Almost 400 organizations have signed an open letter asking Congress to protect the funding of open source projects following some recent US political turmoil.
Notable signatories include organizations like the Wikimedia Foundation, the Electronic Frontier Foundation, the Tor Project, Red Hat, Gnome, Digital Ocean, TunnelBear, the Open Source Initiative, AccessNow, Human Rights Watch, and the Organized Crime and Corruption Reporting Project (OCCRP).
More than 2,300 individuals from the open source and human rights communities have also signed the letter in their names.
The letter relates to preserving the work of the Open Technology Fund (OTF), a US non-profit that has been acting as an intermediary between the US government and open source projects.
Since 2012, the OTF has received US government funding from the US Agency for Global Media (USAGM) and has provided grants to open source projects that build tools to preserve democracy and free speech around the globe.
Through the years, the OTF has funded tools to bypass China’s firewall, bypass censorship in Iran and Syria, funded the Tor Project’s bug bounty program, and numerous encrypted email and instant messaging projects to support secure communications for residents in oppressive countries.
The Wednesday Night Massacre
However, last week, the Trump administration replaced the USAGM head and fired several high-ranking officials from non-profits sponsored by the USAGM in what sources have described as the “Wednesday night massacre.”
According to CNN, the heads of Middle East Broadcasting, Radio Free Asia, Radio Free Europe/Radio Liberty, and the Open Technology Fund were all ousted.
According to a Motherboard report, the new USAGM leadership plans to redirect funding meant for the OTF’s open source projects to a series of new closed sourced privacy tools; leaving many well-established tools without funding for the foreseeable future.
“Despite OTF’s important work, there are serious concerns that the new leadership within the USAGM will seek to dismantle OTF and re-allocate all of its US government funding to support a narrow set of anti-censorship tools without a transparent and open review process,” the open letter reads.
“Moreover, these technologies are closed-source, limiting the number of people around the world who are able to access them and making the tools less secure, thus jeopardizing the safety of users and the global public’s trust in US-supported internet freedom technologies.”
Giorgio Maone, the creator of the NoScript browser extension, and one of the organizations that signed the open letter, has told ZDNet in an interview today that the OTF has played a key role in the development of countless of projects, including his own.
“OTF has funded specific development efforts, and namely the complete [NoScript] rewrite needed for the WebExtensions architecture and the porting to Chrome/Chromium,” Maone told ZDNet.
“It is currently funding the development of a cross-browser library to support NoScript and similar privacy/security browser extensions to partially overcome Chrome’s Manifest V3 limitations.”
Keeping the OTF alive to continue its mission to support open source projects is a must. The nearly 400 signatory organizations and 2,300+ individuals are now asking Congress to:
- Require USAGM to honor existing FY2019 and FY2020 spending plans to support the Open Technology Fund;
- Require all US-Government internet freedom funds to be awarded via an open, fair, competitive, and evidence-based decision process;
- Require all internet freedom technologies supported with US-Government funds to remain fully open-source in perpetuity;
- Require regular security audits for all internet freedom technologies supported with US-Government funds; and
- Pass the Open Technology Fund Authorization Act.
Speaking with ZDNet on the promise of anonymity, fearing repercussions from the USAMG, two individuals involved in projects sponsored by the OTF in the past said they fear the Trump administration may be trying to replace proven open source privacy technologies with closed source alternatives in which encryption backdoors can be hidden much more easily.