Activities/Free_Software_in_public_procurement

In early July 2015 FSFE answered to the "Consultation on the respect of intellectual property in public procurement procedures" initiated by the European Commission in the light of reviewed framework on enforcement of so-called "Intellectual Property Rights". The purpose of the public consultation, according to the Commission, was to "gather evidence, opinions and feedback regarding the respect of intellectual property rights and trade secrets in public procurement procedures", and to gather information whether public authorities are in need of guidance on how to ensure that no "IPR" infringing products are procured by public sector. The Consultation is the part of the EU Action Plan which focuses on "the fight against commercial-scale activities that infringe intellectual property".

Despite the fact that the Consultation was focused on a specific issue, i.e. "the respect of IPR in public procurement procedure", we also tried to focus on several issues regarding more general topics, such as Free Software and copyright, patents and trade secrets, and Free Software in public procurement that are no doubt related to the topic of consultation.

In particular:

Our answers

B1. In your view, is the applicable national and EU (for cross-border public procurement) legislation sufficiently clear regarding how intellectual property rights and trade secrets should be managed by public authorities in public procurement procedures?

Intellectual Property Rights - No (please explain)

Trade Secrets - No (please explain)

New rules regarding public procurement, that is the Directive 2014/24/EU on public procurement and the Directive 2014/23/EU on the award of concession contracts, include several references to the so-called "intellectual property rights (IPRs)". According to the directives, contracting authorities can exclude "unreliable" tenderers on the grounds of violations of "IPRs" (Article 57 (4)(c) in relation to recital 101 of directive 2014/24/EU, Article 38 (7)(c) in relation to recital 70 of the directive 2014/23/EU). There is no specific and explicit guidance in the directives on how to acquire proof of compliance with the "IPRs". However, the contracting authority may acquire the proof of technical ability of the tenderer, which does include the possibility for the contracting authority to carry out the check of technical ability of the tenderer (Part II, p. 5). This, in principle, could also include the check of compliance with the relevant "IPRs", as, according to Article 42 (1) of the directive 2014/24/EU, technical specifications that define the characteristics required from procured products include the provisions on "IPRs". In addition, the recital 107 provides that a new procurement procedure is required if the initial contract is changed with regard to the distribution of "IPRs". In scope aforementioned, provisions allow the contracting authorities to procure products on the basis of their compliance with the relevant "IPRs". The legislation is clear on the part that "IPRs" are important factors for awarding and implementing contracts in public procurement. However, there is no clarity in the legislation with regard how to handle "IPRs" issues in respect to software.

De facto, software is being covered by several monopoly rights including copyright under Berne Convention, patents under European Patent Convention (EPC) and trade secrets. Article 52 (2) (c) of EPC excludes software from patentability but only to the extent that patent application relates to software "as such" according to Article 52 (3) of EPC. The reality is that, despite the exclusion of "programs for computers" from patentability under EPC, software can be patented as a "computer-implemented invention". Alongside with copyright and trade secrets, those are too many restrictions on software developers and users. With enough effort and good procedures in the supply chain, full copyright compliance is achievable for a large amount of software packages, but it is impossible to procure software that is not infringing on any patent. Software patents compliance is unachievable: there is no way for anyone, not even the biggest companies, to conduct sufficient prior check as to know for sure that a product is not violating a software patent. The problem of software patents cannot be solved in public procurement, as the problem is rooted in the patent system itself. Thus, the requirement for every publicly procured software to be fully compliant with patent law is, in practice, impossible to respect. On the contrary, the rights of software developers covered by copyright have to be ensured, including the terms of Open Source/Free Software licences, and these rights should not be devalued by third parties' patents on "computer-implemented inventions" that in practice cover software.

