I am the Director of Open Source at Indeed, and a Visiting Technologist Fellow at the National Security Institute. As the Director of Open Source at Indeed, I have led our efforts to inventory, analyze, and understand our open source dependencies – from single-file JavaScript libraries to fundamental pieces of our digital infrastructure. My team’s work has defined Indeed’s strategic approach to direct-investment in the people, projects, and foundations at the heart of open source. This work includes the FOSS Contributor Fund blueprint (https://github.com/indeedeng/FOSS-Contributor-Fund) that we shared with the community, our industry-leading work to directly sponsor individual contributors through the GitHub Sponsors program (https://github.com/orgs/indeedeng/sponsoring), our broad engagement across the open source foundation ecosystem, and our participation in various working groups. Prior to my time at Indeed, I led operations for the Open Source Program Office at PayPal, and have worked as a developer at Adobe, Autodesk, and others.
How will you contribute to the board
I hope to serve the board in two specific ways:
1 – My experience in the funding space will help me serve the board by assisting the OSI in fundraising activities.
2 – My experience working in the space of open source sustainability will help me serve the board by informing the OSI’s advocacy work.
Why you should be elected
I am a senior technologist with more than 20 years experience working in some of the industry’s biggest tech companies. For the last ten years, my work has focused entirely on helping my employers show up as mindful, intentional partners with the people, projects, and foundations that make open source work. While I have experience developing these partnerships from within my employers, I also wish to better understand how to develop strong partnerships from within the foundations that we all serve and support. By serving the board of the OSI, I will learn how to be a better partner.
2 thoughts on “Duane O’Brien”-
-
Questions for the candidates received from Luis Villa:
Your time: You have 24 hours in the day and could do many different things. Why do you want to give some of those hours to OSI? What do you expect your focus to be during those hours?
Licensing process: The organization has proposed improvements to the license-review process. What do you think of them?
Broader knowledge: What should OSI do about the tens of millions of people who regularly collaborate to build software online (often calling that activity, colloquially, open source) but don’t know what OSI is or what it does?
Regulation: New industry regulation in both the EU and US suggests government will be more involved in open source in the future. What role do you think OSI should play in these discussions? How would you, as a board member, impact that?
Solo maintainers: The median number of developers on open source projects is one, and regulation and industry standards are increasing their burden. How (if at all) should OSI address that? Is there tension between that and industry needs?
OSI initiative on AI: What did you think of the recent OSI initiative on AI? If you liked it, what topics would you suggest for similar treatment in the future? If you didn’t like it, what would you improve, or do instead?
Responsible licensing: There are now multiple initiatives around “responsible” or “ethical” licensing, particularly (but not limited to) around machine learning. What should OSI’s relationship to these movements and organizations be?
Your time: You have 24 hours in the day and could do many different things. Why do you want to give some of those hours to OSI? What do you expect your focus to be during those hours?
I firmly believe in humanity’s collective ability to come together and collaborate to solve shared problems. We’re not always good at it, but I really do believe in us. When we come together and collaborate to solve shared problems using software, we need a common language for how we decide to share our software solutions (licenses), and we need a common culture that defines how we engage with each other (advocacy). I want to give some of my time to the OSI, because when we grow our ability to collaborate effectively, we grow our ability to solve problems collectively.
When serving the OSI, I expect to focus my hours on supporting fundraising activities, and driving broad advocacy work within the industry.
Licensing process: The organization has proposed improvements to the license-review process. What do you think of them?
Broadly speaking, I’m in favor of any update that results in a clearer understanding of the process for people who want to submit prospective licenses, and that also seeks to reduce the overall burden of discussing and coming to an agreement on licenses. I didn’t monitor the working group’s multi-year discussion, and I’m not a regular reader of the lists where licenses are debated – my interest in serving the OSI falls mainly on the Advocacy side. That said – the improvements look good in principle, and I’d be interested to hear more about how the process changes would be evaluated for success. How do we know that these improvements worked, and how will we adjust them as we learn more about them in practice?
