Open source helps reduce technology dependency
Data centres in the territory are not enough to maintain control over one's data
It is called lock-in, and it is, according to insiders, the real knot to unravel: situations in which changing platform or supplier becomes technically or economically prohibitive, turning dependence into a permanent constraint. "It is not enough to set up data centres in one's own country to protect data, if then the application and management logics of these data come from abroad," says Pietro Pacini, director general of Csi Piemonte, a consortium of public bodies that manages an infrastructure of some 15,000 servers and an open source cloud used by over 500 public administrations.
It is precisely the Pa, with its enormous amount of sensitive data, that is the first to be affected by the risks of technological dependence. Just think of a hospital in Lombardy with data and servers physically stored there: if the software platform used is Microsoft then the algorithms, logic and systems that decide how to process that data remain under US control. 'To be truly independent,' Pacini explains, 'you have to separate the infrastructure level from the platform level, keep data and machines under your own control, and use Ai Llm's models only for processing, without transferring sensitive data or information bases externally, so as to avoid lock-in situations.
A situation that is common to many realities, and that has given the CIS the cue to draw up a Decalogue: ten concrete actions that public realities - but also universities, companies and research centres - can take to manage their technological dependency. "It is not an ideological manifesto, but good practices that the administration should implement. Ten years ago, we chose to believe in the possibilities that open source could be a viable alternative. Today, more than 80 per cent of applications and software are open source. This does not mean that open source is always good, but when it can be used, it should be used'.
The use, whenever possible, of open standards and open source software are among the good practices indicated in the decalogue, as they guarantee transparency, interoperability and the possibility of replacing suppliers (thus avoiding lock-in). "But training is also essential. The world is changing at an incredible speed, today we implement products that only last year we would not have imagined. Cybersecurity, infrastructure and data management... these are functions that should not be delegated entirely to external suppliers, precisely in order to continue to have direct control over what you govern'.
