 And thank you for inviting me here to be part of this event today. I'm delighted to be here. I would like to start at the next part of the session where we're actually going to look at the perspectives from both the public and private sector. But before we get into the panel discussion, I would like to invite Pierce O'Donohue to the stage, who's the director for Future Networks from DG Connect and the European Commission. And he will provide an opening statement that will help put some perspective on our discussion to follow. Pierce, welcome. Thank you very much, Claire. And good afternoon to everybody. Thank you for the invitation. It's great to be back with you. And I would indeed like to address some of the issues that we've just heard about, which are so important to the commission. So dear colleagues, I would like to start by refreshing the commission's commitment to open source technologies, open technologies, as it was just said, for our economy, as well as for the robustness and autonomy of that economy in a competitive, but also geopolitically unstable world. But let's start with a positive, perhaps a slightly old example for most of you because you're so involved in this community. But the best high performance computers of the world are running on open source components. And Linux, the kernel is powering the internet as it were its servers and the devices that connect to it. So even as we see in the tragic events in Ukraine, attempts to cut off internet access, it is one of the elements that contributes to the robustness of the internet, that it can be decentralized and therefore it can be partly self-repairing. And that is one of the many attractions that we have from an open source approach. And it is things like that that, of course, change perceptions about open source even today. And so now, I think with the study and what we're going to discuss, we have to really ask, how can open source contribute to open strategic autonomy? And as I would say, or stress open strategic digital autonomy, if you'd allow me that phrase. Now, of course, we're only interested in it if it can maximize the value for European citizens and businesses while at the same time protecting our society and values. But we are convinced that open source is a key instrument for Europe's digital autonomy. It increases competition in key digital sectors and it improves competitiveness. And at the same time, it also supports the digital transformation of society. And that's a question which this commission has been focusing on and you won't be aware of the number of initiatives which you have taken. And it's not just a question of how to achieve the transformation but also to ensure that in doing it, we are careful as to how it is done. So take as prime examples, for example, the protection of personal data. That's a well rehearsed example and one that I will actually come back to. But also, what about the protection of the environment, for example? Or we have to ensure that digital technologies not only respecting their environmental responsibilities and helping to meet our green deal objectives as an industry or as a set of industries, including of course, carbon efficiency. But how does open source help all sectors of the economy and society reduce their carbon footprint? And that's how we have to look at all of these challenges of transformation. So when I listen with great interest to the report that's just been presented, we do have to address technological dependency and we have to address supplier dependency, which do, as I think I understood from the presentation, have different characteristics and therefore require slightly different approaches. But together, we have to say, what are the best actions to overcome these dependencies and to actually achieve our transformation goals? So open source has of course many strengths which you are familiar with. And it does change the way that we think about policymaking. How do we, for example, think of cybersecurity of open source, which has changed and matured recently? But how do we scrutinize artificial intelligence, which is powered by open source when we are focused more and more on that as a driver for the operation of entire computing ecosystems as well as our communications networks? So open source as opposed to proprietary approaches to, for example, artificial intelligence or even to cybersecurity itself will make a very significant difference to the way in which we then ensure that there is societal control, that there is an awareness and transparency about what is happening, but also so that we can benefit from these technologies and not these slaves to them. Because we want open source to help as it can be to support our autonomy. Now that includes getting leadership where we are at the moment perhaps lagging behind. But it's also about exploiting the natural advantages, the natural leadership that we have here in Europe. So as I referred already once to personal data, if you take our approach to personal data or to other societal issues like disinformation, we can see that having an open source approach will indeed help us to have greater transparency and certainty while not actually having to interfere with the technology as maybe the case if we were dealing with entirely proprietary standards or technologies. At the same time, we can lead by example because we can with our values, we can use this open source approach in ensuring that they are hard baked into the technology and that therefore we while supporting European values and norms are setting a high standard which we reward those who respect those high standards. We do not allow others to undercut those standards by breaking the rules. And that means that on the global level, we are leading by example, improving the human-centric nature of our technologies, setting high social and