Open First Strategy

• Executive Summary
• 1. Introduction
• 2. Vision
• 3 Goals and Outcomes
• 4. Governing Principles
• 5. Implementing the Strategy
• Appendix A – Rationale
• Appendix B – Goals and Outcomes extended
• Appendix C – Commitments
• Appendix D – GC Current State
• Appendix E - ESDC Current State
• Appendix E – Definition of open standards and open source software

Executive Summary

ESDC has a unique opportunity to take a leadership position in the GC to enact the Open First principles that can be found in the GC Digital Standards, the Policy on Service and Digital, as well as throughout its various commitments.

To do so, working in the open, leveraging open standards and open source software must become a normalized and well understood practice throughout the organization.

To meet these objectives, the IT Strategy team proposes the creation of a team of experts to help the organization transition towards a modern and open organization.

1. Introduction

The mission (raison d’être) of Employment and Social Development Canada (ESDC) is to build a stronger and more inclusive Canada, to support Canadians in helping them live productive and rewarding lives and improving Canadians’ quality of life.

The Government of Canada (GC) aims to invigorate Canada’s unique social market economy, promote competition and encourage SMEs – our innovators and entrepreneurs. We want to build stronger ties with Canadians by being more transparent and by building solution together.

Working in the open by default across ESDC and with other GC departments, provincial governments, municipalities, companies and the public at large, we can build new, innovative digital solutions that support our goals, and work towards technology sovereignty. (See rationale in Appendix A)

This “Open First” strategy reinforces the GC’s Digital Standards, Policies and Directives that include working in the open, using open standards, using OSS, publishing open source code and contributing to OSS communities. It will help ESDC improve its technology and information management processes. (See commitments listed in Appendix B)

2. Vision

ESDC leverages the transformative, innovative, and collaborative power of working in the open, open standards and OSS, encouraging the sharing and reuse of solutions, knowledge and expertise, to optimize service delivery to Canadians.

The title of this strategy, “Open First”, is intended to change the mindset whereby the acquisition or development of digital solutions takes account of openness, sharing, reuse, security, privacy, legal and accessibility while achieving digital autonomy and transparency considerations. It also indicates a commitment to actively support Standards organizations and developer communities.

3 Goals and Outcomes

This strategy, its governing principles and its Action Plan will help ESDC acquire, build and deliver IT solutions and services, that leverage the innovative and collaborative power of open standards, OSS and working in the open. It will make ESDC and the GC part of the OSS community, an agile contributor and active participant by co-developing with other Canadian public administrations and encouraging the sharing and reuse of our solutions, knowledge and expertise. As a result, we will deliver services that enrich society and reduce costs.

This strategy focuses on transformative and innovative aspects, and recognizes open standards and OSS as catalysts for change. In addition, it leverages initiatives in other GC departments/agencies to help shape the conditions for open standards, OSS and government innovation. This section sets out the key reasons and principles underlying the new strategy.

Progress towards digital autonomy

Change is constant at ESDC, and as a result, the acquisition and development of IT solutions must consider the flexibility needed to keep pace with legislative changes, as well as emerging technologies, to offer services that are alike commercial services (e.g., banks, social media, etc.) internally and to citizens.

Open standards and OSS can give ESDC and the GC a chance to create and maintain an independent digital approach and stay in control of its processes, its information and its technology.

Implementing the Policy on Service and Digital

The Policy on Service and Digital makes it clear that working in the open and collaborative working methods will be the norm within the GC to foster the sharing of solutions, code, and data. The principal working methods encouraged by this strategy are open, inclusive and co-creative.

With this strategy, ESDC is taking another step in realizing the vision outlined for the GC.

Sharing and reuse benefits all

Open standards and OSS make it easy to share and reuse solutions, as well as data, information and knowledge.

Moreover, leveraging open standards and OSS enables ESDC to work in the open by default, including in software development and service design, creating opportunities for cross-jurisdictional cooperation for the improvement of services to Canadians.

This strategy promotes the use of new commercial opportunities for Canadian open standards and OSS service providers to do business with the GC and business internationally.

Contribute to the knowledge society

Working in the open and sharing the GC’s source code as information that others can learn from or reuse is our civic responsibility. It lowers costs for society and increases knowledge.

The Directive on Open Government demonstrates the value of documents created by public organizations and encourage their reuse.

Working in the open has many benefits, such as: increasing the transparency of services, increasing trust in government, creating an ecosystem that promotes innovation, increasing collaboration within and external to government…

The goal of this strategy is to enable ESDC to work in the open as well as share open source code using a process comparable to the one for its open data and information.

Build a world class public service

Open standards and OSS are about co-creation and building public services that connect seamlessly across organizational silos and borders. Building a responsible open Canada is something we can only do ourselves and the best way is to do it together.

This strategy is in line with (and influenced by) the European Commission OSS strategy 2020-2023 while building on GC policies, directives and the digital standards.

