing and Learning and collaboration In all the different types of words there and that is so really key And I sort of believe that that's key to open source as well this community that we are all part of And I did sort of try to count out with a good help of one of my colleagues that made a Repository with a list and these are actually all of the Norwegian government Organization with a public presence on github. So you actually see that they're quite a number of and these are Almost all of them are part of this public pass and we believe that we at least take some credit that they are using Open source to that extent because of that community So we are really really happy and it's going really really strong and it's an important part of our collaboration But there's more another network Started a little bit after the offensively pass or quite recently actually was that we had sort of in this Spirit of sharing and being open within our company within now We created this security champions that sort of all teams were not Required but they were encouraged to have a security champion and we hosted internal meetups and really sort of boosted that and and sort of Made it really awesome to have that role on your team And then we were of course sharing outside of our organization that yeah We are doing this and we are having so much fun and the teams are on board they're really starting to focus on security and Then again So someone from now talk with someone from one some other organization And they just said that we need to create a Norwegian network And it was larger than just the public sector This is across all of Norway and at this point They have close to two hundred and two thousand individual members in their slack community And they have had six meetups so far and sort of this security champion And it's a really created a really really bus in the Norwegian security community. That's really really cool as well a Little bit more sort of concrete and not community not that much community oriented is axle So you can see there's a common theme. We have the hub and we have the axle This is our internal product development toolbox But sort of keeping with our spirit of being public being open. This is open as well It's a public it repository where we document our best practice making with product development as well as our design system and This has also been a really really huge success in Norway where we have collaboration with other other government agents agencies To share components share Icons and collaborate through this. It's actually been so Successful that the sort of the digitalization Agency of Norway they have then decided that yes We we need to make this and they are made sort of a common design system for all of Norway So now we have this public design system here That's supposed to sort of all organizations can use and sort of collaborate With so they don't need to reinvent just a design system from scratch over and over again And then there are more things that should deserve their own we have different repository within our Sort of organization that has some traction every now and then there would be a tweet that oh I just found that this this exists the labor and welfare administration already made it So I could just reuse it and that's that's really really great and then there was this report that was sort of public I know if it was published today or It was at least it was highlighted in the keynote this morning And sort of it's a little bit contrast I feel that sort of they said that the public sector was lagging behind Well, at least not in Norway. This did not in my opinion. We are really really forward-leaning and We hope to sort of be Showcasing what we are doing and sort of being an example for other public agencies other governments across the world to sort of Yes, you can do this Norway has done it and then so can you and we very very recently we signed the FSS F free software foundation euro they have a Not a project, but they call to public money public code a sort of call to organization that Code that's funded by they by the people should be available to the people We signed that so we are met beer sort of a signatory there We just recently just a couple of weeks ago We became a member of the Linux Foundation and I'm really really proud that we are sort of we are stepping up our game or On there sort of the broad broader scene as well. Not only inside Norway and then sort of You might be wondering sort of was was it all this easy as sort of Indiana Jones made made it look in riders of the Lost Ark. No, of course it was wasn't There's always sort of controversies that we had to tackle along the way sort of Open sources insecure public code makes us vulnerable Nobody cares that we it's private public or private Our code isn't reusable enough what about commercial support and Sort of all of these are rooted in sort of concerns the well They definitely deserves sort of being taken seriously. I'm not sort of saying that this is this are not Sort of real concerns But what we have found is that none of them have actually turned out to be a problem sort of yes If if we do it incorrectly and if we do it without any guidelines as we sort of started with Then we have a huge challenge But with the guidelines that we have we have found that this actually The our public repel Repositories actually has fewer vulnerabilities compared to their closed source counterparts We have we have metrics for all of our repositories Thanks to get them and we can actually see a clear difference between the public repositories and the private repositories when it comes to responsibility of keeping their dependencies patched and up-to-date and the the code that they're right as well And we clearly see that people care. We got of course Everything we make isn't sort of we don't have any natural competitors There are no one that's going to make a new labor and