 I believe you're all aware that we expect you to send some questions here to the panel. We have a few prepared just in case you don't send any. We have a few as a backup. But we are expecting some questions from you. You can send them through the app, the one that's been underused today. Someone told me a while ago that the app was in number 13 on the top of the enterprise apps or something like that on the App Store. Well, at least for today. Tomorrow probably it won't be not even on the top. Second thing, we have this sunset party after the event. And that's pretty much it. No, that's not all. Third thing, don't forget the challenges, the social media challenges and those things because there are some prizes also as well. The reason I'm with the phone is because I'm expecting your questions. No pressure. Should we put some in? Should we ask ourselves? We can. Ask your own question. In the meanwhile, the only person here on the panel that you might not yet have seen today is Sergio on the other side. But some of you probably already know him. He's already been a speaker in our event once, twice. Always a huge success. At least in one of those events he was the top speaker. Probably because of that slide with the cat. Probably. It helped. Definitely it helped. And he's a cybersecurity specialist, so one of the best ones in Portugal, I would say. So I believe we have here a question about security. We do. Okay. So shall we start? Okay. I would start by the question here that's here on number seven. This is not in order, is it? There's no random order. Okay. It's one time that I'm really curious about. So it's kind of put it in front of front because I'm really curious about it. It has to do with the Manriquez talk this morning. That thing about the Ospo. And I double checked it with some guys here in the audience in the event. And you might as well now take part of it. If we were all familiar with that concept of Ospo here in Portugal. And the answer I got was no. But he presented and presented well the importance of that position. So I don't know if you agree with me that we're not familiar with this position in either, well not smaller companies on those ones for sure not, but on larger companies. Has anyone on the room seen that Ospo position on the market on some company? Raise its hand please. I don't see your hand. I see one hand here. Okay. So tell, can you go a little bit more into that? Probably that's an idea and a position that was created in larger markets probably in the US. Your experience comes from there. Basically the idea of Ospo came from this concept of at some point companies are adopting open source. So that's clear. And I am sure that even not having any open source plan office in your company or any company you know. They have some legal team that is taking care, they should be taking care of things like license. There should be also other people taking care things about security issues that could happen with the packages they are using internally for building whatever. So those were the first things that people start to realize. So we should be at some point be coordinated because legal team needs to be aware of all the things that are coming to the company. Then we have these security people that needs to check out what things are coming or instead of having people with separate hats. Okay, why not having all together in the same office? And then they start to realize, okay, if we are also contributing to open source at some point we need to understand how open source projects work, how we can impact on them, how we can influence in these projects. So again, we need someone from the company that probably is already there is working as dev rail or community manager or whatever that is doing this stuff for you. So basically, let's put all these things, these pieces together in a position in an office. Let's call that the open source plan office and let's go together in a strategy to make that work. Can you give some more examples of companies because you mentioned Uber. Yeah. Some other company that uses that position and also all the others here on the panel. Have you seen it? Yeah. Google Microsoft. Sorry? Google Microsoft. Okay. Facebook. Facebook. Zalando? Yes, but we don't call it open source program office. So we have the open source team, but it really depends on the companies how they want to name the office. GithLab, Github, many companies have the open source program office. Okay. Concast is another well known example from the to the group. The ones that set up the to the group initially, if I remember what was basically Google, Github, Facebook, the people from the to the group itself, as far as I remember. And then Concast was the next to join, then Uber, now Lyft also I think is there. Shell, I think they have some people there in the community, but they are public. You can go there to the to the group website and see the list of people out of this. That was, I don't know who quoted. I think it was David. You quoted Guy Martin from Autodesk. He was the manager of the Autodesk to the group. Autodesk. Open source. Altogether in the same sentence. Okay. There is a minimalist version of that which is like the compliance department. It's not quite the same thing. It's like the minimum thing that you can do is to have the compliance department that makes sure that whatever you distribute is distributed legally. For example, my TV, when I unpacked it, had some legal papers about GPL and the patchy licenses that had to do with the software that was inside. No, I would not say that they have an open source policy. They have the minimum that they need so that they are able to distribute things which are based on Linux and many other things without being in an illegal situation. It's much more common than a more broad hospital. No, but that I can understand well. And the same thing happens to us at Cy1 more and more when we sign contracts for larger projects in a contract that has, I don't know, let's suppose 20 pages of contract. Well, a full page is about violation of third party rights and towards open source, the usage of open source software, making us