The rest of the world has realized the value of open standards, OSS and working in the open by default. Canada has a policy in line with the world’s best approaches. For more information, review the Commitments appendix of this strategy.

By adopting this strategy, ESDC is taking a stand and moving towards a world class public service.

4. Governing Principles

This strategy supports the GC’s transformation by simplifying and streamlining processes. It will help to make collaborative working methods the default for ESDC’s work internally and with others.

It is important to stress that the principles and the Action Plan relate to existing work processes. Open standards and OSS are already being used across the GC and in some parts of ESDC there is an established working in the open culture. We simply need to do more and continuously improve.

The principles are consistent with “state of the art” GC policies (see Build a world class public service. They are aligned with the Mandatory Procedures for EA Assessment and the Digital Standards, in particular “Maximize reuse”, “Work in the open by default” and “Use open standards and solutions”. They also uphold the principles of the ESDC OSS Framework, focusing on making them actionable.

The following six principles govern this strategy:

Open First

Work in the open by default. Use open standards and solutions.

The GC is an enthusiastic user of and contributor to OSS. This is reflected in its Digital Standards and Policy on Service and Digital, which encourages the IT community to tap into the growing potential of open standards and OSS as well as join forces with major commercial players and communities, and mobilize co-creation capacity to support departments in pioneering new solutions.

Transform

Innovate and co-create, share and reuse, and together build user-centric, data-driven public services. Harness the working principles of open standards and OSS.

We adopt a working culture based on the open principles of working in the open as well as sharing and reusing open standards and OSS. We nudge ESDC and its working methods forward by highlighting the crucial role of open standards and OSS and related best practices for co-creation and collaboration. This transformation will go beyond IT, so that we apply open methods when working together and sharing information.

Inner source (the creation of working cultures based on open principles and sharing within the organization) will be promoted, to bring teams closer to working in the open and encourage sharing and reuse within the organization. This is a step towards opening up more projects as open source code and sharing them with the outside world.

Share

Release all source code under an appropriate OSS license. Enable incidental contributions to related open standards and OSS projects.

ESDC will strive to share the source code of its future IT projects by default. In addition, our developers will be encouraged to make contributions to relevant open standards and OSS projects.

Contribute

Strive to be an active member of the diverse open standards and OSS ecosystem. Work in the open and collaborate with peers.

To be an active member of the diverse open standards and OSS ecosystem, we will continue to gain expertise to address product management and governance. ESDC will seek to become an active contributing member of key communities where it can add value, while balancing costs. This will contribute to the viability of the ecosystem and facilitate product management and governance.

In addition to sharing source code, ESDC should consider joining open standards and OSS boards and committees to devise systematic methods for targeted funding work to improve security and find ways to help critical open standards and OSS projects become self-sustainable. This could enable ESDC to influence the direction of work, which could also be leveraged by other public administrations. It could also provide opportunities to recruit talent.

To continuously improve its services to the Canadian public, ESDC should continue its efforts in cross-jurisdiction working groups, partnerships and domain specific collaboration.

Secure

Ensure the open standards and OSS we use and the open source code we share is as secure as possible.

Open standards and OSS rely on good security practices instead of obscurity. A common misconception is that hiding code helps to prevent successful attacks. As NIST standard body recommends: “System security should not depend on the secrecy of the implementation or its components”. Open standards and OSS development practices rely on hardening (or improving the security of) code by making it available for peers to test and try to break, and then fixing the problems found.

Following IT security best practices and monitoring security advisories, automated continuous security testing will be in place to make sure that open standards and OSS components that we use in our applications are as secure as possible. Similarly, we will thoroughly test the code that we intend to share and ESDC will continue investing in tools and training to normalize these best practices.

ESDC already has experience in this area in its cyber security teams, and through collaboration with the cyber security team at TBS. There are also opportunities to learn and collaborate with the EU-Free and Open Source Software Auditing (FOSSA) community.

Stay in control

Promote open standards and specifications that are implemented and distributed in OSS as a way to avoid vendor lock-in. Increase and maintain in-house skills and capabilities

Interoperability is of utmost importance to ESDC and the GC. The key to interoperability is the use of well-established open standards and specifications. To ensure our digital sovereignty and a level playing field, ESDC will promote, for all future IT developments, open standards and specifications that are implemented and distributed through OSS, and integrate this best practice in its corporate intake, project and governance approaches.

The Mandatory procedures for EA assessments include designing for cloud mobility and developing exit strategies to avoid vendor lock-in. It is critical for ESDC to ensure that IT Solutions remain highly flexible and adaptable to protect ESDC from the negative impacts of future changes, while also minimizing the risks of those changes.

In this context, the lack of open standards and OSS used poses a significant risk to the longevity of IT solutions and to the successful delivery of ESDC’s mandate.

