The Center for Strategic and International Studies released their sixth update to their CSIS Open Source Policy Study last year, and given their track record we should expect to see a new report later this year. The report now cites 275 Open Source policy initiatives, with 70% now reaching "completed" status. What is become clear to me is the extent to which open source development, deployment, and maintenance practices are becoming the templates for government best practices for managing information technology and transformation.
The CSIS study categorizes policies as R&D, Advisory, Preference, and Mandatory, and most policies (more than 90%) fit into the first three categories, although Mandatory policies have quadrupled from 2005 through 2008 (from 1.3% to 5.5%). The very first policy they cite is from Argentina, and it reads like a page from the OSI's website: the National Information Technology Office & National Information Office, which coordinate IT policy and implementation, announced that they [will] promote Linux in all applications in public administration. The rationale for this decision is lower costs, creating local employment, and security.. [emphasis mine]
But unlike many policies that are drafted by powerful lobbyists, I can assure you that this policy, written in June 2004, was never lobbied by anybody at the OSI. The government came to this conclusion the old-fashioned way-through observation and real-world experience. The growth of open source policies among local, state, national, and transnational bodies like the European Union, and the fact that the OSI has virtually no lobbying capacity whatsoever, should be considered a major victory of public interest over private interference.
As we all wait to see what happens tomorrow (with the expected activation of the Conflicker worm by parties unknown and for purposes unknown), we might do well to consider: would Conflicker even be news if more governments were further down the road in terms of implementing policies that are already now on the books?
In the mean time, I recommend reading the CSIS report, reading the references about your various government's policies (I live under four such governments: the Town of Chapel Hill, the County of Orange, the State of North Carolina, and the US Federal Government) and sending your suggestions to your local officials and/or corrections to CSIS. I can tell you that from my own experience, any well-researched document with lots of web-based links is going to contain more than a few dead links as time goes by. The link I referenced about the Argentine OSS policy was well enough described that I could find it via a manual search, but the URL provided in the CSIS study has become dead. I'm sure there are many more that need to be currated for the next report. Your help and diligence will ensure a better report in 2009, both in terms of reference quality, factual completeness, and hopefully, in showing yet more growth of open source as the centerpiece of sound government and governance policies.