welfare administration So it's not necessarily reusable out of the box But the very much of our components are reusable and we see that they are starting to being reused as well But again not everything is open yet Not everything will be open. That's just the way it is. It takes time and it takes To some degree it takes infinite time This is just a sort of brief Unformal survey that we did with our or some a team member of mine did with our with the private repositories Why hadn't they what was the reason why they haven't haven't turned the switch and sort of made their repository public? and a lot of people just hadn't really Didn't know that we had a sort of open-source policy. So that's on us to sort of communicate that a lot of them didn't have the time And that's understandable. There is features and there are things to do or all the time And you do have to make sure that the repository can be opened. We actually have that as a requirement Some of the Sort of responses was that we have too many vulnerabilities and that's sort of that's maybe something that you should tackle Regardless of it being public or private We just forgot it's still under development. It contains sensitive test data So not everything is is of a modern date where we have synthetic test data And some of them are just to to be retired and that of course takes infinite time before they are Eventually turned off. So this this is just a fact of life and Something that we have to deal with or be aware of So we are wrapping up now and Getting ready to go out in the sunlight. So now today can sort of be summarized in this these four Highlights here. It's team autonomy first the team first. That's the most that's what we are gearing towards and sort of making sure that they Have what they need with regards to tooling and with regards to autonomy And then it says sharing is caring a lot this culture of sharing internally when teams take and make decisions They are more or less obliged to share that with their fellow teams So when they sort of decide to use something they must then share it with others their experience So people or other teams can sort of take Informed decision whether or not to follow there and we see that for the most part it sort of follows Some someone will lead by an example and then the other will follow in that direction And then having the right tool is really really important for teams and not having frictions in their day-to-day life And having tools that fit is fit for purpose and then we have this Policy that I'm really really proud about that we have we are open by default And that also means that when we are considering new technologies and new tools, etc We are looking for the open source eternity first if not We are looking at open standards and maybe a proprietary implementation and only sort of lastly will be sort of consider Close source proprietary on the way and there are some cases where that is sort of the right decision But at least it needs to be in a form decision and it means to be made in that direction And then we see that actually Since we started opening up This has been really really good for us in many ways, so this is sort of a survey Done by an investor and sort of the lower score is better. It's how they rank So you can actually see that we have gone down or up regarding depending on how you would Score it better better ranking sort of of course We go a little bit up and down But in a general sense over there at least as long as I could find data We have sort of moved in the right direction Big and and the fact is that at least in Norway. It's a really really competitive market And since we have this universal health care and such great benefits That's it. That is not something that sort of we have exclusive right as a public government employee That is just how it is you have a job safety regardless if you are a public employee or a private employee So it's really really competitive But being open source have made us really visible being open and being allowed to share being allowed to talk what we are doing and being sort of Inconferences like open source summit and sharing or experience actually Gets result and this year we had a 2x increase in applicants And we have had a record of 600 applicants for developer related positions that were opened this year and we in the general sense without me having too much data to back it up We see a good trend of employee satisfaction We at least the developers that I interface with that I talk with on a daily basis. They are For the most part really really happy with what we are providing them and the sort of the work environment there But it doesn't really stop us from sort of pushing on to sort of continue Being better and continue this work. So, of course, we will continue being open and sort of opening more and more making sure that What is sort of what can be open is open There are areas that we would really really like to see or at least me personally would like to see us improve upon and that sort of participating upstream being an even more responsible open source citizen as I said sort of we consume a Tremendous lot of open source and also being sort of good open source citizen and Interacting and engaging with the various project is really really important for their sustainability And for us to be sort of a good open source citizen And then I would really like just to see that continue growing these communities that we already have have going and sort of continuing that trend And that's that we are even better on showcasing the open source technologies that we are using and that we are making as well as Seeing if we can find ways to actually fund open source projects as well and that's particularly Challenging in the public sector, but sort of I really really believe that it's possible and it's worth Investigating and worth sort of following up on So with that I am concluding my presentation