"Starting in 2009, the Global Facility for Disaster Reduction and Recovery (GFDRR) and its partners developed GeoNode: web-based, open source software that enables organizations to easily create catalogs of geospatial data, and that allows users to access, share, and visualize that data. Today, GeoNode is a public good relied on by hundreds of organizations around the world ...
GFDRR’s direct and in-kind investment in GeoNode over the past six and a half years has been in the range of $1.0–$1.5 million USD. Partners have also made significant investments in GeoNode; a conservative estimate of these partner investments comes to approximately $2 million USD over the same time period.
GFDRR’s investment in GeoNode would be a reasonable amount even viewed strictly as a software development cost: the GeoNode software today represents an approximately 200% return on investment in terms of code written, since thh current GeoNode project would most likely have cost $2.0 – 3.0 million USD if GFDRR had produced it alone as proprietary software, without building an open source community around the codebase."
This is an unusual situation; many people need geospatial databases, and contributing their local data is useful to them. The value here is in the data, not the code. This is more like Open Street Map than a software package.
I disagree. Every organisation with geospatial data needs these types of applications and tools like GeoNode are viable alternatives for organisations that are invested in FOSS GIS or that can't afford ESRI.
I've worked in GIS at national, state, and local level government and have fought the same battles to bring open source GIS tools into the enterprise at every level - IT leadership are almost always enamoured with COTS products (i.e. ESRI) and resist the FOSS approach of having to assemble something equivalent to ArcServer/ArcPortal etc. Having solutions like GeoNode allow FOSS to actually compete with ESRI when the decision is being made by IT leadership who know nothing about GIS and are impressed by "solutions".
I'm all about open-source, but I wish people wouldn't focus on how companies should do it because it's good for them financially (although granted that's probably more effective with the intended audience than what I would say). I wish a bigger deal was made about how it's just a douche bag move to sell software and proactively prevent users from having freedom to understand, fix or modify it for their needs - that applies to more than just the source availability and license.
I work in an industry that has a particularly nasty case of vendor lock-in. There are only a few vendors and they all do things the same way: no API and no innovation.
They are causing things to stagnate for the whole industry. I don't get why they don't realize that even just having an API (not even open source!) would lock someone in way tighter than any crappy gimmick feature.
I see open source as a regulator - a reference point that signals to closed vendors that they had better keep innovating or people will jump ship. When it's not there, it makes the vendors slow down since they know they can play it safe with the barriers for migration.
1) Why on Earth would a company spend a considerable amount of resources on doing something that isn't good for them financially? That's their thing, and in the whole scheme of things seems like good separation of concerns. Companies make profits. Other things do other things.
2) Figuring out how to measure the productivity of an open source project from a single perspective is a positive thing. We know that the externalities of the large profile, well-funded, open source projects feed back into their participating parties positively, from those funding them to those participating out of pure interest. Some of the big companies can even account for this in some way, but we also know that it's hard to fully account for the benefit.
One explanation for why a company might fund open source, given to me by someone working for Microsoft to the end of funding open source projects, is that open source generates the highest degree of reusable code. My guess is that allowing disparate interests to define a thing will net you a more nuanced definition than otherwise. Time preference will always be a thing though. Often you need to be fast more than you need to be correct.
For instance: I gladly pay more for a book directly from O'Reilly because they don't have DRM on their ebooks. It's not that they're getting any direct freebies or savings from not doing DRM, it's that I look at the freer-as-in-libre product and think it's just a more valuable thing for me to buy. Same with software.
Just yesterday I heard someone saying a down side of open source is that you're relying on people's (contributor's) free time for any feature to get done. He somehow overlooked the fact that the largest and most popular open source projects tend to have full time paid contributors (often at Microsoft or Google), or in other cases have an active community with a far better delivery record than just about any enterprise software team.
My point above is precisely that I see open-source pitched to companies as "look you can get the community working for you" but I think that's (a) missing the point of free software, and (b) probably not happening much. Dumping stuff on Github might get some pull requests generated, but you don't get a functioning community without investing heavily in it yourself. Companies that don't really invest in open source generally have ghost-town communities and aren't well equipped to harness the power of those pull requests to begin with - it goes both ways.
So really the debate here is not "do you hire an engineer full time or not?" it's "do you allow the output of that engineer to be open source or not?"
There's also a perk for the engineer: they work on stuff they can publicly point to as their portfolio full-time. Want to see me code? I don't necessarily have to have a bunch of side-projects on Github. Go check out the JIRA for these huge features I worked on!
2.) The developer has high status in the company and thus can do what he wish (up to the point). The company ends up tolerating it.
("Hey, we wanted to use MAAS to maintain our cluster, but it doesn't support our particular power controller, so let's send the patch upstream...")
For example, web hosts like GoDaddy do a fair amount of contribution to WordPress because they host a lot of WordPress sites and their customers will keep renewing their web hosting if WordPress is excellent and secure.
A lot of times I hear the implementation cost is where all the money is so it doesn't matter what the software costs. That is sort of true, but large companies are not incentivized to make it any easier to implement, less they put their System Integrators out of business and/or push them to other vendors. The Open Source community does not have this incentive obviously.
Note that the study does not actually measure ROI from a revenue perspective, but estimates based on theoretical saved costs: The company invested $1M in open source infrastructure and potentially saved $2M in direct development costs (given that the code base is current worth $3M). 
Most interesting takeaway for me is the implications of open source for government funded projects, and a ratification of the idea that contributions of code for some public tool can save the general public tax money. A forward thinking org could try to broker some sort of tax cut based on SLOC contributed to public, government-sponsored projects? Maybe that already exists.
Would suggest studying Red Hat's rise to $2B in yearly revenue to understand how a company takes open source and turns it into revenue.
 GFDRR’s direct and in-kind investment in GeoNode over the past six and a half years has been in the range of $1.0–$1.5 million USD...GFDRR’s investment in GeoNode would be a reasonable amount even viewed strictly as a software development cost: the GeoNode software today represents an approximately 200% return on investment in terms of code written, since the current GeoNode project would most likely have cost $2.0–3.0 million USD if GFDRR had produced it alone as proprietary software, without building an open source community around the codebase.
Anyway, it looks like an interesting report and I look forward to reading it in more detail, but I think the headline in the blog-pointer is unwarranted.
(Full disclosure: I'm one of the authors.)
A more meaningful measure is how quickly you can resolve a problem with open-source for X amount of investment, versus other options. With that, if a package doesn't do what you want then investing nothing appropriately yields NO return; whereas, investing certain amounts of time (asking questions, filing bugs, etc.) may yield more return, and fixing it yourself may yield the most.
The current title, "World Bank-Sponsored Report Shows 200% ROI on Open Source Participation," the contents of this link, and even the World Bank's own blog's title, strongly suggest that this was a World Bank-commissioned study across multiple open-source projects/communities. Note the plural in OP: "to quantify the benefit of contributing to and participating in open source communities." And the World Bank's blog title: "Leveraging Open Source as a Public Institution — New analysis reveals significant returns on investment in open source technologies."
But that's not the case at all. As noted in other comments, this is a single community, a single project. Granted, it's a successful one. But we shouldn't get our hopes up about "oh s*, this is an article I can forward to the C-suite to get us to invest in open source!" What we have here is technically accurate clickbait that relies on the brand of the World Bank's analysis. And, in being disappointingly vague, it tarnishes that brand.
Which references link:
Which references PDF:
OPEN DATA FOR RESILIENCE INITIATIVE & GEONODE
A CASE STUDY ON INSTITUTIONAL INVESTMENTS IN OPEN SOURCE