standards in the digital single market: setting priorities...
TRANSCRIPT
1
Case Id: b91f47c9-97a0-4ae4-8228-28832da8b206Date: 28/12/2015 16:56:42
Standards in the Digital Single Market: setting prioritiesand ensuring delivery
Fields marked with * are mandatory.
General information on respondents
*Do you wish your contribution to be published?Please indicate clearly if you do not wish your contribution to be published.
YESNO
Submissions that are sent anonymously will neither be published nor taken into account.
The Commission may contact you in case a clarification regarding your submission is needed. Ifyou do not wish to be contacted, please state this clearly in your reply.
I wish to be contacted:YESNO
* I'm responding as:
An individual in my personal capacityThe representative of an organisation/company/institution
*What is your name?
Polina
*What is your surname?
Malaja
*
*
*
*
2
*Please enter your email address:
Please enter your telephone number:
*Please enter the name of your institution/organisation/business:
Free Software Foundation Europe e.V
* Is your organisation registered in the Transparency Register of the European Commission andthe European Parliament?
YesNo
*Please indicate your organisation's registration number in the Transparency Register.
33882407107-76
*Please enter the address of your organisation:
Schönhauser Allee 6/7
10119 Berlin
Germany
*My institution/organisation/business operates in:
EU
*What is the primary place of establishment of the entity you represent?
Germany
*Please indicate your main field of business activity and the field of activity related to theconsultation's topic (if not identical to the overall business activity).
Free Software
*
*
*
*
*
*
*
*
3
*Please select the description that applies to your organisation.
Other Stakeholders Association (e.g. Users, Consumers...)
Is your organisation active in ICT standardisation?YesNo
Questions
II.1 Questions on general framework and problem statement
It is of particular interest to understand if the standards currently under development effectivelymatch interoperability and successfully creating a Digital Single Market. In addition, it isespecially interesting to identify those actions in standards development that could act as asolution for wider industry and public needs, not limited to the specific technologies that havebeen standardized.
Please indicate whether you agree to the following statements and explain your answerbriefly.
Q1.1 - Do you share the Commission's analysis in Part 2 of?this document
YESPARTLYNONO OPINION
*
4
*Please explain:
Free Software Foundation Europe (FSFE) agrees with the Commission that
standards priorities should be set up in order to bring the EU to
digital single market in accordance with the Commission's Digital Single
Market Strategy adopted on 6 May 2015 (COM(2015)195), and that
standardisation has to reflect European interests. However, it should be
acknowledged that digital market is a global market. Hence, Europe needs
to be the part of the global picture, as ICT standards by its nature are
international. In addition, it should be noted that Europe is not a
principal ICT standard-setting region, despite the fact that "European
experts are actively participating in international standard
organisations" (such as ITU, ISO, IEC). Therefore, Europe needs an
approach that is both effective in implementation and global, in order
to ensure its competitiveness on the digital market. The best way to
achieve both aims is to ensure that Europe implements standards that are
open, minimalistic and implementable with Free Software, as these
standards have proved to be sustainable. At the same time, European
"push" in standardisation should not result in more standards with
overcomplicated specifications. Hence, European standardisation has to
be aimed at implementing existing global standards that in the end will
benefit the majority of stakeholders, and encourage competition on both
European and global level.
Q1.2 - ICT is assuming a greater role in sectors of the economy which were not previouslysignificant users of ICT. How do you see for the economy, in particularthe role of ICT standardsbeyond the ICT sector?
Very ImportantImportantModest importanceNot importantNo opinion
*
5
*Your comment, indicating a specific sector:
The purpose of standardisation is to deliberately limit changes to
technological basis. These limits are introduced in order to allow
subsequent innovation by everyone that has access to the standard and
not just the party that controls the technological basis. As a
consequence, standards limit the ability to innovate by a single party
in order to allow innovation on the basis of that standard by multiple
parties. However, standardisation can only fulfil its purpose when
standards are actually implemented and wide-spread across industries. In
order to ensure the widest adoption and implementation of standards,
especially beyond the ICT sector, it is important for standards to be
understandable and easily implementable. This will contribute to the
cross-sector digitisation of industries that in result will lead to more
innovation, and a wider variety of services in the market. Open
Standards allow such innovation by all parties with no leverage for the
initial developer of the platform to limit such innovation or the
competition it represents.