Broader knowledge: What should OSI do about the tens of millions of people who regularly collaborate to build software online (often calling that activity, colloquially, open source) but don’t know what OSI is or what it does?
I think it’s probably fine for tens of millions of people to collaborate effectively to build software using OSI-approved licenses without understanding the ins-and-outs of what the OSI is and what it does. That’s a pretty great sign of success! I’d be more interested in addressing the much smaller subset of these folks who know what the OSI is and what it does, but who don’t recognize the importance of the OSI. However, with the limited resources available to the OSI, I don’t have a specific recommendation for how I’d address the issue today.
Regulation: New industry regulation in both the EU and US suggests government will be more involved in open source in the future. What role do you think OSI should play in these discussions? How would you, as a board member, impact that?
Naming US and EU policy directors was a great start, but I’d be interested to know about OSI’s policy engagements beyond the US Federal Government and the European Union. Government institutions are some of the largest employers in the world, and bringing them into the open source community will help us craft better policy and legislation. The OSI should be prepared to send an experienced representative to participate in policy and implementation discussions when government entities are involved.
As a board member, I would use what I learned as a Technologist Fellow at the National Security Institute to help shape the board’s approach to engaging with government entities. While my experience is specific to the US Federal Government, I hope to grow my own ability to advise on global policy issues.
Solo maintainers: The median number of developers on open source projects is one, and regulation and industry standards are increasing their burden. How (if at all) should OSI address that? Is there tension between that and industry needs?
As an industry, I think we’re having the wrong conversation about solo-maintainer open source projects.
Historically, we’ve talked about solo-maintainer open source projects using terms like Bus Factor, to describe the risk inherent in having only one person holding the knowledge (and the keys) to a critical software dependency. More recently, we’ve started talking about solo-maintainer open source projects through the lens of sustainability and maintainer burnout, describing the risk inherent in having only one person trying to keep up with the demands of an ever-growing user base. But when we talk about mitigating any of these risks, we talk about adding a second maintainer to the project the same way we might talk about adding a second support beam to a sagging roof, or adding a second bus to a crowded transit line, or load-balancing a server by adding more identical servers.
We need to think less about cloning maintainers, and think more about finding effective partners for solo-maintainers. When you talk to a solo-maintainer and ask them what they need, they seldom respond with “A cloning machine” – you’re more likely to hear “a project manager” or “a product manager” or “someone with X skill set that isn’t my core competency.”
I think the OSI can most effectively address the ‘solo-maintainer’ problem by producing and promoting a guide for navigating this thought process. Helping solo-maintainers ask the community for the right kind of help is the first step toward mobilizing effective help for the projects in question.
OSI initiative on AI: What did you think of the recent OSI initiative on AI? If you liked it, what topics would you suggest for similar treatment in the future? If you didn’t like it, what would you improve, or do instead?
The Deep Dive on AI was certainly timely, and I think both the board and ED Stefano Maffulli deserve kudos for the investment. We’re clearly at an important moment for AI tools. I’ll be surprised if the existing legislative landscape around copyright and AI-generated works doesn’t evolve in the next few years. That evolution will have implications for tools like Copilot and others that many of us are only starting to understand. I’m still wrapping my head around my own thoughts, and I have some learning to do in this area.
Responsible licensing: There are now multiple initiatives around “responsible” or “ethical” licensing, particularly (but not limited to) around machine learning. What should OSI’s relationship to these movements and organizations be?
“Is this open?” and “Is this ethical?” are two very different questions, with two very different sets of implications. The OSI has centered itself on Openness as a core value. When other organizations are formed that center themselves on a different core value, then I think it makes sense to look and see if there are opportunities to collaborate to solve shared problems. But we should be clear about the OSI’s mandate, and only grow that mandate intentionally and with purpose.