 So, welcome back everybody, we have a panel discussion here. The topic is Federal Linux, is it just a public good? Now what? And originally there were supposed to be three speakers here. Unfortunately, as you all know, Matthew Miller is sick, so let's hope that he gets better soon. But we have two other speakers here. So we have Justin Florey and Lucy Harris. Justin Florey is a humanitarian open source developer at UNICEF and Lucy Harris is a co-lead of the Digital Public Goods Alliance. So the floor is yours. Thanks. Well, it's too bad that we couldn't get Matthew on today, but I know he wanted to be here and looking at his Twitter. He really wanted to be here physically too, but I'm glad that you all could be here and make it. So maybe Lucy, you wanna do me just a quick intro before we jump into some of the panel discussion? Absolutely. Hi, my name is Lucy Harris. I'm based in Toronto, Canada, and I co-lead the Digital Public Goods Alliance, which is a multi-stakeholder initiative founded by UNICEF, the government of Norway, the government of Sierra Leone, and the Indian think tank iScurit and we're dedicated to advancing digital public goods to achieve the sustainable development goals. And I'm Justin. I've been involved in the Fedora project community for a little over six or seven years. Currently, I work at UNICEF with their Office of Innovation as an open source advisor where I work with different startup companies and teams building open source solutions to help them think through best practices and how to build communities around their work. And today we're here to talk a little bit about a story that happened a little bit a couple months back in 2021 of how Fedora Linux became the first Linux distribution Linux distribution to be certified as a digital public good. So across this panel, we're keeping it pretty informal and we'll try to leave some time towards the end for questions, but we'll take you through a little bit of background on what digital public goods are all about, what they are, who's behind them. We'll talk about the pathway that Fedora took back in August to become one of the first certified Linux distributions. And then we'll try to connect this into why this all matters for Fedora and some things that you can do to nominate some of your own favorite open source projects as well. Do you wanna try the screen share, Lucy? Yeah. Or do you wanna start with that? It's work. How's that? Perfect. Wonderful. So yeah, I'll really try and focus on what are digital public goods? Why are they important? And then hand it back to Justin to talk specifically about Fedora Linux's story. But I'd like to start with a different story that I think is important, kind of set the scene of why DPGs are so important. So in, this story starts in Sri Lanka where the first suspected case of COVID-19 which was registered on January 27th and realizing that travelers were still pouring into the countries as a popular tourist destination, they immediately local developers got to work building this COVID-19 tracker. So this tool focused on the registration and tracking of travelers who are arriving for regions with a very high risk of COVID infection. And in just two days of that first case being registered thanks to this local development team, this tracker was deployed in airports. And the reason this was so successful wasn't just that they were building this tracker on its own, but because it was being built on top of another open source project called DHIS2, which is an open source health information management system and a digital public good that was already in use in Sri Lanka. So the speed and efficiency with which they were able to respond to this crisis is impressive, but it's not the most impressive part of the story. What I think makes this story interesting is that when, because DHIS2 as a digital public good was already being used in countries around the world, when Sri Lanka shared their user guide about their tracker with the global community, other countries were able to pick it up immediately and it was implemented in 38 countries and is currently being adapted for use in 14 more. So why this is cool is because it's not just a great piece of technology, it was something more. It was built as an open source project that meant it could be modified. And when the problem was spotted that no one could have predicted the global pandemic, they were able to adapt it to fit a new circumstance. Then they were able to share it back with the global community of others who were using and building that solution to solve that problem, same problem for dozens of other countries and communities. So I think the folks here would agree that though technology itself doesn't solve societal problems, we can solve them using technology and that the way that technology is designed and developed really matters. So this isn't a new idea that the way technology is designed matters, but there's been a growing focus on this idea that is emerging into what we call digital public goods. And I think it's largely driven by a recognition that the process of digital transformation that has just been electrified by COVID-19 needs to be effective and adoptable and needs to be based on open tools. So this is a definition from, that came out of the 2019 high level panel and digital cooperation where the UN Secretary General gave this definition of digital public goods as digital solutions that promote open source software, their open source software, open data, open AI models, open standards and open content that adheres to privacy and other applicable international and domestic laws and does no harm. So we at the Digital Public Good Alliance took this idea and really flesh it into a definition of digital public goods. So DPGs are technologies that really harness the power of the internet