Interoperability and portability of data will also contribute to the
improvement of digital skills amongst population. Digital Single Market
cannot exist without digital literacy. Interoperable standards
implementable with Free Software, that are easily adoptable, will
contribute to that goal because they will facilitate the proliferation
of technology, by granting everyone freedoms to use that technology,
study how it works, share it with others without any restrictions, and
improve it according to their needs.
Q1.3 - Do you agree that setting priorities for ICT standards at EU level, accompanied by cleartime-tables, could help standard-setting organisations in better organising their work andsupport the Digital Single Market?
YESPARTLYNONO OPINION
*
6
*Please explain why:
In order to pursue the goals set in the Digital Single Market Strategy,
Europe does not need to reinvent the wheel, and instead of trying to
standardise from the scratch by developing new standards, Europe should
focus on implementing existing global standards that are open,
minimalistic and implementable with Free Software.
Open Standards [^1] that are implementable with Free Software will
empower European industries to compete on the global market. Open
Standards have already proven themselves: besides the obvious example of
the Internet, it is worth mentioning that several of the biggest and
most successful IT players, who have built their software model on
either Free Software or proprietary equivalent, are based on Open
Standards.
It is important to implement Open Standards that are minimalistic[^2]
because this will enable the majority of European IT actors, that are
small- and medium-sized enterprises (SMEs), to adapt them, and most
importantly, to understand them. Overcomplicated and lengthy standards
will take extra time and resources to be efficiently implemented and
understandable for European SMEs, the majority of which do not have such
capacity to fully follow the complex specification of a standard. It is
noteworthy that SMEs are largely misrepresented in standardisation
process in formal standard setting organisations (SSOs) that are
dominated by large scale actors. Simply trying to implement standards
originally developed for dominant actors will create extra burdens to
the digitisation of European industries and prevent new actors from
entering the market because companies are burdened by costly
specifications or the need to invest in new infrastructure.
Therefore, in order to digitalise industries cost efficiently, while at
the same time ensuring the competitiveness and independence of European
companies in accordance to the goals set in the Digital Single Market
Strategy, the implemented standards have to be both open, minimalistic
and implementable with Free Software.
[^1]: https://fsfe.org/activities/os/
[^2]: Bernhard Reiter, "The minimal principle: because being an open
standard is not enough",
https://fsfe.org/activities/os/minimalisticstandards.en.html
Q1.4. - What other steps should be considered to ensure that any such prioritisation wouldenjoy broad support of key stakeholders?
In order to achieve the widest adoption of standards, it is crucial to
ensure that no unnecessary obstacles to their effective implementation
are in place. One of such unnecessary obstacles are standard-essential
*
7
patents (SEPs) that have been called "an important element of the
business model in terms of monetising investment in research and
innovation" in the Commission's Digital Single Market Strategy. While it
may be an option for some industries (i.e. telecommunications), it is
not the case for such areas such as software, internet and web
standards. It is important to acknowledge that one uniform
cross-sectoral approach towards patents in standardisation is not the
answer and can cause more harm if applied without taking into account
differences and inherent dynamics between sectors.
It is worthwhile to mention that several standard setting and developing
organisations in the field of software, internet and web standards (e.g.
W3C, IETF, UK BSI, OASIS) base their standards policies on royalty- and
restriction-free standards that do not include any proprietary rights.
This policy has no doubt contributed to the fact why internet has become
such an important and widely spread environment that has lead to the
spur of innovative products and services on the market. It is also
important to understand that technical standards in the field of
software are developed retrospectively, and as such do not contain any
innovative breakthroughs per se, by simply following the technology.
Consequently, the whole purpose of standardisation is to facilitate the
adoption of technology, instead of encumbering it.
Furthermore, ICT market is increasingly being dominated by web-services
and web-enabled devices, which permit web applications to replace the
functionality of client-side stand-alone software. Hence it is critical
to respond to the existing practice of standardisation in web and
software field in an adequate manner, that is follow the standardisation
examples of these industries that have shaped them and allowed them to
thrive.
Some of the problems caused by SEPs include a high possibility of vendor
lock-in and anti-competitive behaviour, as SEPs can confer significant
market power on their holders. Licensing under 'fair, reasonable and
non-discriminatory' (FRAND) terms, but including a royalty-payment
requirement, is often presented as a way to balance the interests of the
market with those of patent owners. However royalty- and
restriction-based FRAND serve only the interests of a handful of the
biggest companies - most often based outside of Europe - providing no
benefits to the local European actors, the majority of which are SMEs.