moral standards. But at the same time in a very cold business sense or logic as well, we are actually giving ourselves an economic and competitive advantage. But I'd like to dwell a bit more on those values because the European digital strategy that we are driving in the commission does look to have people put at the center of a fair and competitive digital economy. Whether it's basic issues such as freedom or democracy or equality, but also simply consumer rights and the ability of others to enter a market. These are all elements which underpin sustainable digital society and they are the society that is the type of society which Europe was. But we have to be realistic and as I heard Céline say very clearly to gain scale, we have to work together. We have to be realistic about the abilities of individual, smaller European companies to themselves take on some of the giants in order to develop a foothold in the markets, in order to be able to promote and push open computing, open hardware, open electronics, open science, whatever the technology is. Those open technologies, the phrase that Céline used repeatedly will leave me to think about open hardware which we don't talk about as much but open hardware platforms are developing fast and that represents another form of modularity. It represents another form of transparency and by the way, will be increasingly important as once again, we completely lock together our transformation goals of digital on one side but linked and interlocked with the green transformation objective that we have as well where open source hardware will actually contribute and allow us again as a society to have transparency about what the equipment is made of, how it's working and how it's disposed of afterwards. So those are some of the key issues that we look at and I heard quite a few resonances in the report that's been presented. And what we have to remember is that when I hear though about access to critical technologies perhaps we have to go beyond that. It's not just a question of access. It's also about being involved in their development and of course their use. So as well as being autonomous, we have to be influential. We have to ensure that we do actually bring others with us with regard to the standard process, the standardization process for open source. It means that we don't want to be independent if that means being isolated, if that means creating silos because in fact what we want is to benefit globally from this digital ecosystem and we want others to benefit from the work that we are doing. So interconnected or even interdependent is just as important as the autonomy part of what is a key part of the European strategy. I have to mention lastly before I stop just the question of cybersecurity. It's always raised. Sometimes it is raised as an issue by those who are not keen on an open source approach. I think in recent years the open source community has shown robustly how secure and in fact how many advantages in terms of security the open source approach presents. But we have to maintain that security. We have to maintain that robustness and ensure that it is not used to undermine the values that are referred to. But in the current crisis that we are in we see once again that the ability of the whole community using standards or technologies that are transparent to assist in the situation such as that in Ukraine is something that we would like to see reproduced elsewhere. So to conclude, open source will help Europe to become more autonomous. It represents an area where we are and can be a leader. And of course it is an area which by taking an altruistic approach it contributes directly to the improvement, to the competitiveness and the welfare of Europe as a whole and not just the company or the sector that you are working in. And that is why we welcome today's report. I'm very happy to have the opportunity to speak to you once again and I do look forward to the discussion. Thank you very much. Thank you so much Pierce for those opening words. It was great to hear your perspective for the discussion that is about to come. So at this point in time I would like to invite on stage our virtual panel. So that is please welcome in fact, Vittorio Bertola who's Head of Policy and Innovation for Open Exchange and folks you can wave as you come on just so that we can know who people are. Though you've been very helpful and actually you all put your names in. So thank you very much for that, but welcome Vittorio. We have Marco Alexander Bright who's the Deputy Director General for Artificial Intelligence, Data and Digital Technologies at the Federal Ministry for Economic Affairs and Climate Action. Hello, Marco Alexander. We've got Deborah Bryant who's the Senior Director of the Oslo at Red Hat. Hi Deb. And we have Mike Lynxfair who's the Head of Developer Policy at GitHub. Welcome Mike. So thank you all for joining us here today. We have heard some amazing and really interesting report from Savannah in terms of the discussion around digital autonomy. We have also heard some great statements from Pierce around the perspective of the European Commission. So now we're going to have a look specifically in this panel at perspectives from the private sector. Thinking about both the problems that they raised and also potentially some of the solutions that were suggested and to get your perspectives on that. So let's start today with Vittorio because you are a representative of the European tech company. So in the context of the discussion around competitiveness and scaling up and competing in the global digital market being a European company, how do you formulate this kind of idea of a problem? How do you think about digital autonomy from your perspective? Well, first of all, thanks for inviting us. I mean, we are actually one of the not so many European