How public authorities in Sweden works with, procure and finance cloud services

Hello dear community!

I’m currently overseeing a working group for the association “Open Source Sweden” to form form a sensible opinion on the topic of:

**

“How public authorities work with, procure and finance cloud services”.

**

This topic is complicated and I need you help.

1. Identify more “key aspects/subtopics” that should form up a sensible opinion.
2. Provide your opinion on already identified subtopics which are as of today:
   A: Use of tax money (should be primarily reinvested in software that goes back to the public).
   B: Digital sovereignty - a nation must consider the fundamental impacts of being dependent to global corporations and/or other nations when providing services to its citiens.
   C: Legal (Swedish/EU) aspects of using public clouds.
   D: Long term access to competency - How is knowledge of building software and digital infrastructure systems affected by using public cloud services?
   E: Social aspects - what is at stake when authorities use public clouds and social consequences?
   F: How is local (national) business and corporations impacted by national strategies on procurement of public cloud services?

I will consider all inputs in the work we do in this domain to bring that into the network of experts I work with here and I will update here on all progress.

The way to help, could be that you pick out a topic from the above and expand your own thoughts in this thread or add a new subtopic and form up your argument why this is a new key element we need to add.

@hugi @nadia @matthias @felix.wolfsteller @alberto @katejsim @antonekker @johncoate @MariaEuler

Please pull in anyone who you think can provide fundamentals in this very complicated topic.

This is really not my area of expertise but I think we have some people registered on the platform. How about @Jiffit and @IsadoraH at Internetstiftelsen? Or @mattias who used to work for Digidemlab?

Hello @erik_lonroth, I am interested in D, but am not sure why you formulate it in terms of “public cloud”. I would argue that procurement should always have the goal of fostering the development of skills in the community for which the procurement is done.

This is a strong argument in favor of pushing for FLOSS, public cloud or not. years ago, a friend of mine spearheaded the open sourcing of the City of Bologna’s IT. It was not about “the cloud”, it was about employees with desktop computers running Windows 98 + Outlook + Office. It comes down to this: either you keep buying licenses from Microsoft, or you give the same money to some local person who can install and maintain Linux + Thunderbird + Libre Office. The second option clearly builds more competence in the office and in the city.

On top of that, the procurement office has to learn to procure IT services. Which is not an easy job – I myself got burned when procuring software, because I did not understand how software is made. I had to learn to become a better buyer. So, going FLOSS rather than buying proprietary has skills development advantages both in IT and in procurement itself.

@alberto this is such a clear and well described input. I will use this when putting in the effort of getting this on paper.

Regarding E, some cloud suites offer genuine value (lie Google) but gather tons of data about the users. Shouldn’t a democratic government be concerned about a private entity compiling and then selling ads off of such deep surveillance? I imagine that Google does not distinguish a government or non-government user and I also imagine they derive great benefit from people not logging off when they go surf the net in their own time.

I don’t know what Adobe does with the data they gather. But switching all their products to the cloud for everything was not a welcome move, to me at least.

@johncoate - agree, I’m taking in this aswell.

@teirdes I think knows a bit more about this?

Hi @erik_lonroth I added some answers here. Hope it can be interesting and useful.

1. To zoom out and add a key aspect I want to encourage engaging on a systemic level in the procurement process. As any procurement is relevant to Open Source Sweden and its members they would gain from contributing to opening up the procurement system in Sweden. It is currently one of the most proprietary and closed processes in Europe. I did a webinar at work which you can find here about how the current closed private monopoly enables fraud and can foster corruption worse than other European countries. Sweden does not have a central open public database for procurement processes and the private monopoly was just sold. The current situation stifles competition and effective use of tax money. You can contact the Open Up! project by Open Knowledge Sweden and DIGG to support this systemic shift which in turn can support the uptake of procuring open source solutions and public cloud services respecting citizen rights without e.g. Google Analytics.

A: If a public cloud service respects citizen rights and complies with e.g. GDPR and Schrems and is more efficient hardware wise than an on-premise solutions it can be better use of tax money.
B: I believe that the public cloud services in Sweden should be hosted in Sweden especially considering the capacity and competency but also service providers which respects and encourages digital rights.
C. From what I read so far there hasn’t really been anyone daring to say what’s OK and what’s not and a lot of public sector bodies are using public cloud services and it’s user services which really can be questioned legally.
D: As @alberto wrote I believe choosing FLOSS can enable and encourage long-term fostering, learning and development of local skills in comparison to voluntarily braindraining one’s own community/municipality/region/nation.
E: Economy, trust and engagement in the current shape of representative democracy. I believe that the time up until now has decreased all three of these aspects, at least with Swedish Transport Agency scandal.
F: I think it’s gain or drain kind of scenario. My analysis right now of the Swedish situation is that we’re only scratching of the surface of our digital potential partly due to the systemic issue (see 1.) regarding procurement. It’s also important to teach the procurers and people working in public sector regarding the pros and cons about home built on-premise solution and public cloud which is something my colleagues wrote a white paper about here as some might view public cloud as dangerous and see homegrown solutions as gratis when they in reality can cost a lot more of employees’ and consultants’ time and work.

Thank you all @mattias @johncoate @alberto @nadia @hugi @MariaEuler for chipping in to this from various angles.

The update I have here, is that a draft document has been created with all the input from this thread taken into account. The document will finally be adopted by the members of Open Source Sweden - then forming a baseline on how “cloud” and “open source” works together. It will not be perfect, but it will be something.

That text will reach the public in early 2021, where the ambition is to drive Swedish legislation in favor of open source on a national level.

I’ll let you know how it goes. Thank again! If you have more input, its not to late to bring it forward and I’ll push it onwards.

@erik_lonroth Is this report “Addressing Lock-in Effects in the Public Sector: How Can Organisations Deploy a SaaS Solution While Maintaining Control of Their Digital Assets?” the text that you’re referring to? Found it via Forum.CivicTech.se linking to New research on Swedish public sector organisations shows that there is a need for more awareness and understanding of lock-in risks when procuring cloud services.