Furthermore, royalty-based FRAND licensing has been shown to be
detrimental and incompatible with Free Software.[^1] This is a major
obstacle for achieving the widest competition of goods and services on
the digital market, as Free Software actors should be able to compete on
the same conditions as their proprietary counterparts.
[^1]:
https://fsfe.org/activities/os/why-frand-is-bad-for-free-software.en.htm
l
8
Q1.5 - What would be the most effective instrument at EU level to ensure that any suchprioritisation is taken up by relevant standard-setting organisations? (please select and rank upto 3 instruments)
1 2 3
A Commission Communication
A Commission Recommendation
Standardization requests issued to EU standard-setting organisations andincluded in the Annual Union Work Programme for Europeanstandardisation
Regulation
Priorities stated in the Rolling Plan for ICT Standardisation
No opinion
None of them
Your comment:
Europe should learn from the best practices and ensure that the Member
States and companies understand the benefits of standardisation. While
it is feasible to set guidelines, it is necessary to let market shape
its needs. At the same time, EU is in position to raze barriers before
competition with its policies. Hence, the most effective way for the EU
to boost competition, but at the same time refraining from too much
governmental interference, is to adopt open and minimalistic standards
-- implementable with Free Software -- through procurement, research and
education. These measures might be followed by soft law instruments such
as a Commission recommendation, or the priorities stated in the Rolling
Plan for ICT Standardisation. However, the development of these
political guidances should be lead by example and should take into
consideration the differences between ICT and other standardised
sectors.
Q1.6 - What would be the impact of a priority ICT standards plan defined at the level of the EUon Europe's effort ?to pursue leadership in global standard-setting
POSITIVENEUTRALNEGATIVENO OPINION
9
*Please explain:
Leadership should not entail the development of new standards but
instead can be achieved by prioritising existing standards that are
open, minimalistic and implementable with Free Software. Even if such
standards need to be developed in the respective new fields, these
standards should pursue abovementioned characteristics as this will
ensure their wide-spread adoption.
In order for Europe to become globally competitive, Europe should be the
part of global standards and not lock itself regionally. The obvious
example of such "no border" standardised platform is internet itself
which is based on non-propretary, non-regulatory, transparent and open
standards. This point is crucial: the way internet functions today has
lead to the creation of services, products and business models
unimaginable in analogue world. Furthermore, the strong endorsement of
aforementioned standards reflects the fact that software, the internet
and the web are widely distributed and constantly evolving.
Q1.7 - What would be the impact of a priority ICT standards plan defined at the level of the EUon the ability of European companies ?to capture new global market opportunities
POSITIVENEUTRALNEGATIVENO OPINION
*
10
*Please explain:
Positive outcome for European companies to capture new global market
opportunities can be only achieved if the market is open for companies
of different size. It is important to bear in mind that the majority of
European stakeholders are SMEs. Hence it is vitally important to ensure
that the market opportunities are open for SMEs who can easily adapt to
the new opportunities. Standardisation can both hamper and encourage
such participation, hence European approach needs to be careful in this
regard. Developing more standards will not necessarily bring any relief
to the goal of interoperability per se, instead, standards need to be
adaptable and implemented as easily as possible. This will ensure their
adoption on the market, at the same time securing the support for the
widest variety of companies that in return will provide the widest
competition.
According to the EU competition rules (e.g. Article 101 of the TFEU,
also see C-8/08, T-Mobile Netherlands BV and Others, [2009] ECJ)
European policies should be aimed at protecting competition as such,
so-called 'fifth freedom' in the EU. SMEs and consumers are the voices
that are the least present in the standardisation processes, hence to
benefit these groups is to contribute to the competition.
*
11
Q1.8 - Besides establishing a priority ICT standards plan, what other measures could theCommission (or other EU institutions) take to ensure that standardisation plays its role inachieving a Digital Single Market?
There is a need for governmental and EU-level policies promoting Free
Software through public procurement in order to realise the efficiencies
of Free Software to the Digital Single Market. Due to its nature, the
danger of anti-competitive behaviour and the vendor lock-in is
eliminated in promoting Free Software as the innovative technology is
available to everyone to use and improve, leading to the existence of
various service providers based on the same technology. This is exactly
the goal that the standardisation is aimed to achieve.