internet SMEs. And I mean, you can formulate this problem in many different ways that we could talk about financing, scaling and so. But I'd like to focus on a couple of things that are more relevant to what we are discussing in terms of autonomy. So I'd say that we still have as European SMEs are challenges in accessing markets and these challenges are mostly connected to well dominant positions that we all know but also to a sort of a dependent mindset that in Europe we still have, I mean, we still depend on how the internet industry has developed in other parts of the world, like the US of course, but also China. So we see this also in the policies that we see. We see, for example, still too many parts of the European ecosystem and policy ecosystem looking for the unicorn which is a good mandate. I mean, everybody expects and asks why don't we get a new Google in Europe? And that's fine. We hope we can get something like that but Europe doesn't work like that. So Europe is rather like an archipelago of countries or nations or languages that produces horizontal alliances between SMEs. So maybe if we as a German company we are presenting many counties but maybe not in all the European countries. So maybe we look for a local partner and we build an alliance and this is how the internet market develops in Europe. And open source and open standards are really the only model that promotes this kind of open center of operation. But also there is a lack of education of laziness in the IT procurement people especially at the lower level, more on the territory. So I mean, there's people that say we've been using that property solution for 30 years and so we can just continue using that. And they don't think, I mean, the fact they spend the money can or cannot create economy and growth and know how locally in their own territory depending on how they spend it. And so even if we have now like 20 years of policies for public money to create public order still it's not happening everywhere. And still, I mean, there are people in the procurement environment that do not seem to get the weakness in strategic terms of having public services that are hosted outside of your local environment, of your local jurisdiction, maybe subject to laws by other countries that allow access to personal data. So these are challenges that are still not well understood by many procurement people. And then we have the actual dominant positions and the dominant positions that we see in all the international, almost all the international now have a silo that is building a dominant position with few exceptions. And these are not just fueling the laziness because of course, if you have to pick a service you will pick the dominant one. These are not just influencing the future because then the companies that have a dominant position will control the culture of the standardization organization and the design of the future technologies. And we'll ensure that, I mean, we will still continue to build this kind of over the top and click the centralized silos that contribute to further dominant positions in the hands of all the same very few big companies that operate globally. But I mean, actually these dominant positions just make it impossible or very hard to enter new markets. So to make an example, we are a company that makes, we make webmails, webmail platforms or DNS services. And so some of the big tail codes in Europe use our webmail platform. Maybe we would like to allow the final users of these webmail platforms to also send the instant messages, but we cannot because all the instant messaging world is made of these silos that basically do not allow third parties to exchange messages with their users because they want to keep them closed in the silos so that they are not subject to competition basically. So they escape competition by closing down the silos. And so this is why we need a regulatory intervention. So we, of course, we have been active in looking at the digital market sector, now the data actor, all these new things that, I mean, we have hope that we will get some of the solutions. We will get the interoperability that we need to allow, for example, to have a service like ours to send messages to instant messaging user or maybe exchange social media messages or these kinds of things. And this can create innovation, can allow new companies to step up, not just existing one. But what we see is that there's, I mean, we seem to be getting too little too late to use a very long internal terminology in terms of business. So it's striking that we've been having in Europe heavily regulated ISP tailco industries for a lot of time. And so interoperability and switching in these kinds of industries is easy for the final user now. But for some reason, we cannot get the same internal services. And this is really something that I can't explain. So I hope that we will get it in the near future. Thank you. Thank you, Vittorio. I love your analogy about the fact that we shouldn't necessarily be always looking for unicorns. It's unicorns and rainbows isn't necessarily what we're looking for here. And I think the opportunity that was described earlier in terms of the SME market and how we have the potential to provide really, really valuable services in 26 languages and with very specific requirements for each particular jurisdiction is one that we should definitely take advantage of. And I really liked your point about the regulation around this idea of making it necessary to actually wouldn't it be great if it was open so that it would actually allow for folks in SMEs to get more involved even easier than it is at the moment. And so with that, I'm thinking about that global aspect and the global market and how to enter into that. I might come to you, Deb, because you're from a global company and thinking about Red Hat and the