liable if we have some problems or we cause some problem by using some open source software which, in fact, would not be or should or could not be really open source, something like that. But at BBC, do you have that position? We don't. I mean, so Hong mentioned open source guilds as well in her talk and that's the way we've tried to do it. It's a community of people who are interested. They're all in the same Slack channel. We kind of have a monthly get together and there's a legal representative. There's engineering representative and I basically just drive that group and that's always been good enough for us. I mean, I think as we evolve, it might start to formalize a bit more but there's been, because the BBC is like a lot of autonomous units that they've all kind of got different requirements. So R&D have a very different requirement for us and so everyone's got her input in some way. Okay, good. So basically the conclusion is that the position makes sense. Maybe it's not always called like that, but it makes sense and we should definitely pay attention to it and larger companies should definitely pay attention to it. It makes sense if you plan to organize a program because the whole idea of the position is why do you need an open source program? Are you running anything program? It's open source part of your business strategy. It's good thing that big companies are having the program but it's really you need to look at your own company. So the position tells itself if you have not run any program what is the point of having an open source program office? Basically the whole idea is coming also from Google. For many years ago, they started the Google Summer of Code and they need the person who runs the program so that's why they have the open source program of Google to run the Google Summer of Code and the program becomes bigger as the more sector they have more people involved. Okay. Yeah, I mean one of the things we've done is reached out to open source program offices at big companies to ask them, how do you deal with this particular problem? How do you deal with it? So they are very kind of community minded and will help you out. Okay. Understood. Second question, let me just check if we have anything arriving here on this side. Not yet but an instruction here for me to pass to the room that it's enough to go on the app for the user call discussion panel. There's some user call discussion panel on the app. Okay, second question here. Second question here about Zalando and BBC again and making the switch then to moving forward. Your companies are taking real advantage of open source. And the question that they sent here was what is the impact importance of open source, blah, blah, blah. I wouldn't go that way. I would go a different way because I think we don't need to discuss the importance because the importance is well proven. It's one thing that you both mentioned you were coincident on that. I don't know if you discussed it last night but it was kind of on the same direction you mentioned that there was a feeling of well being on the companies because of giving back to the community and that we don't see that much. Again, we don't see that much. Maybe I'm looking on the wrong direction but we don't see that much. Companies giving back the way you mentioned it so proudly and so is that really a feeling because I enjoyed listening to that. It's great. It's amazing. It definitely is the case at the BBC. All the way up to our CTO he's always saying we can really do good here. We should really push this. I think what tends to happen though is the pace of product development that's going on but giving time to make things open source and to think about things that aren't just your immediate business challenges of the areas where it starts to interfere. That's what we've been trying to do and encourage people to think about their 10% time and things like that and are there communities you could be part of? Whenever someone says that I want to contribute we try and make sure that can happen. You publicize it, you take advantage of it because you have that website that you showed and through that website you also go and send messages to the market, to the community even to recruit people to get attention. You're not the first ones with that feeling. Last year we had here La Redoute, the French company, the retailer one, the big one and they were precisely showing they applied for a call for... on the call for paper stage they applied for a presentation to come to the event and they did it, they came. It was a nice talk. They had developed internally a framework for testing applications and they were precisely on that event and they were promoting it because they were saying that they wanted to give it and they were already giving it back to the community and they were looking for people to contribute but to then share and reshare and the whole concept of the open source culture. Anyone wants to say anything else on this? Perhaps we have questions? I don't want to say quickly about Zalando into this. I cannot talk for our founders but I can talk for the engineers that I work with. So one very amazing thing about working at Zalando is I have excellent college. I remember that when I started with the company I met a person whom we have several common friends in the community who contribute to the KDE community. We have people that are very active in portraits, SQLs and then there is one team in Zalando even. The team lead set a day in the week that this is the day for contributing to open source project and of course we are very proud not only because I don't think that everyone think we are doing the good thing but when you release something open source your name go along with it. So you get the fame, you get the reputation in the community and one time a few months ago I remember my friend in Singapore one person that got involved in the community also quite famous in Singapore and the person make a treat that he is using a product of Zalando and he connected with somebody inside Zalando himself which I have never aware of but I haven't met the old 2,000 developers at Zalando but I feel