In particular, there is a need for a clear requirement of publicly
financed software to be published under Free Software licences, that
will allow Free Software to act as a reference implementation. Instead
of developing lenghty specifications to the standard and expecting
stakeholders to find their ways to implement it, it is more efficient to
publish the source code and let everyone to copy and reshape the
technology according to their specific needs. This is particularly
important because for most software standards the formal specification
is insufficient, and the actual standard is defined both through the
written specification and actual implementations. For the implementer
the reference implementation is more valuable because it allows her to
avoid the extended phase of trial-and-error in order to resolve
specification ambiguities. Consequently for software solutions the need
for a reference implementation to implement the standard can be
fulfilled by publishing it under a Free Software licence. Reference
implementation published under Free Software licence may act as a the
formal specification without the institutional standard setting process
and can be reproduced by any potential vendor of the technology.
Therefore, allowing technology to be implemented directly will abstain
from duplicating standards in order for technology to be applied. Hence,
reference implementation under a Free Software licence will avoid
unnecessary duplications, while at the same encourage competition.
Q1.9 - How should standard-setting organisations best respond to the increasing speed oftechnological development and the integration of technologies in business processes across allindustrial sectors?
12
A - Regarding the adaptation of existing standards tonew developments:
Software and web services are the sectors to develop at the fact pace.
Traditional standardisation processes, especially in the formal SSOs,
cannot keep up with the more and more diversifying ICT sectors with the
approach that used to work for other industries, such as
telecommunications. This is especially evident with SEPs and their FRAND
licensing terms that instead of promoting innovation, are restricting
innovative potential to enter standardisation. It is a well-established
fact[^1] that royalty-based FRAND licensing is discriminatory towards
Free Software, which is undeniable competitor to the proprietary
software on the market. Therefore, FRAND cannot be encouraged or
perceived as the primary licensing solution in standardisation. As
technology is developing faster, there is no need to introduce
additional barriers through standardisation.
Another barrier that impedes with innovation are large and complex
standards' specifications. This barrier can be lift by applying
minimalistic standards, that are modular. Minimalistic modular standards
will allow to change a part of a system, i.e. if necessary to switch to
a new standard and apply innovative technology there, while keeping the
other part under the old standard. Hence, minimalistic standards will
allow a more flexible and gradual approach to new developments in the
areas with already existing standards.
It is crucial to understand that technical standards may solely help
facilitate technology, but do not contain any innovation per se. Due to
this factor a very careful policy approach is needed in order to not
achieve the opposite effect detrimental to innovation.
Since royalty free open standards implementable with Free Software are
proved to be sustainable, interoperable, easily implementable and
pro-competitive, SSOs are in need to better respond to the new
developments and inlcude the aforementioned standards into their
policies. One-size-fits all approach, especially in regard to FRAND
licensing, is harmful to the new developments and does not take into
consideration all the existing standardisation practices amongst such
ICT fields as software, internet and web.
[^1]: Iain Mitchell, Stephen Mason, "Compatibility Of The Licensing Of
Embedded Patents With Open Source Licensing Terms", IFOSLR Vol. 3, No. 1
(2011)
13
B - Regarding the introduction of new standards for new:technologies/products
When it comes to the new technologies that have not been standardised
before, it is critical to ensure the widest interoperability and avoid
vendor lock-in from the beginning, in order to mitigate the risk of
developing monopolies and oligopolies on the market. Where innovations
are at an early stage of market development, the standardisation process
should be evaluated by whether these standards are implementable and
usable. As stated above, royalty- and restriction free, open and
minimalistic standards that are implementable with Free Software are the
most adequate answer to the standardisation in software, internet and
web services.
In addition, many SSOs are in need to improve their collaboration with
Free Software communities, in order to adequately respond to the
existing realities of the market. In particular, some formal SSOs (e.g.
see Resolution GSC-13/22, by the Global Standards Collaboration) have
publicly condemned the policies mandating royalty-free licensing of
standards. This approach is short-sighted and harmful to innovation.
Q1.10 - How do you see the involvement of European ICT Standardization experts ininternational standardisation organisations (ITU, ISO, IEC) and global standard settingorganizations (i.e. IEEE, IETF, OASIS, W3C, ECMA international)?
A - The :SCOPE (or LEVEL?) of involvementIs appropriateShould be increasedShould be decreasedNo opinion
B - The :QUALITY of involvementIs appropriateShould be improvedNo opinion
II.2 Questions on priority domains for standardisation in the Digital SingleMarket
In this section, the Commission invites survey participants to express opinions and ideas onsetting priorities for ICT standardisation.