global market. Can you perhaps comment about this idea of technology lock-in, supplier lock-in, how open technologies can help counter those kinds of challenges? Yeah, absolutely. So thanks for the opportunity. Sivan made a number of deep comments on the status of this. I don't want to repeat a lot of the valuable content he provided in terms of today's suffer world and the rising star of open source. But we do know that the last decade has brought radical changes in acceleration and adoption. And in particular, the last several years of the pandemic have really greatly accelerated the adoption and participation in software communities in all sectors of society. And I will say as we continue our panel discussion, I would suggest that the key for Europe may be all sectors of society where the US, where Red Hat started has been a software economy for a long time, may have left other sectors behind in terms of academia, research, and civil society. We're seeing that catch up, but I think Europe has an advantage there in terms of the way they've thought about certain things. When Red Hat started 30 years ago, they really stood alone as the only vendor that was doing commercial support. That's dramatically changed, but that original model for engineering, that original model for the business still remains today, right? And so I think it's been a proof point to suggest that a company can keep its code open and still provide value to its customers and its stakeholders. I think this is very important in that cognitive dissonance we have to get through about commercializing or providing commercial support and value into an open ecosystem is something that companies will become successful with as they adopt that model. On any scale, whether they're a unicorn, a rare company, or a small company, it's the same ecosystem. And so there's an equal opportunity to take advantage of a major global asset to do that kind of work. And I think it just goes without saying that this kind of approach enables the notion of digital autonomy, being able to participate, to choose to change your technology stack or decide you wanna participate yourself here and happy with your vendor or you can change a vendor. These kinds of open standards and interoperability that open source brings really does level the playing field in a different way that allows all levels of at least commercial participation, let alone collaboration in civil society. Thanks Deb. And I think you're dead right about the idea. Isn't it wonderful that you can provide the value in the perspective of actually giving people more autonomy and influence over the technology as well as the security that something is supported and that they have someone to call if something goes wrong. So it is definitely seems to be a model that should and could be leveraged much more widely for all organizations, big or small, as you mentioned. So next I'll come to you Mike from GitHub's perspective because you've been engaged as well in open source and policy for many years. So from your perspective, how do you see this framing of the problem from an open tech perspective? Yeah, thanks. And I guess start off by endorsing what Deb led off with lots of deep insights from Sivan and as well as from person in the report as well. I really encourage everybody to read that. And from an kind of open policy perspective, it's, I think everybody here really gets it that I see kind of two naive tensions. If it were one hearing about digital sovereignty, you might think this is kind of a nationalistic take and doesn't, and it's actually a threat to open and collaboration. But if you understand the open strategic autonomy, the criticality of open, it's not about that at all. And from an open perspective, historically open policy has been very, very focused on copyright and just having the necessary permissions to be able to study, modify, share, run software. I think what brings, what sort of makes those seemingly, or those kind of naive initial takes come together is really the notion that you need capability. You need to develop capability in order to actually achieve strategic autonomy and to take advantage of those freedoms in access that you naturally have to open source software. And I think the sort of private sector journey really kind of underlines that and will be greatly expanded by the public sector and policy journey of kind of initially seeing open sources something to be feared or not understood and then kind of as just kind of a free resource and companies and other organizations that are really leveraging open source are doing so by participating and following best practices. Most obvious one working with upstream and kind of institutionalizing that through the involvement of OSPOS. And I think that that can all be adopted is being adopted in the public sector. But I think it becomes much more interesting because a public sector has broader goals than new companies. So to kind of account for openness to see openness kind of as a policy tool across a bunch of different sectors. And you know, Pierce Adonahy really highlighted a number of those. So I think that that is gonna that kind of engagement from the public sector is gonna increase the size of open source and create a lot of cultural change and even conflict that I think is gonna be healthy. I think we can also see that from private sector engagement with open source over the last 10 plus years that corporations are kind of pursuing their own goals but also contributing mightily to the growth of open source. And I think that the same thing is gonna happen with government engagement with pursuing own goals, making sure that public sector values are a part of the open source community. And that's gonna make us all stronger in the end. Thank you for that. And I love, I mean, personally, I love the idea that we might