to create thoughtfully developed digital solutions that deliver a shared benefit and solve common problems. Sometimes people think of DPGs as just being free software, but there's so much more than that. When we talk about digital public goods, we're talking about a solution that advances the sustainable development goals that is open source, yes, but that has also taken steps in its design and development to avoid and mitigate harm. Fedora Lenox switch, Justin will be talking about in a moment, the great example of this built collaboratively available to anyone to change and modify and presenting a solution to a common problem. So to make this even more functional as a definition to get really into the nitty gritty of what is a digital public good, we've established this digital public goods standard. This is a summary of it. You can see the full standard on the website, but there are nine indicators that serve as like a baseline of requirements that have to be met in order to be considered a digital public goods. So you can see that includes things like having documentation, a use of an improved open license, mechanisms for extracting non-PII data, and number nine that just says, do no harm, it folds out into a whole bunch of 98, 98, 98. It's much more complicated than I could fit on this one slide. So solutions can test themselves against this and submit to the DPG registry to be reviewed as a digital public good. And of course, with the ethos of open source, the DPG standard itself is an open source project. It lives on GitHub. Anyone can contribute to it and any changes to it always happen in the open. So we'll talk a little bit about, this was the process that Fedora Linux followed and Justin can tell you a little bit more about their unique experience. But I also hope that this will inspire some other folks in the audience to submit their own solutions as digital public goods. You do that by nominating. You can also nominate on behalf of another project and we'll reach out to the project owner to follow up with them because ultimately someone with deep knowledge of the product needs to answer these questions. It undergoes a technical review where we look at the documentation, the license they said they have, does it fit? And then if yes, they get recognition on the DPG registry, which is itself an open project. There's an open API so that database can be pulled into and is being used to underlie a bunch of other catalogs and digital solutions. So we think this is a great way not only for projects to show their kind of alignment with the sustainable development goals and the commitments they're making around that but also to increase their visibility. And as part of the alliance I mentioned earlier, we've got the government of Norway, the Indian think tank, I Spirit, the government of Sierra Leone, UNICEF, UNDP recently joined the governance as well as the government of Germany. And our members include so many amazing organizations including Github, other UN agencies like the UN tech on voice office. And we're adding kind of countries and private and public sector organizations every day. So it's a really great way to get that kind of recognition. This is already a good day. We've got 86 digital public goods registered but I invite you to take a look at the registry as well. So I will stop, this is all kind of broad background and I'm sure you're really excited to hear about Fedora Linux a specific experience with this. So I will stop sharing my screen and turn it over to Justin. Thanks. So building on that, I wanna take us back to how this conversation started with Fedora because one of the things that's the very first requirement in the digital public good standard is that piece on relevance to the United Nations sustainable development goals. Maybe you know about them already, maybe you don't but these were a set of 17 goals that the United Nations defined in 2015 to across a range of areas to work towards by 2030. And so we started this conversation with Fedora looking across these 17 different goals that cover a wide range of things from climate action to zero hunger and quality education but we looked more closely at one of these in specific which is the goal number nine which I'll drop a link here in the chat but this one is all about it's titled industry innovation and infrastructure. So I wanna hone in on that piece on infrastructure because so much of what we do especially in these kinds of like Linux oriented communities or these places where we're building well, we're creating building blocks for other projects and other communities to build their own solutions on top of the tools and infrastructure that we're sharing. We started to look more closely at that and we started a conversation in the Fedora Council about exploring this opportunity for Fedora to be recognized as a digital public good through its relevance as critical digital infrastructure. So back in June, we had a presentation at the Fedora Council which is on the Fedora project YouTube I believe as well and that's how we started to frame this by thinking through what exactly do we mean when we're talking about resilient infrastructure and inclusive and sustainable industrialization. So a lot of times when we're thinking about infrastructure we're thinking about it in a very physical sense roads, bridges, trains, cars, highways, cell towers, all these kinds of very physical things in our world but maybe you already feel this way or maybe you don't but you haven't thought of it this way but all these different ways that we set up our digital world today we have all these different kinds of infrastructure and tools and platforms that help us build these new solutions. So we framed it by thinking how can, knowing that our world is more and more interconnected that this was a good