The European Parliament's Committee on Civil Liberties, Justice and Home Affairs (LIBE), wants to make open source a condition for new IT systems, aiming to improve the security of the Parliament's IT. The committee suggests to "use more open source systems and fewer off-the-shelf commercial systems".
In its draft report, presented on 9 January, the committee is asking for an IT security audit. This should include a feasibility study on the use of the free software solution GNU Privacy Guard (GNUPG), allowing members of parliament to encrypt and to electronically sign their emails. The audit should be completed by September this year.
The proposals are part of a draft resolution, concluding LIBE's six-months investigation into the electronic mass surveillance of EU citizens.
Cryptography
LIBE wants the audit to consider "the use of more cryptographic technologies, in particular end-to-end authenticated encryption for all IT and communications services such as cloud computing, email, instant messaging and telephony." It is asking for the implementation of "a secure Instant Messaging service within the European Parliament allowing secure communication, with the server only seeing encrypted content."
The European Parliament should continue to act as EU citizens' rights watchdog, LIBE writes. It is also asking the European Council and European Commission for a European Digital Habeas Corpus. The committee suggests to organise a conference in 2015, bringing together "high-level European experts in the various fields conducive to IT security, including mathematics, cryptography and privacy-enhancing technologies, to help foster an EU IT strategy."
Not alone
The LIBE committee's push for an increase of open source comes three weeks after the announcement by the EP's Green/EFA Group of the testing of laptop computers running Debian GNU/Linux, intended to allow users to encrypt their email. Rebecca Harms, the group's co-president, yesterday welcomed LIBE demands. "We're happy to see we are not alone in promoting free software and open standards in the European Parliament."
On 18 December GNUPG launched a successful crowd-funding request. In 26 hours, the developers managed to gather their target of 24,000 euro, earmarked for developing interfaces for mobile devices, offer new web services, improve the documentation and revamp the project's website. The first round of this crowd-funding is still open. GNUPG so far managed to secure 34,520 euro from in total 1023 donors.
GNUPG is already used by several public administrations, including the German Ministry of the Interior and Germany's Federal Office for Information Security (BSI).
More information:
European Parliaments Libe (Civil Liberties, Justice and Home Affairs) Committee
Draft report on the US NSA surveillance programme, surveillance bodies in various Member States and their impact on EU citizens’ fundamental rights and on transatlantic cooperation in Justice and Home Affairs
Computerworld post by Glyn Moody
Joinup news item
Joinup news item