actually be able to get rid of the whole term of digital sovereignty or digital autonomy as a standalone term because it does cause this confusion. But if we could replace it with open strategic digital autonomy then I think that would be a lovely change for us to have. So thank you for that. I'm also gonna put a pin in your comment about the idea that having more people being involved in contributing might actually cause a change in the ecosystem that might even cause a bit of conflict. So maybe we'll come back to that actually and think about what that might mean for the broader open source community because it's an interesting one as well. But before we do, I want to hear from Marco Alexander because you work at the German Federal Ministry of Economic Affairs and Climate Action and Pierce in fact mentioned the link as well between the need for our goals and values for the EU to have a link between the digital goals as well as the green transition that we have to actually go through. But can you maybe then comment about in general about the digital competitiveness issue and how open technologies may service that? And if you want to comment as well on the green transition as part of that because of your background, that would be fantastic too. Yeah, thank you first of all for having me it is afternoon and a good afternoon to all of you. I fully agree with a lot of you all said but please give me the opportunity to kind of give my own point of view to some of these issues. The first of all, I think competitiveness and sovereignty in the German debate is sovereignty and this gets confused with autonomy because autonomy is something very different in German and in French than autonomy and digital sovereignty. But let's stick to the autonomy discussion for a second because it shows the apartness and the ambiguity of the terms. In the end, this autonomy and competitiveness are two interlinked concepts. Competitiveness itself is not a goal that you should strive for. In the end, it's what the things that competitiveness leads to is what you aim for as a government. It's jobs and wealth and the wealth is distributed in all the societies. So in the end, competitiveness is just a measure of how much wealth can you in the end attribute to societal actors. And why is competitiveness interlinked with sovereignty? You can see it right now in these international affairs because reduced vulnerabilities and strength and sovereignty go hand in hand. You take for example, the product prices that all of us are using each and every day. They are highly dependent on the commodity prices and the commodity prices are highly dependent on energy prices. So in the end, we are not able right now to really see how energy prices are going to be interlinked with product prices and the competitiveness of goods being manufactured in the European Union. And you can even see, and this is way closer to what did our background, we do not know yet how energy prices are going to relate to cloud computing prices. We will see price hike in the next month, I assume, because otherwise the companies, especially the larger ones that have been relying on lock-in effects in the last years, how they are going to conceptualize or do these energy prices within their own product. So what is digital autonomy? What is digital sovereignty from my point of view or from our point of view? It's not that we need to do everything by ourselves. It needs, we need to be able to do whatever is needed by ourselves. So the concept of autonomy is not a nationalistic concept. It's kind of a safeguard against international crisis. As we see now, it's kind of a safeguard against dependencies that get right into the middle of your economic vulnerabilities. So again, it's not a nationalistic concept. It's closely interlinked with competitiveness and it's closely interlinked with the welfare of all of us. So second comment that I would like to make is how do we get, and this is something that Vittorio and Deborah mentioned. How do we make an ecosystem competitive? If you want to build tech, this is my civil servant, sorry for that, not an entrepreneur, but this is my plane view. You need three things. You need bright people, you need money and you need an ecosystem where bright people and the money find together and you create opportunities for businesses to foster and for opportunities to kind of get the next big thing. And Europe, Vittorio, it was a great introduction. It's highly federalized, it's governments, it's ecosystems, it's tech bubbles. It was not one European tech bubble. There is a lot of tech bubbles in Berlin and Paris everywhere. And if I want to set up an ecosystem, a physical ecosystem, and I think physical ecosystems are very well left the effort, you will not get this in Europe. Why so? Because the French, they wanted it in Paris. The Germans, they wanted it in Berlin or in Munich and the Italians wanted it in Florence and you can count that for all the 27 member states, six. And so in the end, this physical ecosystem, that culminating point where opportunities, ideas, brains and money come together, it's almost impossible for Europeans to achieve. But what we can do is kind of master the technique of fulfilling the promise of an ecosystem in a digital way. And this is something that we are trying to do with regulation, data act, for example, the data governance act, for example, the upcoming AI act, for example, and it's something that we try to achieve with the data availability and data spaces, for example, via the GAIA acts initiative. So I would like to emphasize the role of open source in all this. Why is open source so important? You all said that because it reduces the dependencies, but there is an opportunity here. If we are able to set up the most important digital ecosystem in Europe on the basis of open source, we give