This page has been translated using TexTra by NICT. Please note that the translation may not be completely accurate.If you find any mistranslations, we appreciate your feedback on the "Request form for improving the automatic translation ".

Expert Panel on Open Source and OSS Utilization (5th)

Overview

For an overview of this study group, please refer to Expert Panel on Open Source and Open Source Software Utilization .

Event Information

Date and Time:
Friday, January 23, 2026, from 15:00 to 17:00
Location:
Online (Microsoft Teams)
Committee members present:
Chairperson SHOJI, IMAMURA, NAKAMURA, Iwahara, SEKI, TOYAMA and SUZUKI

Agenda

  • Opening
  • Message from the Chairman
  • Agenda
    • Summary of the 4th Expert Review Meeting
    • Sharing and discussing open source issues and assumptions
    • Sharing and discussing issues and hypotheses regarding OSS utilization
    • Upcoming Schedule
  • Closing and Communication

Material

Summary of the proceedings

The Secretariat explained the review of the previous Study Group and the issues and hypotheses of the current Study Group, followed by discussion. The main opinions of the committee members were as follows.

What kind of measures should be taken to cooperate with and revitalize the external community as Digital Agency promotes open source?

  • I feel that there is a big difference between Level 1 and Level 2 described in the document. In order to ask open source to contribute, it is necessary to include the phase of "many people use it". I think it is necessary to provide something that meets the needs of the world, create enthusiastic users by being used by many people, and create a phase in which people think open source is very useful and use it.
  • In the case of inner source, the participants are government ministries and agencies, etc., but in the case of open source, the target is the entire nation, and the culture and viewpoint are different. Therefore, open source and inner source should be discussed separately. There is a contradiction in the expression "limited release" in the materials for open source issues. In addition, in the case of serious open source promotion, it is generally considered that up to level 3 is the preparation stage. If they don't use it, they can't get feedback, and membership demonstrations and marketing measures are included in the preparation.
  • The needs need to be clarified and understood before reaching Level 3. Therefore, they need to be re-organized. At Level 0, as a preparatory step, it is necessary to consider the strategy (purpose, background, expected users, etc.) for open sourcing. If there is no prospect of being used, it is meaningless to open source.
  • I think that many of the measures described in the document are necessary, but they should be considered carefully in light of the cost. We should pay for those that are clear that they should be open-sourced for widespread use. However, from the standpoint of the division in charge, when considering whether to release those that are not clear that they should be open-sourced, there is a concern that they will not be open-sourced if they are strictly required to activate the community. Essential items and non-essential items that are desirable, if any, should be discussed separately.
  • As for what is required and what is needed, it seems to depend on the type and category of open source. Development tools such as SDKs, plugins, and converters will be widely used once they are released.
  • The content of the description is not based on the idea that "it is not necessary to disclose what is not used, so it should be prepared from the beginning," but on the idea that "it should be disclosed and promoted at a higher level so that it will be used more and more widely." There is a legal check as one of the levels 0, but it is strange that there is a legal check at the beginning. I have an image that the legal check is carried out after the background, purpose, and usage of open source are verified, so it is strange that there is a legal check only at the beginning. However, there is a flow of discussion so far that the legal check is carried out in advance for what is to be disclosed, and I wonder whether we should consider levels 0 to 3 together.
  • How much time do you spend on the first legal check? It is a problem that the check takes too much time when the sense of speed is important.
  • As for the content of legal checks, there are differences in the way of committing and the depth of the commitment between open source and inner source. Therefore, it is necessary to take measures according to the importance and depth of the commitment. In addition, whether or not it is possible to convert to OSS in the contract with the supplier and whether or not there is consistency are also related to legal checks.

What measures should Digital Agency take in the internal communities of its organization to contribute to the revitalization of external communities related to OSS utilization?

  • As in the case of open-sourcing, it is important for users to use the OSS themselves. It has been observed that most of the OSS communities in Japan are "user associations." As users use the OSS, they will think "I love this tool, so let's contribute to it." Therefore, it is important for users to use the OSS.
  • Since the culture and practices of open source can only be understood by the external community, it is appropriate to use the internal community as a place to share topics, practice presentations, and share know-how of the external community. We should remove the barriers between the internal and external communities and actively participate in the external community.
  • It is important to actively participate in external events and study groups. As examples in other countries, government officials not only attend conferences but also give presentations, and the timing of material preparation and release is coordinated. External presentations should be incorporated into milestones. Education and onboarding as described in the materials are also necessary. How to interact with vendors is important, such as how to make it easy for vendors to use OSS in individual projects by accessing GitHub. It is important to establish a development system that makes delivery seamless and OSS easy to handle.
  • I think that all of the contents arranged in the document are important. It is important to convey well that contributing to the community will eventually bring benefits to ourselves in terms of OSS utilization.
  • Training and exercises are expected to take a considerable amount of time, but since resources are limited, it is necessary to consider who will be responsible for them and how much they will be produced in-house.