and I believe that we have some minutes before we are done So if there are any questions feel free to Ask them if not, I will be at the party and being here all the days of the open source summit So feel free to hit me up. Yeah Yeah, so Yes, exactly In some cases we might have sort of an advanced notice that this regulation here will be passed and then at that point we sort of Will tend to not be as public as we would normally be But this on the upside means like you get the first notice as there will be a law and you are not sure about it's like Like that, but you already start implementing that you don't have to start implementing when the laws out, right? Yeah, in some cases we we will try to be as sort of proactive as possible So it comes down to the individual teams whether or not they have the advanced notice and Whether or not they have time to actually start working on that But yeah, if we if we can we will be as proactive as as we can to sort of Be ahead of the curve and sort of hit be and deploy the new version once the sort of the regulation is actually published nice So what I'm wondering is the software is being open sourced. Is it also Open for contributions from outsiders Yes, it is. I don't know if we are How good we are and actually having contributive guidelines and that is also something that I would like us to be even Better, but we do have had some contributions in the past, but they are at least You need to have you need to differ between sort of this is just an app and part of service Those typically don't get any contributions. They're very rarely that you find Highly motivated you might find highly motivated citizen And oh, I spotted this CSS bug and I can actually go in and then fix the pull request There has happened that type of contributions and then we have all of these other parts that are Sort of building blocks a little bit lower level is the design system It's the components that builds up our platform and etc. Those have outside contributions and we are very very happy and we are Actively trying to have more of a community around those Thanks I would assume that as a government agency or as a bunch of government agencies You have services that are really important for society to actually function in a way and I was wondering Does anyone look at this from like a broader national security perspective in terms of Delivering these services and what would happen if like an antagonistic state actor would actually target you through these These repositories. Yeah, absolutely, and we have Huge teams and departments that sort of are focused on exactly what you're saying there. So Often it comes down to sort of how do we have disaster recovery Mechanisms are we and are we keeping the citizens data secure and sort of being sort of a good Stewart of that data. So it comes down to sort of data locality often On the opens of the code itself. It's quite ununiversal At least quite sort of broad acceptance that the source code Isn't sensitive. That is not where the security are in the code itself And that we are we the there are of course pros and cons being public and being open about it, but that the The being open the positive effect of that is greater than the potential downside and So so in large degree and then we have other Mitigating actions to sort of make sure that we find vulnerabilities and sort of are ahead of the curve there as well So Yeah, it's it is a challenge But Sort of not not being not the code itself And that there are so many systems that needs to have access to the source code. So It will be public or not It will be it will sort of it's a it's sort of just waiting to happen for the source code to To leak or someone to get their hands on it. So it's that that shouldn't be the mechanism that stops any Bad guys from I was more thinking of like directed attacks towards you like supply chain Yeah, so supply chain security is something that we are very very keen on and sort of we're very It's sort of something that we have spending a lot of time. It's the SLS a supply chain security measurements of signing of providing and consuming software bill of materials as bomb so Definitely something that we had high on our mind there and sort of as I sort of alluded to sort of we see that our public repositories The the teams that have public repository are much more sort of aware of these challenges there and a much quicker to actually Get their dependencies patched and up to date. So of course, there will be that there are adversaries We aren't there sort of the While while it will sort of it has potential to disrupt and sort of be have have negative consequences. It's Certainly not life and death Situations that we are sort of that's our that those aren't the worst-case scenario scenario and also we see that sort of from a Larger government perspective or or sort of national security perspective. There are other higher value targets in due to our sort of Continuity measure measures. We are able to pay out Most of the welfare services regardless or not if our environments are sort of online Do you have any interaction with your counterpart from any other European countries or maybe, you know Cities or public administration Sort of not me personally at least and we I would really like us to have more interactions So if there are any please approach me I know that they are on higher sort of higher political levels But not too much on the on a code level. No You do not you do not share codes between countries for something that can be reusable in other countries Well, it's all open source. It's MIT license. So if anyone wants to use it, it's and you are not using something from another country Hmm, you are not using something published Not that I can not not sort of public code. We are using we have we have API integrations Maybe but but I can't sort of recall that we all we are using this component here We might do because sort