the bright minds that really live the open source idea, the opportunity to change the world. And as of now, there's companies, Deborah, that really do this greatly, but we are still lacking this huge ecosystem that's not comprised of by only one company, but that kind of attributes the knowledge and the money and the brains through all the nations, through a small medium enterprises, to big companies and this ecosystem that really where these ideas can really strive to promote this and to reduce vulnerabilities as we have seen a look for Shell. We are in Germany setting up a sub on tech fund. We are in the process of trying to find out how to exactly which angle we should choose for setting up such a funding. And such a one stop shop for open source ideas, but we strongly committed to that via the new coalition treaty of the new German government. And let me finish with one more thought. Right now we see how important security is, especially if you really, really need it. And right now we are in a situation where international affairs have shown us that we really, really need security. And cyber security is just one part of it, but the problem right now from a European perspective is that we actually lack this scalable, this big size scalable AI enhanced platform enhanced cyber security company. There is a lot of them in the world. They are all in the United States. And if you talk about strategic autonomy, then we should think about cyber security probably too. And this is going to be one of the issues that we should address the next four or five years because otherwise we are having the cloud computing debate 2.0. Thank you. No, thank you, Marco, that's Andrew. And thank you for making that distinction about how we can think about autonomy and sovereignty in the context of just removing dependencies or any risk that we may have from that perspective. And then so thinking about that, and you yourself have mentioned some of the ideas that are happening in Germany, like the sovereign tech fund and even some ideas about where we might put it. If cyber security might be one of those areas that might be a high priority, but also now thinking back to what Savan mentioned in terms of his eight various different ideas around maybe looking at changing leadership culture to actually get engagement here, or for example, developing more OSPOS, or for example, making sure to actually buy more SMEs, making that easier, that may actually have impact on procurement and things like that. Can I ask each of you now maybe to think about what you would recommend in order to reduce our dependency on any one supplier or meta supplier or technology, but to enable this idea of a proliferation of more European based solutions that might help reduce our dependency. So I'll go around again and maybe we'll just take the same order just to ask what would be one idea that you think either from Savan's list or another idea that you would think that we should double down on in order to reduce that dependency, Vittorio. Well, as I was saying, I think that we really need to open up the internet again and prevent its centralization because decentralization is happening to the hands of companies that are not in Europe. And to make an example, I mean, what we were saying, we were talking about cybersecurity capabilities. Now, if you want to develop AI based cybersecurity capabilities, at least for network attacks, you have to see the network. So you have to ISPs and network operators that have access to at least certain features of the traffic of their users, so that they, for example, can detect when computers are infected and they are spreading malware or botnets, so they can look into, I mean, for suspicious unusual traffic patterns and so. But now what is happening is that all the big internet platforms are pushing this model of an encrypted internet in which basically you have an operating system like in mobiles, which they control or a device. I mean, a physical device, IoT device that they control and they have servers in the cloud, in the US or even in Europe, but servers that only they have access to. And there are encrypted channels that make it so that the ISP doesn't even know whether there's a connection that is happening. I mean, even the DNS, which was a traditional point in which at least the ISP had some idea where the users were going and it is now disappearing and going into this invisible encrypted, which is good for privacy, maybe to a certain extent, except that maybe, I mean, these platforms sometimes live of monetizing data. But basically we are making all the European ISP and network operators going dark and they have no way to see the traffic. So they have no way to build the cybersecurity capabilities. They're actually losing the ones that already exist. So I mean, this is all interlinked. This is why I think we have to make those at the architectural level of the future that we want to build over the network and the architecture we want to have over the network. And we have to have the strength to discuss this with the global platforms to a certain extent, impose it, but at least, I mean, this is part of the sovereignty part. But at least to discuss with them and find ways so that the European actors actually have access to the data they need. Okay, so I'll take from that in terms of the open standards and open data, including the kind of tension between privacy and what people expect from that and the idea of encrypted privacy and all the rest of it. That's another whole conundrum that we could spend all day talking about, I'm guessing. But I hear you in terms of... I mean, encryption is not always about privacy because you encryptively send your data to people that exploit them. You're losing privacy. So that's your choice. No, thank you. But I take from you the idea of having the open standards