| At the very least....all software written by the govt should have the following released: 1) what problem it is trying to solve 2) how it was developed (a git log would probably do) 3) how testing is ensured (code quality) 4) security (if my personal data is hosted by teh govt, I would feel a lot safer to know how it was secured - and BS like "it's encrypted with 256 bit encryption" does not help as does not tell us how it's implemented and policies around it's implementation). And results of the pen tests (along with what was done to improve it must be published) 5) after certain years, it would have to be open sourced (if stuff like National security is an issue, it could be pushed ahead but at one point, it would be considered legacy and retired - which is abandonware - which has to be published) 6) how much was spent on the product (not just govt employee salaries, but how much it cost to host it, test it, etc.) 7) all of the above should be easily accessible. 8) if open sourced, policies on how the public can help/contribute. It will help guide a lot of policies, bring more accountability and also help push software development. |