14
The Commission has identified 10 domains set out below, as well as a set of sub-domainswithin each domain. Please note that domains and subdomains are interrelated and thatoverlaps are possible and desirable in particular with respect to synergies between differentsectors. Some domains are horizontal and may benefit a large number of sectorialapplications; some other domains are more sectorial and were identified as areas where ICTstandardisation would bring important benefits.
First check whether the list of domains is complete and relevant. If the list is consideredincomplete, please complement it with additional domains that you consider priority.
Q2.1 - Please identify and rank the domains (up to 5) and subsequently subdomains (up to 3per domain) within each domain that you consider a priority. If specific domains or subdomainsare missing please add them.at most 5 answered row(s)
1 2 3 4 5
Domain 1: 5G communications
Domain 2: Cloud computing
Domain 3: Cybersecurity
Domain 4: Data driven services and applications
Domain 5: Digitisation of European Industry
Domain 6: eHealth and aging
Domain 7: Intelligent Transport Systems (ITS)
Domain 8: Internet of Things
Domain 9: Smart Cities
Domain 10: Smart and Efficient Energy Use
Others
15
Domain 2: Cloud computingat most 3 answered row(s)
1 2 3
Application portability
As a service solutions (IaaS, PaaS, SaaS)
Cloud networking infrastructures
Cloud platforms
Moving non-personal data between service providers
Service Level Agreements (SLAs)
Process Computation Integrity
Others
Domain 3: Cybersecurity
at most 3 answered row(s)
1 2 3
Cyber security design requirements
Process standard for incident reporting
Process standard for cyber risk management
Process standard for vulnerability disclosure
Technical standards for encryption
Technical standards for public key infrastructure
Technical standard for security and privacy by design
Others
Please answer to Q2.2 to Q2.6 . In your answer pleasefor each of the domains selectedspecify if applicable the subdomains that you have selected.
16
*Q2.2 - For the and the subdomains which you have selected,Domain 2: Cloud computingplease explain briefly how the criteria indicated in Box I apply to them.
:We copy the criteria for your convenience
Link to DSM objectives and other EU policies
Competitiveness of the European industry
Clear and achievable targets
Evidence of market relevance and stakeholders needs
Domains where standard setting has direct benefits for consumers
As stated above, cloud is becoming an increasing ICT sector on the
market.
This is the sector that is heavily relying on web standards that are
most likely royalty free and open. This practice needs to be promoted
and encouraged, as these standards will ensure the objectives set in the
Digital Single Market Strategy.
* Fair competition of good and services: royalty free, open and
minimalistic standards that are implementable with Free Software will
guarantee the widest competition on the market in the field of software,
as these standards will allow more players to enter the market and base
their goods and services on existing technology. This is due to the fact
that access to technology is available to all potential economic actors
on equal terms without any advantages to the right holders. This is
especially crucial for SMEs which participation in standardisation
processes is often non-present or minimal. Consequently, if priorities
need to be set, they should be in accordance with the competition rules
of the EU enshrined inter alia in the Article 101 of TFEU that is aimed
at securing the fair competition.
* High level of consumer and personal data protection: consumers benefit
from royalty free, open and minimalistic standards that are
implementable with Free Software through the fact that these standards
will allow the wider variety of goods and services to appear on the
market, and will enable the portability of consumers' personal data from
one service provider to another in the most secure and transparent way.
Other standards cannot provide such high level of interoperability,
which in return will ensure consumers' control over their personal data,
which is in line with the Data Protection Regulation and the users'
right to their data portability therein.
Consequently, it is notable that software that is exploiting the
exported data needs to be Free Software in order for consumers to be
able to re-use their data and applications in an efficient way.
*
17
Q2.3 - The Priority ICT standards plan should lead to the production of technical specifications,standards or architectures where there is a need/gap, but could also propose any other type ofstandardisation action such as landscape analysis, gap finding, roadmaps or, ecosystembuilding that could contribute to ensure that standardisation plays its role in achieving a DigitalSingle Market. Please explain if a standardisation need/gap exists in the Domain 2: Cloud
and sub-domains which you have selected.. Please also indicate within whichcomputing time-frame such need could be addressed. Please limit to a maximum of five needs/gaps perdomain or sub-domain:
Q2.4 - Among those below, which action could be a priority in the Domain 2: Cloud computingand the subdomains which you have selected? Please rank the list below and explain yourchoice.