moment to explore what digital infrastructure really means and to think of what examples or to think more about what examples there are of digital infrastructure. So we use that to take a look back and think about almost the last 20 to 40 years of free and open source software and think about these key examples and that was how we started this conversation of how Fedora could fit into this digital public good standard and how it could be recognized as a core piece of digital infrastructure. So that was how we started this conversation back in June and in August we worked together with the Fedora project leader, Matthew and me to help put together the first application or the first nomination for Fedora as a DPG and just like Lucy explained a moment ago on the slides there was the review process we worked with together with the Fedora project leadership and the digital public goods alliance to review all these different parts of Fedora. One of the things that I thought was really unique is one of the questions in that process is understanding like where the project is developed and where it was deployed which I think was really amazing that Matthew pulled all the IP address logs from all the different package mirrors and repositories and came up with something like 340 unique territories and countries of where Fedora is or where we're seeing hits on our different package repositories for people that are using and running Fedora Linux. So this was how that conversation started and it was through that review process in back in August that we had this conversation went through with the Fedora council and at the end of it in, I believe it was August at the end of August, Fedora was officially certified as the first Linux distribution as a digital public good. And there's some pieces, there's some, oh, I saw Ben just dropped a link to the Fedora council meeting. So if you wanna see that full recording of the presentation, you can find it there from back in June. But this was kind of the story of how it happened and this is where I was really hoping Matthew could be here. So I'll try to speak as best as I can on his behalf on this piece. But how does this connect Fedora Linux to the digital public goods? Or why does this matter for Fedora? So this was a long process that we are, sorry. So for Fedora recognizing that this is a core piece of digital infrastructure, that was one part of it. But another thing that we really care a lot about in Fedora is also our community. We've always had, if you've been involved in the Fedora project, you might know about the four foundations, freedom, friends, features first. And behind all of those things, Fedora has this very strong international community of hundreds, if not thousands of people spread across literally six continents. I mean, and if you know anyone in Antarctica, let us know, that'd be a good one to add on a list too, but. So this part was a really important piece behind, what the Fedora project is trying to accomplish and what we're trying to do with this work. So by going through this process and achieving the certification, it was an affirmation of Fedora's commitment to all these very critical things, both in terms of the standard, all these different points that, looking at things like, of course, the open source licenses and documentation, but also things like, do no harm in terms of how our community interacts and engages with each other, things like our code of conduct and the ways that we treat and interact with each other across our project. These are all pieces of the puzzle that fit together and made a compelling case for why Fedora would be a good, was a good candidate and a good nominee for becoming a digital public good. So this was the point, and I think that link that Lucy just put in the chat too, this is some of the reflection that the team did as well, thinking about, so I think that's another good reference to look at in terms of the thinking and the motivation for why this was so important for Fedora and why we made it a commitment over those one to two months that we were working on the nomination to move ahead with this. So the last thing that I want to kind of wrap up with is thinking about next steps of how your own favorite open source projects or digital infrastructure projects could become a digital public good. So I shared the link to the Sustainable Development Goals website. There's the 17 different goals that you can look through and browse. I know we just had that keynote a little bit ago on OS climate, which was a really interesting and compelling case of a project working towards climate action with all these different key stakeholders. So this is a really excellent opportunity to start thinking more about what projects are we participating and working in and what ways can they impact communities and other derivative or downstream projects in a way that you could pursue this option of going through this nomination process to become a digital public good. So we're really keen to, I think we have five minutes left here for Q and A. So it was a really quick peek. And don't forget to look at some of the polls in the polls tab on Hoppin. We've been feeding some of the some of the interactive polls there as well. But I think now from here we can open it up for any questions there are. Oh, and actually I think I see some here in the Q and A tab. Lucy, maybe I'll read this one and maybe you can take this from Harish. How would do no harm be enforced? Or if something is a digital public good and later it was deemed to be doing harm does it exit DPG status? Great question. So did I turn my, yes, I ended up eating one at all. And good pointing out the Q and A tab. I was like, oh, we have no questions because I was looking at the chat but here they all are wonderful. So do no harm breaks down as