It is necessary to ensure that Open Source/Free Software licences are respected in the public procurement procedure by both private entities and public authorities. That means that not only discovering potential copyright infringements is necessary, but that it is also crucial to ensure that Open Source/Free Software licences are respected in further distribution of the procured products by public authorities. So far, "traditional" public procurement procedure required the ownership of "respective IPRs" by public authorities when bearing the risk of development. This practice has been criticised for hampering the innovative solutions as this "approach does not allow the supplier to re-use the developed products/services to other (potential) clients" [1]. In order to support innovation and ensure the widest competition, EU legislation should set the condition to allow SMEs to enter public procurement procedures. This can be achieved through a clear requirement that software developed with public funds has to be published under a Open Source/Free Software licence; were it so, other public administrations, companies, and individuals could use that software for their own purposes and/or provide better services for the public administration. This, in practice, will help public authority to achieve the aim of best value for public money in public procurement procedures.

[1] DG Entreprise and Industry, "Evaluation of SMEs' access to public procurement markets in the EU", 2010, available at: http://ec.europa.eu/enterprise/policies/sme/business-environment/file/smes_access_to_public_procurement_final_report_2010_en.pdf

B2. In our view, is there sufficiently useful and publicly available national guidance for public authorities on how intellectual property rights and trade secrets should be handled in public procurement procedures?

Intellectual Property Rights - Yes, there is some guidance, but it is not useful enough

Trade secrets - Yes, there is some guidance, but it is not useful enough

[EU] Guide for procurement of standards-based ICT – Elements of Good Practice (SWD(2013)224, 2013) - Tries to reduce the lock-in problem by using standards, gives some guidance on "IPRs" and ICT procurement, mentions the issues with FRAND licences, suggests clauses that transfer all "IPRs" to the commissioners.

[EE] Tarkvaraarenduse tüüpleping - Model contract for software development [in public procurement] with the guidelines on "IPRs" clauses. All inconsistencies between different licences, including EUPL and the licences applying to proprietary software, are solved before entering into agreements, contracting authorities are advised to acquire the full control over the distribution of software, there is effort to avoid lock-in problems, but dependence on a single vendor is still allowed if it were to provide a more "efficient, rapid and favourable" solution.

[IT] Linee guida per la valutazione comparativa - When considering what software to procure, contracting authorities should take into account: i. the attention to "IPRs" compliance payed during the software development process, ii. the presence of insurance against "IPRs" breaches and iii. the presence (or absence) of judicial "IPRs" disputes (table 5.2 on the criteria for scores evaluation).

[DE] EVB-IT - standard additional clauses to be included in public procurement contracts.

[DE] Migrationsleitfaden - contracting authorities must perform deeper "IPRs" compliance analysis on the software they procure when they plan to distribute it (and when it's not widely known Free Software); contracting authorities are advised to rely on "IPRs" compliance analysis performed by the tenderer except in some specific cases.

[FR] CCAG-TIC - Standard clauses to be added in IT procurement contracts. All risk of "IPRs" infringement relies on the tenderer, sources should be provided to the contracting authority, but are kept confidential.

Information about what intellectual property rights mean

Information about how to handle intellectual property rights in public procurement procedures

Information about how to avoid acquiring intellectual property-infringing products

Specific information on the acquisition of software and related copyright issues (e.g. vendor lock-in problem)

Specific information about best practices for the pre-contractual phase (e.g. planning of the call for tenders)

Specific information about best practices for the contractual phase (e.g. contractual clauses; licencing issues)

Information on the advantages of Free Software in public procurement is missing across Europe. Free Software is software that everyone can use, distribute, study and improve. When a public authority releases a product as Free Software, other public administrations, companies, and individuals can use the software for their own purposes and provide better services for the public administration. Furthermore, more people can check the software for possible copyright infringements and help fixing them. As most as possible, widely used Free Software should be chosen since more people had the chance to check the software for possible violation of third parties copyright. The use of Free Software in public procurement should be encouraged as this is the way to achieve the biggest transparency and interoperability in public sector, and the widest competition in public procurement.