5. Implementing the Strategy

The GC strives to be an active user of and contributor to open standards and OSS as reflected by the Digital Standards and the Policy on Service and Digital. This strategy will ensure that ESDC increases its use of OSS and open standards, and by doing so aligns with GC standards and policies.

The right balance

This strategy comes with an Action Plan that details how ESDC will encourage working in the open and leverage open standards and OSS development practices to co-create, share and reuse across the organization. In addition to this internal focus on an open working culture, the strategy and Action Plan provide for increasing outreach to open standards and OSS communities and will help ESDC work in the open to become a strong force in the community of Canadian public administrations actively involved in open standards and OSS.

With these internal and external activities, the strategy and Action Plan constitute practical instruments to help achieve the digital transformation of ESDC.

Recommendations

Open First Centre of Enablement (CoE)

This strategy is firmly rooted in ESDC’s and the GC policy context. For it to succeed, a proper enabling environment is required to guide, encourage and drive change across the organization.

The strategy and the Action Plan are inextricably linked. The pivotal point is the creation of an Open First CoE that has genuine organizational support, involving all branches within ESDC. The CoE will act as a facilitator for all activities outlined in the strategy and the Action Plan. It will assist subject-matter experts, inspire teams within ESDC and help balance internal focus and external activities.

As domain leader for IT, IITB will be responsible for setting up and running the CoE. This will allow it to set priorities, measure outcomes and report on progress.

IITB will make an annual budget request for the CoE and the Action Plan, to be reviewed and approved through the normal budgetary procedures. Using the existing corporate IT governance structures, IITB will report on, monitor and review the Action Plan, and deliver a mid-term review of progress and implementation of the strategy.

Based on the TODO group (professional open source program networking group at The Linux Foundation) guide on How to create an open source program (todogroup.org/guides/create-program/) the responsibilities of the Open First CoE will include:

• clearly communicating the Open First strategy within and outside ESDC;
• owning and overseeing the execution of the strategy and Action Plan;
• facilitating the effective use of open standards and OSS in commercial products and services;
• ensuring high-quality and frequent releases of code to open standards and OSS communities;
• engaging with open communities and ensuring that the organization contributes back to other projects effectively; and
• maintaining licence compliance, reviews and oversight.

The proposed structure as a first version of the Open First CoE includes 4 resources broken down as follows:

• 1 x CS-04 (manager)
• 2 x CS-03 (technical advisors)
• 1 x CS-02 (support analyst)

In collaboration with the ESDC classification team, this proposal highlights a structure that will focus on Client Relations Management, Policy Analysis, Procurement and Software Legal Compliance, IT Security, Solution Development, Community Management, and Collaboration skills:

• Program Manager and Compliance Officer (CS-04) – He is empowered at an executive-level position (reports to DG), with direct oversight and hands-on management of ESDC’s Open First activities. He leads the way towards the Open First goals and vision, which include ensuring open standards and OSS compliance, and establishing partnerships with other groups within and outside IITB and ESDC to support working in the open for everyone in the organization.
• Coordinator (Software Development) (CS-03) – He is responsible for ensuring that ESDC can consume code internally and contribute back to projects with acceptable terms specific to open standards and OSS.
• Coordinator (Operations) (CS-03) – His focus is on facilitating the integration of open source in the IT environment and enabling all ESDC employees and teams transitioning to working in the open by default.
• Change Agent & Developer Relations (CS-02) – He spurs interest and enthusiasm within ESDC’s developer community for open-oriented projects. He’s also responsible for coordinating communications, growing open standards and OSS efforts while increasing teamwork among engineers and other IT professionals.

Moreover, ad hoc legal services will be needed, to ensure compliance with laws, licensing agreements, and other legal details, which will require the Open First CoE to continue and strengthen IITB’s existing partnership with the Intellectual Property Center of Excellence (IP CoE).

The CoE will be responsible for all activities in the Action Plan.

Action Plan and Impact

The best way to lead is by example. This strategy will produce tangible evidence of the benefits of a work culture based on open principles. In addition, by simplifying the rules of sharing ESDC custom-developed software and contributing to OSS projects, it will show the value of open standards and OSS to the organization and further.

These are the main actions:

These actions will provide the tools to reinforce and extend the open working culture. Source code will increasingly become available to all developer teams in ESDC and the GC. Contributions to the tools that are core to our business will be much more easier. This will help get the organization accustomed to accept external contributions.

To ensure these actions are executed in an organized, coordinated and scheduled manner, ESDC will establish a nimble CoE within IITB. It will liaise between projects, teams and subject-matter experts, and lead the organization towards an open working culture.

Appendix A – Rationale

Working in the open by default across ESDC and with other GC departments, provincial governments, municipalities, companies and the public at large, we can build new, innovative digital solutions that support our goals, and work towards technology sovereignty.

