I’ve described SSL, Netscape’s protocol for exchanging encrypted data; it permits secure exchange between a browser and a server. The French were not happy with the security that SSL gave. They wanted to be able to crack SSL transactions. So they requested that Netscape modify SSL to enable their spying.

There are plenty of constraints on Netscape’s ability to modify SSL—not the least of which being that Netscape has given SSL over to the public, in the form of a public standard. But assume for a second that it had not. Assume Netscape really did control the standards for SSL and in theory could modify the code to enable French spying. Would that mean that Netscape could comply with the French demand?

No. Technically, it could comply by modifying the code of Netscape Communicator and then posting a new module that enabled hacking by a government. But just because it posts such a module does not mean it will be adopted. Since Netscape’s code is open code, users take only what they want. Although Netscape could offer a feature that the French government wants, there is no reason to believe that users would want this same feature. Another supplier would undoubtedly provide an SSL module without the alteration demanded by the French government. [THE SUBSTANCE OF WHAT'S WRITTEN HERE IS FINE AND THE EXAMPLE IS STILL APT. THE CONCERN IS THAT THE LANGUAGE SEEMS A LITTLE DATED.]

The point is simple, but its implication profound. To the extent that code is open code, the power of government is constrained. Government can demand, government can threaten, but when the target of its regulation is plastic, it cannot rely on its target remaining as it wants.

Say you are a Soviet propagandist, and you want to get people to read lots of information about Papa Stalin. So you declare that every book published in the Soviet Union must have a chapter devoted to Stalin. How likely is it that such books will actually affect what people read?

Books are open source: they hide nothing; they reveal their source—they are their source! A user or adopter of a book always has the choice to read only the chapters she wants. If it is a book on electronics, then the reader can certainly choose not to read the chapter on Stalin. There is very little the state can do to modify the reader’s power in this respect.

The same idea liberates open source code. The government’s rules are rules only to the extent that they impose restrictions that adopters would want. The government may coordinate standards (like “drive on the right”), but it certainly cannot impose standards that constrain users in ways they do not want to be constrained. This architecture, then, is an important check on the government’s regulatory power. Open code means open control—there is control, but the user is aware of it.

Closed code functions differently. With closed code, users cannot easily modify the control that the code comes packaged with. Hackers and very sophisticated programmers may be able to do so, but most users would not know which parts were required and which parts were not. Or more precisely, users would not be able to see the parts required and the parts not required because the source code does not come bundled with closed code. Closed code is the propagandist’s best strategy—not a separate chapter that the user can ignore, but a persistent and unrecognized influence that tilts the story in the direction the propagandist wants.

[THE TEXT HERE DEPLOYS "USER" TO DESCRIBE BOTH END-USERS, WHO CHOOSE NOT TO READ INSERTED CHAPTERS ON PAPA STALIN, AND DEVELOPER-USERS, WHO MODIFY OPEN SOURCE CODE TO CREATE COMPETITIVE VERSIONS OF AN APPLICATION. THE FUZZINESS OF THE USAGE IS CONFUSING. OF COURSE, MOST END-USERS WOULD NOT BE ABLE TO CIRCUMVENT GOVERNMENT REGULATION OF OPEN CODE BY EXAMINING THE CODE TO DETERMINE "WHICH PARTS WERE REQUIRED AND WHICH PARTS WERE NOT." THUS, THE POWER OF OPEN CODE TO LIMIT GOVERNMENT REGULATION DEPENDS ON A COMMUNITY OF DEVELOPER-USERS WHO CAN AND WILL SCRUTINIZE CODE, MAKE COMPETITIVE VERSIONS, AND DISTRIBUTE THESE VERSIONS TO THE PUBLIC AT LARGE. AN ANALYSIS OF THE INCENTIVES OF THIS COMMUNITY AND THE DEGREE TO WHICH THEY CAN AVOID BEING "REGULATED" BY THE GOVERNMENT WOULD BE VERY HELPFUL. -- Scott Reents]

Footnotes