I mentioned into three components. And the full title of do no harm is do no harm by design. So we don't actually monitor whether a solution ends up doing harm down the road. We look at was it developed in a way that is likely to mitigate harm. So what we're looking at is kind of how they collect and store data. How they ensure the privacy and security of the data they collect. How they deal with, if they host content how they deal with inappropriate and legal content and what their mechanisms are for detecting and removing it. And then if they facilitate interactions between users so whether that's part of a community or directly as part of the product. They have a mechanism too for people to protect themselves against grief abuse and harassment and there's a way to address the safety and privacy of underage users. So that's all about how the product is designed. It's a little bit, we're looking at kind of the hammer does this hammer look like it's designed well and is it safe? People can use it to do good or bad things and that's where the standard doesn't go into how it's actually being implemented. We look at was it designed in the best possible way for this. If at the point of review they've got great privacy policies they're doing a good job dealing with inappropriate content and then down the road that falls away. So maybe they're not actually enforcing their privacy policy or they change it or they said that they weren't facilitating interactions and then they do and we find out and people can report projects to us. It would be removed from the DPG registry and it would lose its DPG status if it no longer was designed and developed to do no harm. I'm happy to have a go at the first question as well though I think you would also probably have some thoughts on this. So I think the primary benefit is recognition but also visibility and I say recognition not just recognition for yourself though I think or for the product though I think it does feel good and is important to products especially that are trying to do good in our open source to have this like global acknowledgement but I think others knowledge that as well. And so if your solution is one that's looking for adoption is looking for funding is looking for more people to engage with it. I think this puts you up a long project like Fedora Linux that have that recognition and are doing really good things. And we're seeing and I'm seeing at least a lot more recognition of the value of digital public goods generally. And I think with that like, oh my gosh we've got so much digitization happening it's very important that it's open source and that it was designed really thoughtfully it's more important to also have that official recognition. So I see this as kind of a spiral upwards where it feels good for the project to be seen in that light but that kind of status is also more broadly recognized by a community of people who are implementing funding and choosing projects that they want to support either as contributors or as users. So yes, it's about recognition but I would say kind of a complicated an excellent way. Yeah, and I think building on that too there's also a connection to, you know thinking about that DPG registry where all these projects are listed this does tie into some other streams and parallel to this as well. So for me and the UNICEF office of innovation one of the efforts that's going on there is the giga and giga connect or just giga which is an effort to connect all the world schools to the internet by 2030, a really ambitious goal. And I'll put the link there in the chat but the reason for this goal so you think of it from this way of like, okay, great. So we're working with huge telecommunications providers and folks that are actually building infrastructure and developing it where there currently isn't great infrastructure or connectivity. So you invest in all of these things you create connectivity where there wasn't before now what happens? So this is one way that the DPG registry and that work ties into this puzzle at least with internet connectivity and one of these streams of work with the giga project. So when we are, you know schools are becoming connected to the internet for the first time and by extension not just schools but local communities as well. Digital public goods is one way to answer that question of how do you build a sustainable infrastructure digital infrastructure in these places that haven't been done before. I know many good folks at Microsoft and people that work there but you know sometimes those tools can be a little frustrating to use and of course many times they also aren't open source and lack a lot of the same values and core pieces that we believe in that aren't there. So I think I know we're getting close to time here as I see the video is coming back up but I think this is one of those other pieces here of how this work ties into something bigger is it's providing more visibility and discoverability in these places that might not be our typical thing we think of from open source like people using and creating open source tools and projects but as more and more people become connected and get online these kinds of things will become increasingly important. Okay so I'm sorry but we are actually out of time. This was great. Thank you Lucy and Justin and I know we have two more questions here. So I suggest that I think you can discuss this in the work adventure. I'm gonna post the link here in the chat. So you can go there, create your avatar and discuss this. I actually recommend it. It's kind of a nice way to, you know that we try to sort of, you know make the venue a little bit more alive. So I think you can discuss the questions there. Thank you Lucy and Justin and send our regards to Matthew. Thank you so much. Have a great DevConf. Thank you.