Get the highlights in your inbox every week.
Setting a standard for digital public goods | Opensource.com
Setting a standard for digital public goods
Nine-indicator standard aims to promote open source software, data, AI models, standards, and content for a more equitable world.
In June 2020, the Secretary-General of the United Nations published a "Roadmap for Digital Cooperation." In this report, he expanded on recommendations made a year before, calling on all actors, including the Member States, the United Nations system, the private sector, and others, to promote digital public goods. He says to realize the benefits of increased internet connectivity, open source projects in the form of digital public goods must be at the center.
While the term "digital public good" appears as early as April 2017, this report offers the first broadly accepted definition of digital public goods:
The Digital Public Goods Alliance (DGPA) translated that definition into a nine-indicator open standard that we hope will serve as a comprehensive, shared definition to promote the discovery, development, use of, and investment in digital public goods for a more equitable world.
"Open source software, open data, open AI models, open standards, and open content that adhere to privacy and other applicable international and domestic laws, standards and best practices, and do no harm."
The DPG standard was developed from the original 51-indicator standard used by the DPGA in the preliminary review of Early Grade Reading projects and refined through contributions from many experts. The standard is itself an open source project. The core version lives on GitHub and is open to contributions, revisions, and suggestions from anyone. Proposed revisions are regularly reviewed in alignment with the standard's governance principles, and we invite anyone who uses and benefits from the standard to join our growing list of endorsers.
The Digital Public Goods Alliance envisions engaging a growing community of contributors and stakeholders around the Digital Public Goods Standard. Our ambition is to balance responsiveness to feedback with stability and predictability for the standard so that it can be a reliable framework that supports development, recognition, and advocacy for digital public goods.
Digital Public Goods Standard
Below is the DPG Standard's full list of indicators and requirements in v.1.1.2. These must be met in order for a nominated project (software, data, AI model, standard, and/or piece of content) to be considered a digital public good.
|1. Relevance to Sustainable Development Goals||All projects must indicate the Sustainable Development Goals (SDGs) that they are relevant to and provide supporting links/documentation to support this relevance.|
|2. Use of approved open source license||Projects must demonstrate the use of an approved open source license. For open source software, we only accept OSI approved licenses. For open content, we require the use of a Creative Commons license, while we encourage projects to use a license which allows for both derivatives and commercial reuse (CC-BY and CC-BY-SA), or dedicate content to the public domain (CC0); we also accept licenses which do not allow for commercial reuse (CC BY-NC and CC BY-NC-SA). For data, we require an Open Data Commons approved license. You can find the full license list here.|
|3. Documentation of ownership||Ownership of everything that the project produces must be clearly defined and documented, i.e., through copyright, trademark, or other publicly available information.|
|4. Mandatory dependencies||If the open source project has mandatory dependencies that create more restrictions than the original license, the projects must be able to demonstrate independence from the closed component and/or indicate the existence of functional, open alternatives.|
|5. Documentation||The project must have some documentation of the source code, use cases, and/or functional requirements. For content, this should indicate any relevant compatible apps, software, hardware required to access the content, and instructions about how to use it. For software projects, this should be present as technical documentation that would allow a technical person unfamiliar with the project to launch and run the software. For data projects, this should be present as documentation that describes all the fields in the set and provides context on how the data was collected and how it should be interpreted.|
|6. Mechanism for extracting data||If this project has non personally identifiable information, there must be a mechanism for extracting or importing non personally identifiable information (PII) data from the system in a non-proprietary format.|
|Note that evidence for requirements 7 through 9 can only be given by someone authorized to speak on behalf of the project. We collect title, name, and contact information to confirm this authority.|
|7. Adherence to privacy and applicable laws||The project must state that, to the best of its knowledge, it complies with relevant privacy laws and all applicable international and domestic laws.|
|8. Adherence to standards and best practices||Projects must demonstrate some adherence to standards, best practices, and/or principles, i.e., the principles for digital development.|
|9. Do no harm||All projects must demonstrate that they have taken steps to ensure that the project anticipates, prevents, and does no harm.|
|9a. Data privacy and security||Projects that collect data must identify the types of data collected and stored and demonstrate that the project ensures the privacy and security of this data and has taken steps to prevent adverse impacts resulting from its collection, storage, and distribution.|
|9b. Inappropriate and illegal content||Projects that collect, store, or distribute content must have policies identifying inappropriate and illegal content such as child sexual abuse materials and mechanisms for detecting, moderating, and removing inappropriate/illegal content.|
|9c. Protection from harassment||If the project facilitates interactions with or between users or contributors, there must be a mechanism for users and contributors to protect themselves against grief, abuse, and harassment. The project must have a mechanism to address the safety and security of underage users.|
If you know of a project that you believe meets these standards and should be considered a digital public good, please submit it. We also welcome your feedback on the standard in the comments below.