that the people are really motivated and they want to contribute back like for several reasons. They want to do the good thing but if you look at individual benefits you can get reputation for yourself that is the motivation of the community. Maybe there is another good reason to do so not just to do the good thing and to promote your name but also to have influence over a project because I mean things are going forward and if you want to have somehow control over the project and want to have it in the end like that the project is good for you then it's a good idea to contribute there so I mean then you are well known in the community and you have some influence over the project which is also good for you then. And probably a little bit also for the recognition because especially in the younger generations as everyone does but even more on the younger generations they enjoy a lot being recognized by the work they deliver by the good quality of work, definitely. Okay. I think Rakhia wants to say something. Oh, we have a question. Wow. No, it's escalating. Okay. This is for Gustavo, okay. Let me see. And to Alexander, okay. Okay. Okay. Three. So, I think we can start by Alexander because I was precisely shifting to him and this question goes in line with the one we had here also prepared. The topic you delivered on your talk it's quite interesting. It's an everlasting topic because we always feel that our money is not well used always. I believe it's a common sense across Europe and probably not just in Europe. You can go across the world probably to be pretty much the same. So, if it's so common sense why is it still happening? Why can't we change it? And the question here in fact goes pretty much in the same direction. It says, is it possible to share the current status of the campaign and the plans to guide information to the new European Commission to raise awareness to this team to clarify information from your presentation. Thank you. So, it's pretty much the same question. If it's so obvious, why so? Well, I mean, first of all, it's not obvious to all politicians. I mean, it's obvious to us. It's obvious to loads of people. That's true. And we already seen major shifts in Spain, in France, in Italy. Still, I mean, there's a lack of information knowledge. I mean, we have loads of politicians who have, for example, security issues or something like this if it comes to open source or free software. And I mean, as well, we still do have these vendor logins and it's not so easy to get out of this. So, and that's why we are fighting for a system where you, I mean, switch to free software every time you're doing something new because else it's very complicated to do a migration project from one day to another. And if you're doing so, you might fail. And this is then also, I mean, bad in terms for lobbyists from the other side are coming and say, hey, they failed. So just stay with our products and so on. And I mean, it's also, we are a small NGO compared to the Microsoft or Google lobbyists. So, and this is also something we should keep in mind. So I mean, we are somehow a big community. Yeah, that's true. But on the other side, I like companies with billions of dollars and it's quite easy for them to send lobbyists to Brussels or to the capital and corridors. I mean, yep. So it's me for Europe. And I don't know how many lobbyists are working at Microsoft and stuff like this. But the feeling is that it's happening. It's happening. We are in good contact, especially with the European Commission. For example, last week we had a policy event in Brussels where people from the European Commission showed up. The vice president of the European Parliament have been there. We had an open letter where loads of organizations agreed on where we asked the Commission to take some several steps in the upcoming term. We want concrete facts and figures, for example. And so, I mean, we're having a lot of people inside the European Commission on our side, but it's especially true for IT people or people who are addicted somehow to free software and technology. But it's also hard to make it to a main topic. We have loads of other problems, migration, stuff like this. And so it's hard to push it on the agenda on a high level point. And I mean, we're constantly working on this. And we see something like the talent declaration. We see the commitment by member states. But still what is missing, something like we have in Spain on Barcelona where they say, okay, we spend 70% of our budget on free software projects. So all we have from the Commission or the member states is like we want to give money into open source, but how much? So why don't you have like in Spain? In Barcelona it's almost like a political decision. Yeah, and it's always a political decision. It's never ever a technical decision. So it's the same for Munich, for example. So I mean, they had good experience with this Linux system there. And then they changed the government there and then they switched back to Microsoft. So there's no reason then to just waste money. So to make, offer to Microsoft. So this is only a political decision. And this is also true on all levels we are working. So we don't know maybe in 10 years Barcelona is switching back because the government changed. And that's totally strange, but that's the way how it works. So what we are trying to do is to get like legal texts where they say, so this is our goal. We want to do this and this to make it even harder to do the step back. Okay, so it's happening. It will take time. Yeah, it will happen, but we don't know. The snow wall is not rolling yet down the hill. Well, I mean, still there's a lot of progress when we see France, Spain, Italy, but there are other countries who are like especially Germany. So it's there's a lack of commitment and they are doing very strange things. So now we got to study that regarding digital sovereignty and also the new Commission president was raising this issue. And I think this is something that we have to step in and say, hey, if you want to be the master of your code, then it should be open source and not just bought by somehow and pay