1 2 3 4 5 6 7 8 9
• Mandating EuropeanStandardisation Organisations(ESOs) for fast delivery ofstandards/technicalspecifications.
• Foster cooperation amongstandards developmentorganisations for ICT priorities
• Support Research & Innovationprojects to contribute tostandardisation
• Community Building
• Support creation ofpublic-private partnerships - PPP
• Increase strategic coordinationof ICT standardisation at EUlevel.
• Ensure consistent application ofexisting standards
• Accelerate the identification ofICT technical specifications mostcommonly used for theirreference in public procurement
• Other
• No opinion
18
*Please explain:
In order to ensure consistent application of existing standards, the
increase of strategic coordination of ICT standardisation at the EU
level is needed. This includes industry-sensitive policies that
adequately respond to the market developments, but at the same time
eliminate the possibility of vendor lock-in and anti-competitive
behaviour. This includes stronger promotion of royalty-free, open and
minimalistic standards that are implementable with Free Software by
inter alia issuing the recommendations and updating the EU Rolling Plan
on ICT Standardisation. But most importantly, the wider adoption of
these standards is achievable when the EU bodies and institutions
implement abovementioned standards themselves, including through public
procurement.
Q2.5 - Please indicate any other standardisation initiatives which would help achieving theDigital Single Market in the and the subdomains which you haveDomain 2: Cloud computingselected, and who in the standardisation landscape would be best placed to lead on theseinitiatives:
Q2.6 - Would your organisation be prepared to invest resources in standard-setting to achievethe priority standards within the proposed time-frames?
Please answer this question only if you are responding as the representative of an
organisation/company/institution.
YESYES, provided some conditions are metNONo opinion
*Please explain your choice and specify conditions:
FSFE is not a standard setting organisation, but we are willing to
provide our assistance to the EU policy makers in the questions related
to Free Software and open standards.
*
*
19
*Q2.2 - For the and the subdomains which you have selected,Domain 3: Cybersecurityplease explain briefly how the criteria indicated in Box I apply to them.
:We copy the criteria for your convenience
Link to DSM objectives and other EU policies
Competitiveness of the European industry
Clear and achievable targets
Evidence of market relevance and stakeholders needs
Domains where standard setting has direct benefits for consumers
The main goal of cybersecurity in the context of DSM, and the
competitiveness of the European industry, is in 'trust' consumers need
to have whilst accessing and exercising online activities. This entails
the technical standard for security and privacy by design. In order for
digital economy to thrive and flourish the consumer perspective is no
less valuable than of other stakeholders. In order to effectively build
digital economy, consumers must trust the environment and service
providers, and if needed be granted with effective remedy in case that
trust is misused.
Privacy by design is an important feature to secure consumers trust in
digital environment and the standardisation efforts need to be directed
towards this goal. Hereby, it is necessary to stress that the needed
level of privacy can be achieved with the standards that are
transparent, open and global, as internet itself. However, one of the
most critical points to security is the principle of 'minimalistic'
standards. The complexity of overblown standards with many rarely used
features is the biggest threat to software security acknowledged by
experts. These standards are more likely to introduce or leave
vulnerabilities for attackers to take advantage of. Consequently, the
standards for cybersecurity need to be designed according to their
purpose and in minimalistic way.
Due to its feature of high public interest, standards in cybersecurity
need to accepted as widely and as efficient as possible. Allowing secure
solutions to act as reference implementations will contribute to their
de facto standardisation. Hence, releasing software as Free Software and
its reference implementation under Free Software licences is the most
optimal solution in cybersecurity. It is a well established fact that it
is easier to discover and fix vulnerabilities in Free Software. Free
Software licenses will also allow the reuse of reference implementations
as modules which will help to the adoption of technical standards.
*
20
Q2.3 - The Priority ICT standards plan should lead to the production of technical specifications,standards or architectures where there is a need/gap, but could also propose any other type ofstandardisation action such as landscape analysis, gap finding, roadmaps or, ecosystembuilding that could contribute to ensure that standardisation plays its role in achieving a DigitalSingle Market. Please explain if a standardisation need/gap exists in the Domain 3:
and the subdomains which you have selected. Please also indicate within which Cybersecuritytime-frame such need could be addressed. Please limit to a maximum of five needs/gaps perdomain or sub-domain:
Q2.4 - Among those below, which action could be a priority in the anDomain 3: Cybersecurityd the subdomains which you have selected? Please rank the list below and explain your choice.