How should the division of roles between the OSPO and the person in charge of the PJ (PJMO) be defined in a practical manner in order to smoothly promote open sourcing and OSS utilization in Digital Agency?

  • Assuming that there is a sufficient number of human resources, the ideal role is to have people who can understand and "translate" both languages, that is, people who are interested in OSS and have motivation to go in and out of OSPO.
  • Publishing as open source, using open source, and contributing to existing open source are three aspects that are mixed together, and the division of responsibilities is difficult to understand. Therefore, it may be easier to understand if they are organized from the three perspectives of "support for simply using open source," "support for entering the community and contributing," and "support for forming a community by publishing OSS themselves." It is also important to use OSS in compliance, and it is necessary to organize them.
  • If the organizational distance between the OSPO and the person in charge of the project is too long, they are concerned that they may not be able to pick up all the consultation needs. Since Digital Agency is a unit-based system, it is possible to assign specialized human resources such as lawyers from the Policy and Legal Unit to important projects and assign human resources who will serve as bridges between the OSPO and the project. One idea is to assign human resources in charge of legal affairs from the Policy and Legal Unit to individual projects and accumulate knowledge until the OSPO is established.
  • There is nothing out of place in the content of the document regarding the role of OSPOs, but it is also necessary to create and manage a database of what is currently disclosed.
  • At present, it is necessary to manage open software, but there is an idea of whole software assets as a superordinate concept.
  • As a role related to legal compliance, it is important to have a perspective of checking so that things do not go wrong, and I think that a mechanism to check not only for support but also for monitoring is necessary at OSPO or outside OSPO.
  • If there is a support function and a check function in the same department, there is a concern that the work will become dependent on the individual. Therefore, it is desirable to create a systematic flow by assigning the support function and the check function to different departments.

What kind of skill model should be defined for the development of human resources to bring project operations in-house in Digital Agency?

  • The skills model is not as simple as the one described in the document, and needs to be broken down into some sort of role models. The OSPO should be different from the role models for project managers in that it should have experts in open source compliance, define the skills of those responsible for license clearance, and guide the role models and developers who lead the entire OSPO. The project managers described in the document are divided in terms of how they relate to external open source and are like role models for those who contribute, but project managers should consider various roles such as users (architects, etc.) and managers of the OSS they have published, as well as contributors to external OSS.
  • It is not realistic to require all skill areas for one staff member. It is also difficult to require Level 1 skills for skill areas other than his / her specialized field, and I felt that there is little need. Even for people in positions such as community managers, not all people can write issues by themselves, and there is no need to require all skills from one person. There is a pattern that OSPOs are responsible for things other than technology so that engineers can concentrate on the technical side. It depends on the nature of the OSPO in the organization, but in the government, not all skills are necessary and there may be a gradation.
  • From a cross-sectional perspective, Level 3 is considered to be lower than Level 2 in terms of OSS license / intellectual property support, and the level setting needs to be examined more closely. For Level 4, it is considered sufficient that the person in charge of OSS not only decides the license policy but also has a level at which he / she can talk with the person in charge of intellectual property and rights on an equal basis.
  • As for the level 1 OSS license / IP correspondence, if you simply use OSS, you do not need to write a license, and although there is a description of redistribution, there is a risk of confusion with open source, so it is easier to understand if the expression "when using" or "redistribution" is omitted and it is written as "basic rules such as license description can be properly executed".
  • The way in which OSS-related contract clauses are written, etc. requires specialist knowledge in particular, and the perspective of having a track record and background in OSS is also important when hiring OSPOs.

What kind of education and training should be designed to develop PJ staff (PJMO) and OSPOs who can promote open source and OSS utilization among Digital Agency's internal human resources?

  • However, since the world is moving fast, it is desirable to create a culture of learning from outside with the community as much as possible. Regarding the use of open source, necessary knowledge differs depending on the field, so it would be good to organize effective training for each field.
  • In terms of what OSPOs can provide as educational materials to PJ staff in Digital Agency, I think that OSS training is required rather than OSPOs themselves. I think that practical teaching materials used in new employee training, such as OSS-related compliance and troubleshooting, are suitable rather than training for developing OSPOs' human resources.
  • I think it would be a good idea to create educational materials by referring to the Foundation's materials and incorporating those that suit the Digital Agency.
  • We think that we can improve the level of knowledge by establishing a mechanism to quickly share the latest trends and by holding study meetings regularly among related parties as the issues faced by PJ staff are often similar.
  • In 2018, SOFTIC published a Q & A on the use of OSS, and companies and lawyers are continuously revising it as committee members, and the revised version is scheduled to be released soon. It may be a good idea to use it as one of the e-learning materials for PJ staff. It may be useful for OSPO staff to be involved in the Q & A as a committee member, to discuss it regularly, and to be involved in writing it.

Greater than or