licenses like every year. Anyone else wants to join in? Well, maybe just a quick joining in the topic. There is the specific political side of this. Well, as you know, this is this subject interests me. But there's also more why the management problem of public things, which turns, which makes this a symptom of something broader. I mean being suboptimal in decisions, it's not exclusive for software. So in general, I would say that we need to plan the incentives for things to become more rational than they are. Because this is a symptom. It's just that software is complex. It's very logistical and therefore is a symptom that manifests itself with more intensity than maybe the purchases of paper for the printers or other things which are not. Okay, so if I will understand what we're saying is that it doesn't happen. It's not a question of open source software or even a question of software. It just happens across, because it's a matter of mindset or mind thinking. So let's not discuss it because otherwise we would spend the rest of the afternoon discussing politics. But let's understand that software is something very detailed that needs to be decided by people who are equally detailed or equally capable of managing details. They need to be rigorous and willing to do their absolute best. They need to be competent, rigorous, motivated. The more detailed the subject, the more of these you need to be able to resolve. So if you are the manager of papers for the printers, you don't need to be especially sharp because I don't think you will find much of a difference between papers from different suppliers and not many network effects between the papers and the printers. It's kind of on a different scale than anything related to software, the interdependencies of software, the interdependencies of users and software and departments. This is all very detailed and the more detailed things are the more competent the managers need to be. And for managers to be competent we need the normal reward and punishment incentives in place, the carrot and the stick. So what I'm saying is that this is a general topic of management of public things which manifests itself intensively with the detailed nature of software. My idea is clear. Maybe just to add but there's also a lack of knowledge, during the copyright directive we've seen that they had the exclusion for non-commercial free software or open source software in the beginning and it took us one year to tell them that there is nothing like non-commercial open source. It's every time commercial so it can be commercial, it can be not commercial free software. It's from the European Commission it's from the Council these are people who should be somehow aware of the IT landscape and the ecosystem but they propose such a strange text and it took us one year to get this out and to tell them that there is nothing like non-commercial software. I did seven years of political interactions related to this topic here in Portugal when I was part of the Board of ESOP and I can tell you exactly the same. They should this, they should that they should understand, they should be aware yet it took years from being, you know from not even being accepted for a meeting to reaching a position where we could be heard and have some positive influence in the course of events. It took years. I mean sometimes they do lack competence but for many years and we need to recognize also the community lack the skills to communicate and that's why we are here. Yes, thank you for being here. We miscommunicated by we I'm generalizing but the whole free software community miscommunicated maybe the emphasis was put in the wrong in the wrong spots or maybe the form rather than the content was not ideal for the receivers or or combinations of these things so all this has improved but now the competence of the people who are actually managing the things needs to improve and we need to push them further with the right tone, with the right form with the right message, we need to keep going to make it happen but still not to lose the understanding that this is more general. It's in general optimal or rational management of public things. And the cross countries. Okay, so moving next because we still want to reach Sergio at the bottom Gustavo this one's for you. We have a question here which crosses with the other one that we had prepared so this one is can you share your intuition about evolution of Portuguese private companies or public institutions on adoptions migrations to us in their ICT technologies and for their users. And this goes a little bit in I would mix it with the topic on your talk about that thing of the elephant to which I don't agree as we discussed before so for you all to know I don't agree with his position we will discuss it, we have already done so. So are companies really moving on that direction? We cannot speak in general of companies because you have all kinds of different companies from different sectors of different sizes so if you do an average the average is probably meaningless because the companies are so different the company of 10 people and the company of 200 or 5000. The question here was for the different sizes yes and private and public. In my opinion the organization who can answer the question is the one you are the president of which should have aggregate data updated and the growth of the sector the IT open source suppliers We love each other It's clear but you have to admit that the growth of the sector of this aggregate of IT suppliers is an indirect indication of the growth of the business and therefore of the market. I cannot speak for companies in general I could say yes yes yes the companies we work we are adopting open source a lot but it's just a sample we are 24 companies in SOP SOP has a broader view and we know that the numbers are improving but I will leave that part to you what I'm saying is companies are very different some elite smarter companies are adopting open source with furious anger and open source is marching in very quickly for other not so elite more traditional companies are going very slow and for some it's not going at all it's