and open data and in order to be able to regulate for that so that we do have that chance and that access to be able to innovate is what I took from your comments. So thank you, Victoria. Deborah, would you like to maybe comment on that from your perspective, what you think can be done or should be done as a first port of call in order to help reduce dependencies and open things up? Well, I'll float an idea that's sort of in my swim lane which harkens back to the idea of Ospo's. That came out in these recommendations a couple of years ago, but I didn't think it went far enough because it was just generic and promoted the idea of ensuring that this was sort of cross society, multi-tiered academia, the public sector and the private sector. And if you play on this idea, think in broad terms, open source projects and initiatives have as a fundamental part of their success. A governance model where each participant comes to the table with their agenda. It's not all the same, right? Each organization has different objectives, but the key thing is they're understood and there's great power and understanding. So if you think of using a network of Ospo's as a strong tactic to enable this kind of collaboration and strengthen, then you could have a situation where you're really looking at this going forward is an economic development strategy where you understand what universities need to move their issues forward because in the essential part of this idea of creating an Ospo, what really needs to be called out is it's not the creation of the thing itself that's as valuable as the deliberative process of engaging the organization in speaking what their hidden or expressed interests are, what they think the value of participating in an open source ecosystem is, what they hope to gain, how they think they'll do that and to have concurrence that where it's aligned with either the company's business goals, it's aligned with a civil society entity and nonprofit, whatever their mission is. And I've worked in each three sectors, I have a great appreciation in the public sector. Our motivations are different, but we're all coming to the table with what we need. So my suggestion would be to really build a very robust network across Europe of Ospos and build an ecosystem in that way. My colleague from Germany has mentioned that building a virtual kind of ecosystem is really incredibly important, not just because we're not still all meeting during the pandemic, because nobody wants to debate where the center of gravity will physically be in a project. And fortunately, open source and its model has had the benefit of being ubiquitous and global in that respect. And thank you for that. And I'd like to add that one of the things that has really drawn me to the open source ecosystem is this accessibility from anywhere in the world that it allows for and not having to be at the center of any particular software hub, but also being able to contribute is a huge benefit. So thank you for calling that out. And also, I would imagine as well from an Ospo perspective, there was some discussion earlier about the capability building and one of the other great benefits Ospos can provide is also being that center for understanding the capability gaps that may be in any organization and then being able to help fill that. Would you mind just like maybe even just commenting on that as well because sometimes I wonder if the capabilities required, say in the public sector might be slightly different than in the private sector or do you see also that being an opportunity for Ospos to collaborate on? Yeah, absolutely. In fact, even with unless you just take one sector like the private sector, the rationale and the purpose in what an open source program office does will vary. Ours is very different than Microsoft. So you may have a company or an institution that's really well versed in open source and the leadership is bought in or won. The mission may be trying to convince the rest of the company need to come along and educate their engineers. That's not my job at Red Hat because all the engineers already know how to do this but instead we have other concerns. So I would say that organizational development is always key for many Ospos to make sure that there's education outreach at all levels of the company for managers so they understand why it's important to give their employees time to participate in an open source community that doesn't apparently look like it's a straight line to product. It may be working with a legal team on peer to bring along their understandings. That's not that depth. But you do have to, I think the Ospos role is really to begin by indexing what the company's capability is and then understanding what those gaps are and developing a program that's specific to whether it's a public sector or a university playing on their strengths or a company. You need to build a plan according to where you start. Thank you, thank you for that. So, Mike, I'll come back to you now and it's still sticking with me what you said earlier about the idea that and even as I'm hearing the discussion about capabilities building and everyone coming from a different perspective and how people's capabilities may differ. So thinking about if we are successful at this and then there's an onslaught of additional new software developers into the open source ecosystem wouldn't that be great, yay? With all these diverse backgrounds and needs and perhaps coming with perhaps what might be a different set of values or regulations that they have to contend with at a local level. You mentioned the idea that that might actually sometimes cause conflict in the ecosystems that they may be contributing to. I'm really interested to like dig a little deeper there and do you see that as a blocker as something that can be absorbed within the