Open standards and open source software (OSS) allow for incremental innovation, based on the sharing of knowledge and skills. Openness increases trust in public services. It helps to solve complex technology problems by getting others to contribute unexpected solutions.

Being free to inspect and improve, open standards and OSS offer more options to increase the level of assurance that adequate security controls are applied. It allows for independent audits and code inspections, so the time and effort spent can be balanced according to the needs. This improves security, not just for us, but also for everyone.

This “Open First” strategy reinforces the GC’s Digital Standards, Policies and Directives that include working in the open, using open standards, using OSS, publishing open source code and contributing to OSS communities. It will help ESDC improve its technology and information management processes. (See commitments listed in Appendix B)

To build Canada together, we have to contribute, and accept contributions from others.

This strategy is an instrument to support and enable digital transformation in IITB and ESDC. It can also be leveraged by others in the GC.

This strategy sets out how we encourage and leverage open principles and development practices to co-create, share and reuse across ESDC. It brings ESDC closer to the OSS community by making it an agile contributor and an active participant. It encourages to explore opportunities for dedicated support services of open solutions that we consider critical. The organization will make more and more use of open standards and OSS – in areas where it is practical, to areas where it makes sense and domains where it is strategic.

It was the GC’s involvement in the fields of aviation, telephony, and nuclear technologies that spurred innovation and new industries in our country. The Government is once again well positioned to rally the country into the growing field of open standards and OSS that employs tens of thousands of people across the country. As a strong supporter of the GC’s vision of open standards and OSS, ESDC can play a role in bringing this vision to fruition through the development and implementation of this strategy.

Appendix B – Goals and Outcomes extended

These days, open standards and OSS are everywhere. They have reshaped the landscape in the IT industry, are ubiquitous in manufacturing, and are an increasingly common instrument of public services. Governments across Canada (e.g., British-Colombia, Québec (in French only), Montréal (in French only) and around the worlds’ leading nations (e.g. UK, France (sill.etalab.gouv.fr/fr/software) (in French only), Italy, USA, etc.) have adopted policies, directives or guidance on open standards and OSS.

This strategy, its governing principles and its Action Plan will help build and deliver IT solutions and services, that leverage the innovative and collaborative power of open standards, OSS and working in the open. It will make ESDC and the GC part of the OSS community, an agile contributor and active participant by co-developing with other Canadian public administrations and encouraging the sharing and reuse of our solutions, knowledge and expertise. As a result, we will deliver services that enrich society and reduce costs.

This strategy focuses on transformative and innovative aspects, and recognizes open standards and OSS as catalysts for change. In addition, it leverages initiatives in other GC departments/agencies to help shape the conditions for open standards, OSS and government innovation. This section sets out the key reasons and principles underlying the new strategy.

Progress towards digital autonomy

Change is constant at ESDC, and as a result, the acquisition and development of IT solutions must consider the flexibility needed to keep pace with legislative changes, as well as emerging technologies, to offer services that are alike commercial services (e.g., banks, social media, etc.) internally and to citizens.

Open standards and OSS can give ESDC and the GC a chance to create and maintain an independent digital approach and stay in control of its processes, its information and its technology, because:

• open standards and OSS are independent of companies and countries – minimizes the risk of vendor lock-in and political or trade disputes;
• open collaboration is the leading model and provides the most flexible platform for software development at the digital frontier, from cloud, blockchain, high-performance computing and artificial intelligence to the internet of things;
• leveraging open standards and OSS, ESDC can devise an approach to cloud computing and software-as-a-service (SaaS) that balances advantages and risks;
• being open and working in the open promotes trust in the ESDC and the GC;
• open standards and OSS enables ESDC to invest in Canada’s independent and competitive position in these technology areas - focus on an open, decentralized information society that supports Canadian actors and fiscal fairness; and
• open standards and OSS makes decentralized, federated services possible for independent audit by allowing ESDC to build solutions that are in harmony with the commitment of the GC to govern in a positive, open and collaborative way as well as the Values and Ethics Code for the Public Sector: Respect for Democracy, Respect for People, Integrity, Stewardship and Excellence.

Implementing the Policy on Service and Digital

This strategy outlines the high-level objectives of the Policy on Service and Digital:

• client service experience and government operations are improved through digital transformation approaches; and
• guiding principles and best practices of the GC Digital Standards: design with users; iterate and improve frequently; work in the open by default; use open standards and solutions; address security and privacy risks; build in accessible from the start; empower staff to deliver better services; be good data stewards; design ethical services; collaborate widely.

The benefits of using open standards and OSS (the specification or code is public, free to reuse and adapt and improve; it can be inspected for security issues, is independent from vendors, and gravitates towards interoperable systems) underpin these objectives.

The Policy on Service and Digital makes it clear that working in the open and collaborative working methods will be the norm within the GC’s IT community to foster the sharing of code, data and solutions. The principal working methods encouraged by this strategy are open, inclusive and co-creative.

