Open Source

White House releases open source policy

The White House released long-anticipated guidelines aimed at improving agency sharing of federally-developed software source code.

The memo, noted in an Aug. 8 blog post by Federal CIO Tony Scott, also incorporates a pilot program to release some custom-developed code used by federal agencies to the public. Scott is also looking to agencies for more public releases beyond the pilot. OMB also plans to launch a new website called to make access even easier.

Scott noted that the federal government has been sharing code for some time, including the code for the White House's "We the People" petition platform, the site hosted by the Department of Veterans Affairs, and more code at the website. Now Scott is taking these established best practices government-wide.

The new document follows the March 2016 release of a draft policy, which elicited comments from open source advocates, government agencies and others. In one memorable episode, Homeland Security CIO Luke McCormack had to walk back comments from DHS IT workers who were concerned that open source was inherently insecure.

The goal of making federal source code more accessible is to increase sharing and reduce costs of duplicative software purchases, said Scott. With open source, Scott said, the federal government should remain technologically neutral and ensure IT investments remain "merit-based," adding the amount of available federal open source software will grow.

Overall, the policy calls for agencies to open 20 percent of their custom code for the duration of the pilot as a minimum. "Agencies are strongly encouraged to release as much custom-developed code as possible to further the Federal Government’s commitment to transparency, participation, and collaboration," according to the policy.

The policy also calls for federal agencies to apply a three-step test when acquiring software, to determine if an existing federal solution or commercial solution can do the job, before turning to new custom software.

Not all code is eligible for sharing. The policy notes that some source code is restricted by patent or other laws, or export controls. The release of some could potentially compromise national security or private information. There is also an exemption under which the federal CIO can restrict sharing because it is in "the national interest" to do so. OMB is required under the policy to justify any software that is exempted from the open source rules.

About the Author

Mark Rockwell is a senior staff writer at FCW, whose beat focuses on acquisition, the Department of Homeland Security and the Department of Energy.

Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, magazine and Wireless Week.

Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.

Click here for previous articles by Rockwell. Contact him at or follow him on Twitter at @MRockwell4.

Cyber. Covered.

Government Cyber Insider tracks the technologies, policies, threats and emerging solutions that shape the cybersecurity landscape.


Reader comments

Thu, Aug 11, 2016 William Sullivan, VP Public Sector, Cloudera

Great article, Mark! The approach outlined in the policy is very similar to what we here at Cloudera believe. I’m glad to see that the White House is providing direction on open source to improve agency efficiency. Open source technologies are a natural fit for the public sector thanks to their ability to combine distributed peer review and transparency, which ultimately drives software innovation at a lower cost and faster pace. And while security remains top of mind for many agencies, open source technologies, particularly hybrid or commercially-backed open source software, can often be more secure than its proprietary counterparts. As an example, while the Apache Hadoop open source software undergoes continuous updates, we regularly release updated versions of our Hadoop distribution which has been thoroughly integrated and tested with the rest of the stack. Open source enables agencies to be innovative, safe and efficient, and it bodes well that the White House is again making its adoption a priority.

Tue, Aug 9, 2016

Did I miss something? When did Congress create the "Chief Acquisition Officer" position? Well, I guess revising the statute here is consistent. The Administration appears to have ignored the statutory preference for commercial practices for some time now.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group