1 2 3 4 5 6 7 8 9
• Mandating EuropeanStandardisation Organisations(ESOs) for fast delivery ofstandards/technicalspecifications.
• Foster cooperation amongstandards developmentorganisations for ICT priorities
• Support Research & Innovationprojects to contribute tostandardisation
• Community Building
• Support creation ofpublic-private partnerships - PPP
• Increase strategic coordinationof ICT standardisation at EUlevel.
• Ensure consistent application ofexisting standards
• Accelerate the identification ofICT technical specifications mostcommonly used for theirreference in public procurement
• Other
• No opinion
21
*Please explain:
There is a need for SSOs to address the standardisation of security and
privacy by design. Due to the fact that privacy as such is not a market
driven notion (while data in itself is) and as a product is not
considered 'sucessful', there is a need of a EU level priority in this
area. Standardisation on the EU level in the area of 'privacy by design'
has to be in line with the EU Data Protection Regulation, and such
priority can contribute to the European leadership in this area,
especially to the global consensus on privacy and data protection.
Q2.5 - Please indicate any other standardisation initiatives which would help achieving theDigital Single Market in the and the subdomains which you haveDomain 3: Cybersecurityselected, and who in the standardisation landscape would be best placed to lead on theseinitiatives:
Q2.6 - Would your organisation be prepared to invest resources in standard-setting to achievethe priority standards within the proposed time-frames?
Please answer this question only if you are responding as the representative of an
organisation/company/institution.
YESYES, provided some conditions are metNONo opinion
*Please explain your choice and specify conditions:
FSFE is not a standard setting organisation, but we are willing to
provide our assistance to the EU policy makers in the questions related
to Free Software and open standards.
II.3 Other Comments
Other comments:
*
*
22
In conclusion Europe needs global solutions that are easily
implementable and adoptable by the majority of stakeholders in order to
achieve the widest competition in the digital single market.
Standardisation can without a doubt play a significant role in achieving
these aims. However, these can only be realised if the set priorities
take into consideration the fast pace technology and the needs deriving
from the market itself. At the same time, European policy can be
designed to raze the barriers before competition and innovation.
The standardisation processes and the policies adopted by formal
standard setting organisations have been designed in pre-digital era
mainly for telecommunications sector. Digital, as we know it nowadays,
relies mainly on software, internet and web standards that are royalty-
and restriction-free and that have evolved differently than the
traditional standardisation in the formal standard setting
organisations. Therefore, it is important to maintain that practice and
encourage the cooperation between different standard setting and
developing organisations, irrespective of their "formal" status (e.g.
formal SSOs, fora and consortia, or Free Software community).
Priorities at the EU level need to be set carefully and in accordance
with the EU anti-competition law. The most efficient way to achieve the
adoption of standards by the majority of stakeholders across Member
States is through the EU taking the lead and implementing the desired
standards through public procurement: this entails the promotion of
standards that are open, minimalistic, and implementable with Free
Software, that have proven to be sustainable, interoperable,
pro-competitive and transparent.
Standards that are open, minimalistic, and implementable with Free
Software will allow different sized actors to easily adopt and implement
them that in return will guarantee the widest competition of goods and
services on the market, and the widest proliferation of technology.
Another important feature of ICT standardisation is to allow Free
Software to act as a reference implementation of the standard and to
make sure a reference implementation is published under a Free Software
licence, including all software that has been developed with public
funds to be released as Free Software. As a consequence, this practice
will contribute to digitisation of the European industries and increase
in digital skills amongst population.
Consequently, adopting standards that are open, minimalistic and
implementable with Free Software will contribute to the majority of aims
set in the Digital Single Market strategy, and will allow Europe to be
competitive on the global ICT market. The European "push" in
standardisation needs to be directed at taking most of the existing
standardisation practices in the fields of software, internet and web,
while at the same time refraining from locking itself regionally that
will hamper Europe's innovative potential. In order for European
innovation to boost, Europe needs innovative solutions in the
standardisation.
23
Background Documentsanalysis.pdf (/eusurvey/files/f2d6718c-7e07-4955-9505-c94113bbbe0f)
Contact [email protected]