To drive efficiencies across the GC, the Policy on Service and Digital focuses on the client, ensuring proactive consideration at the design stage of key requirements of these functions in the development of operations and services. It establishes an enterprise-wide, integrated approach to governance, planning and management. Overall, the Policy on Service and Digital advances the delivery of services and the effectiveness of government operations through the strategic management of government information and data as well as leveraging information technology, supporting the Minister for Digital Government in leading the GC’s digital transition.

The Directive on Service and Digital refers to cyber security of digital solutions and services. OSS code can be inspected in detail and included in systematic vulnerability scanning. This is another practical link with the Policy and Directive on Service and Digital.

With this strategy, ESDC is taking another step in realizing the vision outlined for the GC.

Sharing and reuse benefits all

Open standards and OSS make it easy to share and reuse solutions, as well as data, information and knowledge. This also aligns with the Policy on Service and Digital and the Mandatory procedures for EA assessments:

• data and information are open by default as per the Directive on Open Government;
• source code is released under an appropriate OSS licence;
• existing solutions, components, and processes are leveraged and reused; and
• code is shared publicly when appropriate, and when not, shared within the GC.

Moreover, leveraging open standards and OSS enables ESDC to work in the open by default, including in software development and service design, creating opportunities for cross-jurisdictional cooperation for the improvement of services to Canadians.

By adopting the OSS technologies and methodologies and ensuring that open standards and interoperability are mandatory to all its software enabled solutions, ESDC will be in a strategic position to share and leverage the knowledge of other departments and public services across the country. Citizens and companies would have the opportunity to study and contribute to these initiatives in a truly transparent way.

This aligns with industry best practices where companies have increasingly released open source code of software products, in parts or in whole, to realize economies of scale for software development and to focus on their core mandate. Any ancillary capabilities are built in the open to create a place where many can collaborate on commonly needed software solutions.

Finally, this creates new opportunities for smaller companies to do business with the GC. For example, studies from the CNLL (Conseil National du Logiciel Libre) show that the market share for OSS-related services in France has grown from 2.5 billion euros in 2012 to 4.5 billion euros in 2017 and was expected to approach 6 billion euros in 2020. This growth is in part due to the policies of the French Government that favour the use of open standards and OSS.

This strategy promotes the use of new commercial opportunities for Canadian open standards and OSS service providers to do business with the GC and business internationally.

Contribute to the knowledge society

Sharing the GC’s source code as information that others can learn from or reuse is our civic responsibility. It lowers costs for society and increases knowledge.

The Directive on Open Government demonstrates the value of documents created by public organizations and encourage their reuse. Similarly, to data and information, source code constitutes a vast, diverse and valuable pool of resources that can benefit the knowledge society. Sharing will help maximize the growth potential of the digital economy, as communicated in the Digital Standards Guidance for “Work in the open by default”.

Working in the open has many benefits, such as: increasing the transparency of services, increasing trust in government, creating an ecosystem that promotes innovation, increasing collaboration within and external to government…

The goal of this strategy is to enable ESDC to share open source code using a process comparable to the one for its open data and information.

Build a world class public service

Open standards and OSS are about co-creation and building public services that connect seamlessly across organizational silos and borders. That is why it is a component in most of the actions in the Interoperability solutions for public administrations, businesses and citizens (ISA2) (previously at: //ec.europa.eu/isa2/isa2_en) European Commission programme. Building a responsible open Canada is something we can only do ourselves and the best way is to do it together.

A Study on OSS governance at the European Commission shows that their OSS strategy is in line with the best practices from public services and private companies. It confirms that the strengthened policy on the use of OSS is the norm nearly everywhere. The study’s high-level recommendations are:

1. Emphasise usage and benefits of open source
2. Create an open source dedicated entity that fosters and measures strategy adoption
3. Improve Procurement and Product Management processes
4. Establish an open culture
5. Collaborate with communities/open source software ecosystem
6. Manage legal/license/IPR issues
7. Enhance and develop the technical Infrastructure

This strategy is in line with (and influenced by) the European Commission OSS strategy 2020-2023 while building on GC policies, directives and the digital standards.

The rest of the world has realized the value of open standards, OSS and working in the open by default. Canada has a policy in line with the world’s best approaches. For more information, review the Commitments section of this strategy.

By adopting this strategy, ESDC is taking a stand and moving towards a world class public service.

Appendix C – Commitments

This section links this strategy to GC and ESDC legislations, policies, directives, guidelines and more.

Mandate Letters

Mandate letters outline the objectives that each minister seeks to accomplish, as well as pressing challenges to be addressed in their role.

The President of the Treasury Board mandate letter outlined the following top priority:

• […] emphasis on increasing the number of public servants with modern digital skills;
• […] ensure that full consideration is given to leveraging digital delivery approaches throughout the development of major projects;
• […] update and replace outdated IT systems and modernize the way government delivers benefits and services;
• […] champion for Digital Standards, utilize more agile, open and user-focused methods when designing services;
• Further expanding open data initiatives and making more data available digitally.