C1. In your view, of what importance is the respect of intellectual property rights in the context of public procurement procedures for the following: (Low/Medium/High importance/No opinion)

Research and development, generally - Medium

Exploitation of innovation, i.e. turning an invention into a marketable product - Medium

Technology transfer - No opinion

Innovative and competitive performance of SMEs - Medium

Innovative and competitive performance of large companies which operate internationally - Medium

The development of a deeper and fairer internal market with a strengthened industrial base within the EU - Medium

Growth and jobs in the EU economy in general - No opinion

Quality, safety and effectiveness of the procured product - Medium

C2. In your view, is the infringement of intellectual property rights in the context of public procurement procedures a problem? (between 1 and 3 choices)

Only a problem in relation to specific intellectual property rights (please specify) Not an important problem, the real problem lies in the supply of products that do not meet technical standards or the requirements in the technical specifications

Copyright and related rights

Yes (please specify)

There is evidence of proprietary software violating Open Source/Free Software licences in various states, including in Member States (e.g. Germany: Welte v D-Link (2006), France: Free/Iliad case (2007)). Software in Europe is explicitly covered by copyright and copyright of software developers has to be respected, irrespective of the licence type they selected to govern the right to use such software. Companies infringing Open Source/Free Software licences hide the source code, or ignore other licence requirements, and thereby violate the copyright of Free Software developers. This way the infringing companies neglect the public administration rights they would receive through the Open Source/Free Software licences: the public administration cannot use, distribute, study and improve the software in the way it would have been possible if those companies complied with the licences. The source code of Free Software has to be published and provided to the users in accordance with the Open Source/Free Software licence terms. One documented example from the US: Several US government agencies have procured counterfeit Cisco routers [1], however Cisco themselves have violated copyright by selling routers with software covered by the GPL and LGPL licences without providing complete and corresponding source code or an offer for source code in the case before NY District Court [2].

Hence, contracting authorities have to make sure in the process of public procurement that all Open Source/Free Software licences are respected in order to avoid copyright infringements. On the other hand, it is impossible to achieve the full compliance of software with patents in any way. As highlighted before, neither tenderers nor contracting authorities are able to fully check for the violations of software patents in public procurement procedure. On the single example of mobile phones and according to the estimations made by the patent firm RMX [1], there are 250 000 active patents that smartphone manufacturers should check for every device made. According to another study [2], software patents are written in a so vague and broad way that it is impossible to index them. If contracting authorities had to check the compliance of their products with every existing patent, it would be impossible for them to procure a such common device like a mobile phone. Thus, contracting authorities should not strictly follow the requirement of software to be compliant with patents in public procurement.The respect of technical standards in public procurement has to be ensured as well. When a public administration starts using a product that is not compliant with such specifications three kind of problems arise: 1. unreliable integration with the existing infrastructure 2. lock-in with the new vendor 3. need for the citizens who have to interact with the administration to get products from the contracting party. The first issue causes waste and inefficiency in the public administrations, while the second and third one hinder competition and help maintaining de facto monopolies. The best course of action to avoid this kind of issues is for public administrations to require compliance with Open Standards, since they are widely supported and they allow anyone to develop compliant products without limitations (a feature that allows new players to enter the market at a lower cost, thus further enhancing competition).

[1] http://www.zdnet.com/article/fbi-counterfeit-cisco-routers-risk-it-subversion/

[2] FSF v Cisco Systems (2008)

[3] http://google.brand.edgar-online.com/EFX_dll/EDGARpro.dll?FetchFilingHtmlSection1?SectionID=7667485-249020-298342&SessionID=KBRPFWfPE63E1l7

[4] http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2016968

C3. In your view, could the infringement of intellectual property rights entail any of the following consequences? (Yes/No/No opinion)

Wasted public resources (expenditure on the wrong products, time lost by the contracting authority that will need to carry out a new tender procedure) - Yes

Risk of legal challenges by the holders of intellectual property rights - Yes

Failed equipment and systems that do not work or result in a less-than-optimal performance - Yes

Security related problems - Yes

Health and safety related problems - No opinion

C4. In your view, of what importance is the respect of trade secrets in the context of public procurement procedures for the following: (Low/Medium/High importance/No opinion)

Research and development, generally - low

Exploitation of innovation, i.e. turning an invention into a marketable product - low

Technology transfer - low

Innovative and competitive performance of large companies which operate internationally - low

The development of a deeper and fairer internal market with a strengthened industrial base within the EU - low

Growth and jobs in the EU economy in general - No opinion

Quality, safety and effectiveness of the procured product - low

C5. In your view, is the misuse of trade secrets in the context of public procurement procedures a problem?

