The Serious Business of Open Source, Inc.
by Glyn Moody
Imagine what "Risk Factors" a hypothetical Open Source Incorporated would put into the regulatory filings that corporations file every year. The process could well provide insight into what the communities of Open Source should be prepared for.
One of open source's great strengths is that it is not a company. This means that traditional methods of nullifying its threat – such as buying it or causing it to go bankrupt – simply don't work. This is one reason why traditional software companies have had such a hard time getting their heads around free software and coming up with a sensible response.
Another benefit that open source enjoys compared to companies is that it is spared huge amounts of paperwork. In the US, that includes things like submitting an annual 10-K form that provides all sorts of financial information. For those who know how to read them (and can put up with their somewhat rather dry style), they are a treasure trove of facts about what a company is doing, and how it is doing it.
But alongside this recital of how much money was made or lost, and where and how, there's one rather splendid section, surprisingly early on, called "Risk Factors". As you might expect, this goes through the various threats and challenges faced by the company in question. And since it is drawn up by lawyers keen to avoid future lawsuits from investors who might claim they were misled about the risks, this section tends to go completely overboard, listing just about everything that could possible go wrong, even down to this:
Catastrophic events or geo-political conditions may disrupt our business. A disruption or failure of our systems or operations in the event of a major earthquake, weather event, cyber-attack, terrorist attack, or other catastrophic event could cause delays in completing sales, providing services, or performing other mission-critical functions. Our corporate headquarters, a significant portion of our research and development activities, and certain other critical business operations are located in the Seattle, Washington area, and we have other business operations in the Silicon Valley area of California, both of which are near major earthquake faults.
No prizes for guessing which company wrote that (most recent 10-K here, but in .docx format).
But supposing open source were a company – say, Open Source, Inc. – what would it put in its Risk Factors section? Well, it would list a whole load of stuff about the danger of Linus becoming a monk, and rare synchronised earthquakes striking everywhere there are open source coders; but it would also run through the key challenges from its rivals. So what might it say? Maybe something along the following lines:
Apple may seduce people with its beautiful, well-engineered products. Open source continues to face intense competition from a company with a very different vision of computing – one based around tight control of all elements. Although terrible from the point of view of freedom, such products are undeniably appealing to users who wish to acquire things that are nice to look at and use. This may result in fewer people turning to our products and subscribing to our vision.
Facebook may become what most people think of as the internet. Facebook currently has nearly a billion users worldwide, many of whom spend extremely long periods of time on their Facebook pages and those of their friends, or playing Facebook games. Facebook may continue to grow to the point that most young people never leave it, and aren't aware there are many interesting things outside. Even though Facebook runs on open source, and makes valuable contributions back to the community, the world of Facebook as experienced by users is almost entirely devoid of open source. As with Apple, this may lead to a reduction in the importance that people attach to open source and its values.