The Minister of Employment, Workforce Development and Disability Inclusion and the Minister of Families, Children and Social Development mandate letters outlined the following top priorities:

Open and Accountable Government sets out these core principles and the standards of conduct expected of you and your office.

Digital Standards

The GC’s Digital Standards form the foundation of the government’s shift to becoming more agile, open, and user-focused. In order to design digital services to better serve Canadians, the Standards lead teams to:

• Work in the open by default - Share evidence, research and decision making openly
• Use open standards and solutions - Leverage open standards and embrace leading practices, including the use of open source software
• Collaborate widely - Identify and create partnerships which help deliver value to users

Enterprise Architecture Framework

The GC’s Enterprise Architecture Framework is the criteria used by the GC enterprise architecture review board (EARB) and departmental architecture review boards when reviewing digital initiatives to ensure their alignment with enterprise architectures across business, information, application, technology and security domains to support strategic outcomes. The framework stipulate the following:

• Reuse common business capabilities, processes and enterprise solutions from across government and private sector
• Publish in the open all reusable common business capabilities, processes and enterprise solutions for others to develop and leverage cohesive horizontal enterprise services
• Ensure data are managed to enable interoperability, reuse and sharing to the greatest extent possible within and across departments to avoid duplication and maximize utility
• Share data openly by default; adhere to existing enterprise and international standards, including on data quality and ethics
• Ensure data formatting aligns to existing enterprise and international standards on interoperability; where none exist, develop data standards in the open with key subject matter experts
• Use open source solutions hosted in public cloud; select existing solutions that can be reused over custom built; contribute all improvements back to the communities
• Design systems as highly modular and loosely coupled services
• Design for cloud mobility and develop an exit strategy to avoid vendor lock‑in

ESDC OSS Management Framework

The ESDC OSS Management Framework (internal link), endorsed at ESDC EARB on March 16, 2021, provides guidance and sets direction around OSS product selection considerations and compliance obligations such as governance, code sharing, licensing and security to ESDC. It also provides a list of recommendations, considerations and procedures for the adoption, management and promotion of OSS as the primary option for future and next iteration solutions of ESDC/IITB information systems. Some short-term recommendations are:

• IITB decides, defines and focuses on the preferred areas of adoption, consider OSS in every aspect of the ICT Ecosystem+
• IITB implements a process for the sharing and re-use of developed OSS efforts within the department, GoC and OSS Community
• Establish an OSS Program Office […] to take on the responsibility and further define the process and reporting requirements…

Digital Nations Charter

The Digital Nations is a collaborative forum of the world’s leading digital governments that uses technology to improve citizens’ services in Canada and globally. At the 2019 Digital Nations Ministerial Summit, the Digital Nations Charter was endorsed as a mutual commitment to digital government service development and leadership. Some of the principles that the participants have committed to working towards fulfilling:

• Promote interoperability of digital technologies, including by adopting a credible royalty free open standards policy;
• Strive to create future government systems, tradecraft, manuals and standards as open source and shareable between Participants;
• Promote competition in digital markets, for all enterprises regardless of size, including in government procurement;
• […] support a dynamic start-up/scale-up culture in the digital and technology sectors, and promote sustainable economic growth through open markets; and
• Be a member of the Open Government Partnership, promote digital technologies to facilitate transparency and citizen participation, and use open licences to produce and consume open data.

Directive on Open Government

The Directive on Open Government promotes information management practices that enable the proactive and ongoing release of government information, by

Maximizing the release of Government of Canada open data (structured data) and open information (unstructured documents and multi-media assets) under an open and unrestrictive licence…

Open Government Partnership

Open government is about making government more accessible to everyone and ensuring that government coding, datasets and information are available to use. Since joining in 2012, Canada has been an active member, and co-chair (2017 to 2020), of the Open Government Partnership (OGP).

Canada has taken an international leadership role in this area in order to empower civil society, share ideas about accountability and transparency, and model anti‑corruption measures. The OGP is also an opportunity for us to learn from leading countries in the open government space.

2018-2020 National Action Plan on Open Government

The most recent Action Plan, as part of our commitment to the OGP, is the 2018-2020 National Action Plan on Open Government. These are some commitments:

• expand the Open by Default pilot project
• ensure Canadians have access to open data on Government of Canada procurement
• explore adoption of common contracting data standards across Canada
• […] provide a plan for greater openness in federal science and research activities
• prioritize open source code in developing digital solutions

ESDC is identified as a lead department in the plan.

Policy on Service and Digital

The Policy on Service and Digital and its supporting instruments serve as an integrated set of rules that set out how GC organizations manage service delivery, information and data, information technology, and cyber security in the digital era. These rules include areas of responsibility for the CIO of Canada and deputy heads across the GC.