A big problem

Yes (please specify)

Trade secrets can be misused and abused in various ways, but what matters most is that they prevent contracting authorities to fulfill their requirement of transparency. In matter of software, a lack of transparency also entails great security risks: being able to hide your code and enforce (to a certain degree) this secrecy allows negligent or culpable developers to voluntarily or involuntarily insert backdoors into the source code. That can undermine the security and safety of the procured product. A concrete example of this can be found in the Borland Interbase case: after Borland decided in 2001 to publish the source code of Interbase (a widely-spread database software), it was discovered, by the Free Software developers, that some of Borland’s developers in 1994 “involuntarily” forgot a backdoor which allowed access to all databases managed with Interbase. Borland recognised at the time that this incident created a huge security threat. If Interbase's source code had not been published, the backdoor might never have been discovered. This demonstrate that Free Software has great security advantages, but, at the same time, that trade secrets make third party audits very difficult, and thereby tending towards less secure software. Since it is in the public interest that public procurement manages to reach the best value for money, software products involving trade secrets should be avoided whenever possible.

C6. In your view, could the misuse of trade secrets rights entail any of the following consequences? (Yes/No/No opinion)

Wasted public resources (expenditure on the wrong products, time lost by the contracting authority that will need to carry out a new tender procedure) - Yes

Risk of legal challenges by the holders of trade secrets - Yes

Failed equipment and systems that do not work or result in a less-than-optimal performance - Yes

Security related problems - Yes

Health and safety related problems - Yes

Other (please specify): - Yes

Trade secrets can be used to greatly hinder compatibility with products from third party vendors and result in a vendor-lock in situation.

Trade secrets can be used to hinder maintaining and repairing products, especially older or discontinued ones.

C7. In your view, is there any economic sector which is more vulnerable to infringements of intellectual property rights or misuse of trade secrets in the context of public procurement procedures?

Electrical, electronic and computer equipment

Telecommunications and Computer programming, consultancy and related activities

C8. In your view, is there any product which would be more vulnerable to infringements of intellectual property rights in the context of public procurement procedures?

Electrical equipment

Electronic equipment (other than computers)

Computers

Software

C9. Do you consider that infringements of intellectual property rights or the misuse of trade secrets affect more public procurement procedures than comparable private-to-private procurement processes?

Yes (but only as regards misuse of trade secrets)

C10. Can you identify any specific preventive measure or best practice, either mandated by legislation or promoted by specific guidance that could help prevent bidders' supply chains from being infiltrated by intellectual property-infringing products?

The prerequisite to compliance in the software field is the full knowledge of the workings of the product. This can be most easily achieved by the use of Free Software, since the ability to review the source code allows everybody to compare it to other products and, eventually, spot infringements. This cannot happen when the source code is not published, as the competitors are usually not allowed to check the product code for possible copyright infringements, which will then pass unnoticed for a long time. Moreover, Open Source/Free Software licensing provides a clear framework for the user's right, thus allowing a better and deeper control of the supply chain (as any supplier usually gets the same amount of rights as the previous one). Some legislation and guidelines in Europe already include a certain degree of favour toward Free Software in public procurement [1]: we think that this practice should be strongly encouraged. Some other guidance take a softer approach, requiring the successful tenderer to provide the contracting authority with the source code for their products (which remains confidential). This practice will help to a certain degree, since it allows the contracting authority to compare the code they are given with the code available as Free Software and thus eventually spot infringement cases. Since the code is available only to the contracting authority, however, there won't be a chance for third-parties to verify compliance, and there will be lesser benefits for the supply chain. Thus, we consider this a sub-optimal practice, that should be employed only when the Free Software option is not available.

[1] For example in Sweden: https://joinup.ec.europa.eu/community/osor/news/sweden-boost-open-source-through-procurement ; France: https://www.april.org/en/first-time-france-parliament-votes-legislation-gives-priority-free-software ; Italy: http://fsfe.org/news/2014/news-20140116-01.en.html .