just business as usual but we need aggregate data Let me add something to that the fact is that there is no data available on the market there are no studies there's a study on discussion now within the European Union to go across countries and sponsored by some money in Europe someone is putting money on the table to perform that study and it comes who puts the money on the table it's the European Commission and it's supposed to be across countries and so we would have some numbers and some figures because those figures would be worked by some company and they should be real numbers the fact is that so far now we don't have those numbers in Portugal we don't have I don't know if it's the same thing in Greece or in Spain or in France just for you to have an idea today we have here four nationalities in terms of national organizations for open source from these four countries that I just mentioned they were there on the open room and the Spina was also there she's from Greece but I would much risk to say that there are no figures also on those countries and she's pointing no with a hat so it's pretty much the same thing now from my experience in terms of company because I'm also within a company so I'm not talking about as up now and that's where we disagree on some points in terms of approach to the market we feel that the market is really growing both on public and private sectors and we don't experience a problem that Gustavo mentioned the elephant in the room because we feel that customers are really putting money on the table, money on the projects and they are having real and credible approach when it comes to open source projects so they understand the value the numbers are raising in our company we handle and we manage huge data centers in Portugal with hundreds of Linux servers both Red Hat and Suzy we perform services manage services technical at a higher level or a lower level and customers just pay for it so there's no we don't feel that much because it's less than 25% of our work but what I say is that in general in general I don't mean specifically our company in general the array of companies and the array of potentially interested parties we are not getting as much as we could get with the source together probably but then there are other issues so the answer to the question is yes it's growing so we should go for it definitely because it's growing there's market over there there are projects but there's always ways to improve it so you can always do better of course next question I'm having fun getting the middle maybe let's come back to the facts and figures so we have these facts and figures for France we have somehow these facts for Germany and the UK and we can see that's a growing market and we've been lobbying very hard for the European Commission to present this tender in order to get these facts and figures also for Europe and what we are doing now is to ask them to do this again in the next year because it's not okay to have just one study we have to have continuous studies we have to have a growing market and then I'm pretty sure if we have these facts and figures this will also help us as a community to be more here when it comes to meetings with the European Commission as we can tell them so this is a big market and it's growing and you should take care what we are thinking and saying and you should invest on it either if you're a customer or a supplier just go for it because everyone's going for it I have a question for Sergio about cybersecurity of course I have a question here and it goes across the other one that we had prepared ours was more generally in terms of some people that might be afraid of using open source software in terms of cybersecurity well I'm not responsible for this question I would never place it because my opinion it's much more secure to go with open source but the fact is that on the market there's this perception at least on some companies that proprietary software it's more robust, more secure and then we have this question that comes from someone that works or worked in Brazil and this person was working for a payment gateway in Brazil they preferred tools not open source because they said that the auditors again the same problem used to give more credibility to such products so with your experience was this a choice this analyst's choice or had more to do with well as a real background a real background a technical background or not was it just some again a real issue well imagine that you have a machine a black box that you put something on one side you put meat on one side and the other side you have sausage okay and that works and you say okay this is great at one time the machine stops and on the other side you have eggs okay and the vendor says okay it's okay it's a feature so and you don't understand and you will never understand that because you don't have access to that black box so on security it's not a good idea to bring to your company a black box that you don't know what is running there because things happen and for instance if I'm a manufacturer for some country and I know that my enemy is going to use that piece of software why shouldn't I put something that one day I can activate and my enemy systems of my enemy stops so security must have transparency and on the company we must know every time what is running and what piece of code is there because that's that way we can assure that the system is safe if you don't do that we believe and have faith that that machine is okay so if you are a believer okay you believe everything that you heard and everything that the vendor says then it's okay and the auditors are right but if you want to implement cybersecurity and you want to really protect your company you should use open source definitely agree so next time I don't know who plays the question you have to hire Sergio he goes there to Brazil he gives away that explanation and that's it okay kind of a joke and that's all they're cutting the internet needs to go okay thank you all for being here and for these some jokes and some comments all this good mood that we always have we must have it in life so thank you all