• The CIO of Canada is responsible for: […] Establishing guidance to support innovative practices and technologies, including open-source and open-standard applications, and agile application development.
• Deputy heads are responsible for: […]
  • Maximizing the release of departmental information and data as an open resource, discoverable through the GC open government portal designated by the Treasury Board of Canada Secretariat, while respecting information security, privacy, and legal considerations.
  • Prioritizing departmental information and data to be added to the GC open government portal, informed by public demand.
  • Providing authorized users of the departmental electronic network and of departmental devices with open access to the Internet, including Government of Canada and external Web 2.0 tools and services that enhance productivity, communication and open collaboration.

Directive on Automated Decision-Making

The objective of the Directive on Automated Decision-Making is to ensure that automated decision systems are deployed in a manner that reduces risks to Canadians and federal institutions. It is also intended to lead to more efficient, accurate, consistent, and interpretable decisions made pursuant to Canadian law.

Releasing the final results of Algorithmic Impact Assessments in an accessible format via Government of Canada websites and any other services designated by the Treasury Board of Canada Secretariat pursuant to the Directive on Open Government.

Standard on Metadata

The Standard on Metadata aims to increase the use of standardized metadata and value domains in support of managing information resources. Metadata requirements include open standards for record keeping, Web resource discovery and Web Content Management System (CMS):

• ISO 23081 (Records management processes - Metadata for records)
• Dublin Core Metadata Initiative (DCMI) Metadata Terms
• W3C Date and Time Formats
• ISO 8601 (Date and time Format)
• ISO 639-2 (Language codes)

Standard on Web Interoperability

The Standard on Web Interoperability improves Canadians’ web experience by using technologies that support mobile devices and make information technology easier to use in order to find government information. The following open standards are required to be used for all GC Web pages:

• Atom Syndication Format (RSS feed)
• UTF-8 (Character encoding)
• HTML5 or later (Mark-up language)
• RDFa 1.1 Lite or later (HTML data syntax)
• Schema.org (Primary HTML data vocabulary)

Digital Operations Strategic Plan: 2018-2022

The Digital Operations Strategic Plan 2018-2022 is the third iteration of the GC’s strategic planning process for managing technology and technological change in government providing insight into the government’s digital direction. Departments, agencies, chief information officers (CIOs) and officials consider the contents as direction from the CIO of Canada. The following outline the actions:

• Open government:
  • Open data and Open by default
• Collaborating with Canadians
• IT Modernization:
  • TBS will lead the development of a strategy to set direction for the government on the use and release of open source software and open standards that will be ratified using the Government of Canada Enterprise Architecture Review process..

Open First Whitepaper

The Open First Whitepaper written by the TBS on the subject of “Open” in order to inform initiatives, including the new GC Enterprise Architecture Review Board (EARB) to set standards related to open standards and OSS that influence our technological ecosystem as well as our Information Management - Information Technology (IM-IT) practices.

The whitepaper has sections on open standards, OSS use, OSS contribution, open markets and open culture. Definitions, benefits and risks are explored for each section.

OSS Guides

TBS published Guides for Using OSS, Publishing Open Source Code and Contributing to OSS on the Canada.ca Website under digital government innovations.

ESDC Adopt, Buy and Build Strategy

The Adopt, Buy and Build Strategy provides IITB with an overarching strategy in the application of the GC Mandatory Procedures for EA Assessments and the Mandatory Procedures on APIs. This provides direction on acquiring new IT Solutions and assessing enhancements to existing IT Solutions, with the outcomes of:

• IT Solutions and IT Products comply with the ESDC Open Source Software Management Framework when applicable
• Increased ratio of open source software solutions and products used in production compared to purchased or internally developed ones that are not shareable and reusable

ESDC Target Solution Delivery Model

The Target Solution Delivery Model provides ESDC with a path towards same day software delivery leading to DevOps practices and product management.

Appendix D – GC Current State

The GC’s interest in OSS dates back to the early 2000s when the open source movement accelerated with the emergence of Mozilla, OpenOffice and investments in Linux development.

In 2004, the GC’s position on OSS was published on TBS website. It was based on the Federated Architecture Program (FAP), which had four principals that applied to OSS:

• Reduce Integration Complexity
• Security, Confidentiality, Privacy and Protection of Information
• Proven Standards and Technologies
• Total Cost of Ownership (TCO)

The FAP did not require the adoption or even the evaluation of solutions based on OSS. There were no directives or guidance in the GC for the use and publication of open standards and OSS.

The GC published its first open government Action Plan in 2012 and has an active open government community across departments and agencies. The Open Government Portal hosts open data and open information (unstructured data) from the GC and even provinces. Until recently, the focus of Open Government in the GC has been on releasing open dataset and documents such as proactive disclosures. Even where source code could be considered as information, it was often overlooked because it requires technical skills to understand and work on code.