ecosystem? In short, yes. Or in short, no, it's not a blocker and yes it can be absorbed in the ecosystem. I mean, I think there are a lot of different ways conflict can manifest itself in open source but a key one is I've created an open source technology. You want to accomplish something similar but you've decided to start your own project instead of using mine. And as a best practice you should definitely try to make a single project better so that everybody in the world can benefit but people have different names, companies have different names and so do nation states and sometimes they'll want to go their own way and I think to some extent that is fine. Of course, the more open source best practices are understood by everyone the more collaboration we're going to have but we'll also have people who think they know how to do it better and to some extent that's fine and that's one of the ways that open source is more conflictual but also more innovative because we can be dependent on a particular piece of software Linux kernel as canonical example maybe that everybody in the world relies on but we also need people to think perhaps hubristically that they can do better and when you have the resources of a large corporation or even more so a nation state sometimes big bets will be made that are seen as bad bets I guess by the community because you're not contributing to existing projects perhaps but I think in the end that's positive. I did want to bring one idea that I think ought to be pursued to the table and I think within this conversation we all understand that a healthier open source ecosystem is going to lead to more strategic autonomy for everybody however it's not widely understood so I think a key thing is how do we make that more legible especially to policy makers and I think the European Commission study that open form Europe led around was a huge step in that direction showing the economic impact of open source and open hardware but I think we need a lot more in that direction and that's going to at a meta level allow a lot more investment in things like open sovereignty funds and policies that are friendly to global collaboration, et cetera. Well, thank you Mike for that and maybe building on that because going back to Marco Alexander who started this thread for me but when you have been successful in getting a tech sovereignty fund in Germany and perhaps therefore might be a little bit ahead of some of the other countries in the EU so building on what Mike has just said that one of our goals should be this broader education of policy makers and politicians and citizens in general to understand the value of this and what we really do mean by open strategic digital autonomy do you have any advice or guidance or suggestions about how we can do that at a broader scale across Europe? Yeah, well, that's a difficult question. Why is that so? Because I'm on the receiving end of the information too. I'm not on the giving end. When we thought about how we could foster the open source ecosystem and we were pretty sure that obviously there's three things. First, this is a global ecosystem and how is a nation state or how could a regional power like European Union be connected to this? Or can it be a single point of contact for such an ecosystem? How does that work? And we decided, okay, this is not something that a nation state should do. It's something that people that understand the ecosystem, people that understand the people working with open source should do and not us. We just give them money and kind of give it like a policy push for this. And the second thing that all of us needed to understand is that open source is actually more secure than it sounds because there are still people around, especially in the security area that think that open source is open and thus insecure. And it's the other way around. And to turn their heads is pretty much an endeavor that you cannot only do from the outside as experts. It needs to be done by informed policymakers, as you said. I think the third is to be not only to understand that problems and to understand the machinations and the mechanisms of the global open source ecosystem, but to open up governmental procurement for open source. And this is something that of utmost importance as I think because there is a government spend a lot of money for their software, spend a lot of money for digital solutions. And if open source solutions can compete with the incumbents, then we have kind of this the biggest policy push that the policymakers can actually achieve. And I think if we try to understand all these three and try to implement them in policies together and just as I said, it's kind of, I'm exhaling the spirit of the German coalition, coalition treaty of the new coalition because it's actually written in there. So the policy, the informed policymakers have been doing signing calls there. Well, thank you for that. And I think that the procurement idea is one that certainly I know has come up in Ireland. I'm also involved in the open Ireland network trying to move the needle for open source in Ireland. And that has been a common theme or frustration with some folks in this area, as well as the security one in terms of people's broader understanding of those sort of things. So they seem to be common themes that we could all potentially work on together from a communication perspective. So we're coming to the end of this panel session, unfortunately, because this has been a great one and we could probably go around again for more ideas. But I really want to say a very big thank you to all our panelists for this private sector perspective on both the challenge and the solutions for this part of the event. So I will wrap up here for this part of the panel and say a big thank you to Bittorio and to Deborah and to Mike and to Marco Alexander.