To: Senator C_______

``Open source'' is a broad term for a software licensing practice which encourages the free distribution of ``source code'' for computer programs. This source code (the implementation of the program in a human-readable language) allows users of such software to examine, modify, and redistribute the software and derivative works, although the specific licensing of open-source software varies widely. Access to the source code provides assurance to users of the software that it will remain available even if the original authors lose interest or go out of business. Open-source advocates also claim that this approach fosters more reliable software by encouraging a collaborative development model.

Although open source has roots in the academic community, it has found wide acceptance in the technology industry through such products as Linux and Apache. IBM spends more than one billion dollars annually on open-source, and has contributed substantially to Linux, an open-source operating system ranked #2 behind Microsoft Windows in business market share. Oracle has made its industry-leading database software available on Linux as well. Apple Computer has released portions of its operating system as open-source. Apache, an open-source web server, holds a better than 50% market share among web sites according to the Netcraft survey.

The Consumer Broadband and Digital Television Promotion Act (S. 2048) proposes regulation fundamentally opposed to both the spirit and practice of open-source software. Due to the Act's broad applicability to ``any hardware or software that reproduces copyrighted works in digital form'', many existing and future open-source operating systems, applications, and utilities would be regulated as ``digital media devices''. This restriction includes not just media players but potentially such diverse software as backup utilities, web servers, text editors, and games. The act requires that the security system standards it mandates be ``based on open source code,'' if practicable. This requirement would have little effect in overcoming the obstacles facing open-source developers in complying with the law, such as licensing incompatibility, patent issues, and complexity of implementation.

Many, if not all, of the technologies proposed for ``digital rights management'' (DRM) are patented. This poses a substantial obstacle to their incorporation in open-source software, since it will be difficult for open-source projects to arrive at licensing agreements with the patent holders. Traditional arrangements such as cross-licensing patent portfolios or per-unit royalties are not available to open source developers. Further, the effectiveness of some DRM technologies is directly related to their secrecy; for example, a ``digital watermark'' which prevents copying can easily be obscured if the watermark technology is well understood. Open source by its very nature cannot keep such secrets and thus cannot license such technologies, no matter what the cost.

The complexity and strict requirements of effective DRM techologies is also a barrier to open source development. Groups producing software movie players and editing tools will have both the motivation and ability to incorporate DRM if the licensing issues can be resolved. But software less directly related to audio and video would also be required to conform to these technologies, as Computer Professionals for Social Responsibility and the Association for Computing Machinery's Public Policy Comittee have pointed out. Existing open-source software, although excepted from the requirements of CBDPTA, would not remain immune if future versions were released. Instead of small changes to fix new bugs or add new features, a complete overhaul to add the new technology would be required. This large effort could mean that security problems and bugs could go unfixed for long periods of time, with negative consequences to consumer privacy and business productivity.

Even open source software incorporating content protection mechanisms would be negatively affected. Users who would ordinarily contribute changes to the source code could not do so if the changes were to the DRM technologies themselves--- even if the modification was an improvement which increased the security or reliability of the system. Open source projects would proceed more slowly and less openly to avoid subjecting their authors to liability should a released version of the software contain flaws in its implementation of the security technologies. Meanwhile, non-U.S. programmers will still be free to develop tools and ``patches'' to this software which will disable content protection technology.

The federal government and the state of Colorado have a substantial interest in the continued availability of open-source software. Much of the success of the Internet has been made possible through the use of open-source software as its infrastructure, such as the Apache web server and the BIND name server (a sort of ``telephone directory'' for the Internet). Internet innovators such as Amazon and Yahoo have made use of open-source operating systems and server software for their businesses. Open-source software has often proved more reliable and trustworthy than its closed-source counterparts, a fact dramatized by the immense damage to productivity done by so-called ``Internet worms'' which in reality have attacked only Microsoft software.

Further, the continued existence and growth of open-source software provides a balance to monopoly that does not require government intervention. Open source provides consumers and businesses with tools that are not tied to a particular company's fate nor subject to a particular company's direction. Companies such as IBM and Sun have realized the potential for open source to allow them to concentrate on their core businesses and to promote new technologies. Colorado technology companies such as Lockheed Martin, Peak to Peak Internet, Evoke, and Freshwater Software use or support Linux due to its low cost and flexibility.

Open source provides an incalculable benefit to educators and researchers, who can examine and experiment with real-world systems. Open source eliminates the need for licensing agreements to access proprietary software's source code, and is unencumbered by contract terms restricting benchmarking or reverse engineering. A student cannot be expected to make every program conform to a government-mandated security system--- yet these student projects are often what form the basis of innovation for future technologies and products.