For open standards and OSS, some departments put in place their own guidelines or reports. In 2012, the National Research Council (NRC) published the NRC OSS Guidelines for internal use. Also in 2012, Natural Resources Canada (NRCan) published an OSS Licensing Primer intended to inform on the importance of interoperability in licensing and decision-making approaches, which is required to make optimal decisions on policy for OSS use, development and release. In 2016, Canadian Heritage (PCH) published a report on the Elements of a Technical Interoperability Framework to start thinking about how they could increase interoperability and mitigate against vendor lock-in by using open standards and OSS.

Shared Services Canada (SSC) organized two sessions on the topic of OSS with the Architecture Framework Advisory Committee (AFAC) to write a Draft Position on OSS including the following statements:

• For all software acquisitions, open source solutions must be actively and fairly considered alongside proprietary ones.
• Acquisition decisions will be made on the basis of best value and fit to the business requirement, taking account of the total lifetime cost of ownership of the solution, including exit and transition costs, after ensuring that solutions fulfil minimum and essential capability, security, scalability, transferability, support and manageability requirements.
• Where there is no significant overall (full-lifecycle) cost difference between open source and non-open source products, open source will be selected on the basis of its additional inherent flexibility.

SSC also published a Functional Direction Software Strategy for departments that included the following principle:

Use open source software when feasible; if not, leverage commodity products, and use best of breed point solutions when deemed necessary;

All these initiatives did not have much impact on the use of OSS and open standards in the GC. To benefit fully from the advantages of interoperability and flexibility, strategies need to be implemented across the board, rather than separately in each individual department.

In December 2017, the GC EARB members endorsed the “formalization of a common GC-wide approach to the adoption of open source within government, resulting in a more robust open community within the GC”. This led to international partnerships, standards, policies, directive, mandatory procedures and guidance being announced and published. For more information, review the Commitments section of this strategy.

Appendix E - ESDC Current State

Since 2012, ESDC has been responsible for the largest collaborative OSS project led by the GC. The Web Experience Toolkit (WET) is an award-winning front-end framework for building websites that are accessible, usable, interoperable, mobile friendly and multilingual by using a collection of flexible and themeable templates and reusable components. WET is being used today on most GC Websites including Canada.ca.

Between 2018 and 2019, when TBS wrote the direction and guidance for open standards and OSS, the Technical Architecture team at ESDC were working on the ESDC OSS Management Framework. The framework was endorsed at ESDC EARB on March 16, 2021 with one of the main recommendations to establish an OSS Program Office (or CoE) to take on the responsibility and further define the process and reporting requirements. No further actions have been taken since then.

Some teams in IITB are working in the open (DTS, IT Strategy, …) and some OSS solutions are part of technical bricks or directly available to end users, but it’s still a minority.

Appendix E – Definition of open standards and open source software

Open standards are a set of rules designed to do a specific job in technology, developed in a fully open manner. They refer to file formats, protocols and application interfaces that can be implemented by everyone (in open source and proprietary software alike).

Inspired by France’s Référentiel Général d’Interopérabilité (General Guidelines for Interoperability), the Quebec government’s Cadre Commun d’Interopérabilité (tresor.gouv.qc.ca/ressources-informationnelles/architecture-dentreprise-gouvernementale/standards-et-normes/cadre-commun-dinteroperabilite/) (Common interoperability framework), the European Interoperability Framework (previously at: //ec.europa.eu/isa2/eif_en) and the British Cabinet Office’s Open Standards Principles, the following criteria define open standards:

• Development process is open and transparent to all interested parties and cannot be controlled by any single person or entity with any vested interests;
• They are platform independent, vendor neutral and usable in multiple implementations;
• Specifications and supporting material are freely available with limited restrictions; and
• They are supported by an independent community, or approved through due process by rough consensus among participants.

OSS is software where the source code is distributed and can be used, copied, studied and redistributed. Similarly, Free Software is software that respects users’ freedom and community¹. They are equivalent, but represent two different visions

All software under an approved licence from the Open Source Initiative or Free Software Foundation is considered OSS and can be used by the GC, based on the GC Guide for using OSS.

Benefits of using open standards and OSS for ESDC and the GC

Open standards are the guidelines that enable international communities to speak a common language and build products in a structured and highly efficient fashion.

Open standards and OSS are aligned to the essence of public service because they:

• enable cross-jurisdictional collaboration;
• share specifications and code openly;
• promote reusable solutions; and
• make contributions easy.

Additional information, including benefits and risks of open standards and OSS, is available in the Open First Whitepaper, published by the Treasury Board of Canada Secretariat (TBS). Their inherent flexibility brings many benefits, for example:

• Lack of vendor lock-in;
• Cost savings;
• Security (independent audits, speed to fix issues…);
• Increased productivity and collaboration;
• First-class IT talent and better job satisfaction; and
• Economic growth in Canada (and abroad)