D22. Have you ever experienced any of the following preventive measures in relation to the respect of intellectual property rights in the context of public procurement procedures in the past 5 years? (between 1 and 3 choices)

I carried out specific cooperation actions with public authorities with the aim of avoiding the infringement of intellectual property rights in public procurement procedures (please specify)

I carried out specific cooperation actions with other private sector actors with the aim of avoiding the infringement of intellectual property rights in public procurement procedures (please specify)

We contributed to "Fair public IT procurements" [1], an initiative to advance fair public procurements in Finland, to the UK Open Standards Proposal of 2014 [2], and we participated in the workgroup on the drafting of Article 68 of the Italian Code for the digital administration [3]. Moreover we set up a working group to discuss compliance issues in the supply chain that grew to include various worldwide industry players and finally led to better Free Software licence compliance.

[1] https://fsfe.org/news/2012/news-20120619-01.en.html

[2] https://fsfe.org/activities/os/2014-02-uk-consultation-os.en.html

[3] http://piana.eu/it/68cad http://www.ifosslr.org/ifosslr/article/view/38/66

E4. In your view, can infringements of intellectual property rights or misuse of trade secrets in the context of public procurement procedures in the medical sector cause serious damage to the safety of patients?

Yes (please explain)

Two different sides have to be considered. On one side "IPRs" infringement could, depending on national implementation and interpretation of the Directive 2004/48/EC "Enforcement", result in the seizure of products in use in medical facilities, even against the end-user. For example, an hospital using a specific software could be sued for patent violation and consequently be forbidden to use the infringing software. This, in turn, can render the operation of health institutions harder or impossible, ultimately resulting in harm for the patients. On the other side, proper enforcement makes it harder to study and check for defects the procured products.The software included in some newer implants, for example, is accessible wirelessly to allow easier tune up and settings. While this is a great feature, a bug or a backdoor in such a software could be exploited to cause great harm to the patient, so it is of the outmost importance that the code is properly audited and published to reach the highest possible degree of security. In this respect, some breaches of "IPRs" should be allowed and will finally result in benefits for the safety of patients.

E6. Are you aware of any specific guidance or measure voluntarily applied by the private sector on avoiding the infringement of intellectual property rights or the misuse of trade secrets in the medical sector?

Yes

Open Source/Free Software licensing allows different actors on the market and in the professional fields to compete and cooperate at the same time. Correct licensing provides for a clearer understanding of all the rights and freedoms involved, which, in turn, should result in lesser infringements.

E7. Have you ever been part/are you aware of training or some form of specific education initiatives within your organization on efficient preventive actions against commercial scale intellectual property-infringing activities?

Yes

Our Legal Network set up a "special interest group" on compliance and supply chain. The group discussed and developed some best practices on supply chain management with regards to Free Software projects.

F1. How useful do you think that preparing an EU guide for public authorities on how to respect intellectual property rights and trade secrets in public procurement procedures would be?

Very useful

An EU guide would contribute to bring more clarity and legal certainty on the applicable EU rules

An EU guide would help public authorities to comply with the rules

An EU guide would help public authorities to avoid the infiltration of intellectual property-infringing products

An EU guide would incentivise companies to better monitor and control their own supply chains to avoid the infiltration of intellectual property-infringing products

F2. Do you think that the Commission should prepare an EU Guide for public authorities on how to respect intellectual property rights and trade secrets in public procurement procedures?

Yes

It should include specific guidance adapted to different parts of the procurement phase

It should include model contractual clauses

It should include best practice examples

It should take account of existing European or international standards on procurement and/or integrity of supply chains

F3. If an EU Guide for public authorities on how to respect intellectual property rights and trade secrets in public procurement procedures is prepared, would you be interested in providing comments to a preliminary draft?

Yes

The full reply of FSFE to the Consultation is to be published here


Category/Activities

Activities/Free_Software_in_public_procurement (last edited 2017-04-01 12:51:55 by sabet)