of the teams have the final say the autonomy of what Packages are providing. So if they are pulling in a react component from the French government, that's that's sort of out of my I don't have the visibility into that Hello first of all, thanks for for your talk You just answered my question. I was I was wondering what type of licensing are you using your public repositories? But you just mentioned that it is MIT. Yeah, why MIT and not other Restrictive license for Governmental There's sort of a wrong answer and a right answer depending on what you think sort of My personal belief I wasn't there run sort of all of those decisions were made but I believe I can imagine that since most of this grew out of the team that created Kubernetes platform and since Kubernetes is licensed under MIT. I can assume that they sort of This works for Kubernetes. It's the whole ecosystem here. We are building components for the Kubernetes ecosystem It's why shouldn't they be MIT lesson that it seemed those are at least compatible And then of course there are this broader Sort of discussion sort of regarding copy left licenses permissive versus restrictive licenses and Personally, I believe that sort of being as liberal as you can be with regards to your licensing that's sort of Then then there is a lot most Reuse possible. We don't really care if there's a commercial. It doesn't hurt us if someone gains anything Monetarily or for whatever reason on the code, of course We would really not like it to see being used against the humanity and so forth But sort of from a commercial perspective. It doesn't hurt us So long so that's just a neutral so the more people that can use it the better In my sense Yeah, and I have that kind of two questions One is about governance if you have any kind of a governance model in place to make sure the open will stay open by the fall From a government perspective and the second is how do you involve the citizens on in the code? Or if there's any kind of a programs to make sure citizens are involved I didn't quite catch the last part, but I can answer also the first one first so it's sort of It's it's basically mostly word of mouth There is this trade off should we invest a lot of time and effort sort of stuffing up an open source Office or should it mainly be sort of a grassroot movement and that we accept that there will be in this case here There will be teams that doesn't really follow the sort of the standards that we are laid out And we have opted for the latter because we feel that We the while there is certainly benefit for us have being open It's sort of it's only benefit until a certain extent we can only Put this much effort into it before it starts sort of being a conflict of of interest of of is spending more Time and resources on being open than we are gaining in the other hand there So that's sort of but with that there is there is this very Self-awareness from the developers perspective. They are quite aware about what their fellow teams are doing with regards to Technology decisions with regards to being open or not and most developers really like that This is public on their GitHub profile. Most of them are using their one account Some are using sort of oh, I want to have my work account for my work And I want to have my personal account for my personal thing. That's totally fine But most of them only have one account and sort of treat that as my CV of some sort and really like and really and if they can Have a repository public they will have more to show on their profile there and more to gain on a on a personal level So that's sort of their first part there. Yeah Go ahead. The second part was about how do you involved as a the citizens as contributors to make sure the code of keeping the hands of the citizens yeah We don't we don't have sort of that I would really like us to have more involvement there And I really look at sort of like the open street map community where you have this very community driven I really believe there's a room for what I would call digital volunteer work And that sort of if if you find that oh my this this service over here. It's subpar. It's using Not my favorite Sort of web Framework or with more seriously sort of it has some bugs. It has some something isn't right here We really would like there to be sort of concerned and responsible citizens that then were allowed to sort of and and could Could you could go into the code and sort of change it? So I would really like you to see that there was sort of this edit button in at nav.no I'm not sure what the different stakeholders would feel. I think for the most part They will say that this is confusing to the users because ninety nine point nine nine nine nine users Doesn't really care and it's not really meant for them. It's meant for those that oh I'm really interesting. How did now? go about Sort of providing me this service here. They had some automated decision making How was that process done? Can I actually see what is actually going on under the hood here to make sure that my rights are Being preserved as they should So there's no not an easy answer to there I believe that sort of being being public being open about it that yes the code is there if you if you have some questions if you have want to sort of Participate or look at it. It's all there just do that so again, so it comes a little bit back to the first question as well sort of how much time and effort can we sort of Set aside Doing that outreach there before sort of it hinders the the actual sort of delivering the welfare services that we are set to To be delivering But with that said, I really would like there to be more pull requests from Individuals and to these Applications to the services themselves and not only the sort of the components. I Think we are out of time So I would respect everyone sort of want to go outside and I will not hold you back Thank you so much for being here