If I use open source then does it mean that
...everyone will have access to our data?
...we have to give our data to the organisation which provided us with the software?
...anyone can change the code and introduce defects in our system?
These are actual questions that get asked by our nonprofit customers. We usually take a step back and discuss what is software, how it's ownership works, data, and hosting. In this article, we go through the same process and try to explain this in as simple terms as we can.
These questions are not about licensing but what is the overall "customer experience" of open source. Through these conversations, we have understood that it is about - "open source" "software" and "reusable products". We have gathered that we cannot explain open source alone without explaining about software and product as well. But to keep the article shorter, we would stick to work-software-products that is used by organisations (like donor management system, accounting systems) and not by individuals for personal/official use (like MS Office, browser, WhatsApp etc).
Let's start by understanding what is software. Each software project exists in two forms - as passive source code in forms of text files, and as a running package on the server or your device. Please see the diagram below.
Let us expand the server a bit to see that the server also has your data stored in the database.
The power of software, unlike physical goods, is that it can be copied any number of times - provided it is functionally reusable (e.g. an organisation's website code is likely to not reusable for other companies). Hence we can provide it to multiple organisation at almost no additional cost. But, when we do that it is important to note that each organisation has its own servers running the software and their own databases.
Now let us get back to the top part of the above diagram - the three arrows. Even though the software has the ability to be copied an infinite number of times, there are legal and commercial restrictions to it. The organisation which owns the software programs decides who gets the software - usually with permission and fees. The other difference is that the organisation usually provides only the installable files and not the source programs. This is because mostly the customer organisation doesn't have much use for the source code.
Let us look at the ownership of each of the pieces now.
Now let us look at how it works in case of open-source software. The software source code and installable are both available free of cost publicly and anonymously. That is, you don't need to pay anything, take any permission, nor do your need to tell anyone. Like, commercial software earlier, you retain the ownership of the server and database.
With that context, let us try to answer the questions at the top of this article.
1. Does opensource mean everyone will have access to our data?
As you can see from the diagram above, there is no relationship between your data and whether the software is open source or not. Your data is owned by you.
2. Does opensource mean we have to give our data to the organisation which provided us with the software?
Again as you can see in the diagram, the open-source software provider (community) doesn't impose any such conditions on the users of their output. While they would like attributions, it is not binding.
3. Does opensource mean anyone can change the code and introduce defects?
...since anyone can copy the code and change it. Let us look at what would happen in this case. The diagram below has a couple of examples of such copying - one by another open source community or by someone in your organisation. Pertaining to the question - other people can make changes to the code but to their "own version" of it and their version generates their own installers. It doesn't affect the software that you are running from your provider (community 1).
Conclusion
One of the goals of this publication is to reduce information asymmetry between software providers and nonprofits. There are a number of misconceptions about the open-source which are not in the interest of nonprofits. In fact, we believe that given the public nature of the work open source and nonprofits are naturally aligned with each other. Finally, if there are other topics/questions about open source that you would like us to write about, please do contact us.
Author: Vivek Singh
Published On: 23-Dec-2020