Hacker News new | past | comments | ask | show | jobs | submit login
New analysis reveals significant ROI in open source technologies (worldbank.org)
329 points by johnmark on June 15, 2017 | hide | past | web | favorite | 37 comments

Three blogs deep, there's a link to the actual paper.[1] It's a study of one project, a geospatial database:

"Starting in 2009, the Global Facility for Disaster Reduction and Recovery (GFDRR) and its partners developed GeoNode: web-based, open source software that enables organizations to easily create catalogs of geospatial data, and that allows users to access, share, and visualize that data. Today, GeoNode is a public good relied on by hundreds of organizations around the world ... GFDRR’s direct and in-kind investment in GeoNode over the past six and a half years has been in the range of $1.0–$1.5 million USD. Partners have also made significant investments in GeoNode; a conservative estimate of these partner investments comes to approximately $2 million USD over the same time period. GFDRR’s investment in GeoNode would be a reasonable amount even viewed strictly as a software development cost: the GeoNode software today represents an approximately 200% return on investment in terms of code written, since thh current GeoNode project would most likely have cost $2.0 – 3.0 million USD if GFDRR had produced it alone as proprietary software, without building an open source community around the codebase."

This is an unusual situation; many people need geospatial databases, and contributing their local data is useful to them. The value here is in the data, not the code. This is more like Open Street Map than a software package.

[1] https://opendri.org/wp-content/uploads/2017/03/OpenDRI-and-G...

> This is an unusual situation; many people need geospatial databases, and contributing their local data is useful to them. The value here is in the data, not the code.

I disagree. Every organisation with geospatial data needs these types of applications and tools like GeoNode are viable alternatives for organisations that are invested in FOSS GIS or that can't afford ESRI.

I've worked in GIS at national, state, and local level government and have fought the same battles to bring open source GIS tools into the enterprise at every level - IT leadership are almost always enamoured with COTS products (i.e. ESRI) and resist the FOSS approach of having to assemble something equivalent to ArcServer/ArcPortal etc. Having solutions like GeoNode allow FOSS to actually compete with ESRI when the decision is being made by IT leadership who know nothing about GIS and are impressed by "solutions".

Thanks for the research. Whenever I see ROI numbers my BS detector goes off.

Summary: open source allows costs to be shared between parties. GFDRR got $2-3 million of software, but only had to cough up half of that because it was open source and there were other contributors.

On the other hand, what's the average ROI on investing in proprietary software development? It's rarely a question of spending the resources on software development, it's do we spend the resources in an open, or closed way? Nice to see a positive ROI, though - there's definitely a fear that it's just "giving stuff away" and clearly it's not that simple.

I'm all about open-source, but I wish people wouldn't focus on how companies should do it because it's good for them financially (although granted that's probably more effective with the intended audience than what I would say). I wish a bigger deal was made about how it's just a douche bag move to sell software and proactively prevent users from having freedom to understand, fix or modify it for their needs - that applies to more than just the source availability and license.

>it's just a douche bag move to sell software and proactively prevent users from having freedom to understand, fix or modify it for their needs

I work in an industry that has a particularly nasty case of vendor lock-in. There are only a few vendors and they all do things the same way: no API and no innovation.

They are causing things to stagnate for the whole industry. I don't get why they don't realize that even just having an API (not even open source!) would lock someone in way tighter than any crappy gimmick feature.

I see open source as a regulator - a reference point that signals to closed vendors that they had better keep innovating or people will jump ship. When it's not there, it makes the vendors slow down since they know they can play it safe with the barriers for migration.

Do you mind saying what industry you're referencing?

Right now I can't :(. I can't risk the potential retaliation from my current vendor.

> I'm all about open-source, but I wish people wouldn't focus on how companies should do it because it's good for them financially

1) Why on Earth would a company spend a considerable amount of resources on doing something that isn't good for them financially? That's their thing, and in the whole scheme of things seems like good separation of concerns. Companies make profits. Other things do other things.

2) Figuring out how to measure the productivity of an open source project from a single perspective is a positive thing. We know that the externalities of the large profile, well-funded, open source projects feed back into their participating parties positively, from those funding them to those participating out of pure interest. Some of the big companies can even account for this in some way, but we also know that it's hard to fully account for the benefit.

One explanation for why a company might fund open source, given to me by someone working for Microsoft to the end of funding open source projects, is that open source generates the highest degree of reusable code. My guess is that allowing disparate interests to define a thing will net you a more nuanced definition than otherwise. Time preference will always be a thing though. Often you need to be fast more than you need to be correct.

Yeah I phrased that poorly. I think open-source is good for companies financially because it makes a more valuable product for end-users. And I wish THAT was the focus. What is typically the focus (although admittedly, is not really the focus in this article) in presentations trying to get companies to do open-source is, "look - people will do a bunch of free work for you". I think that's both unlikely and beside the point. I didn't mean to say that the fact that there IS a financial ROI should be irrelevant or a negative.

For instance: I gladly pay more for a book directly from O'Reilly because they don't have DRM on their ebooks. It's not that they're getting any direct freebies or savings from not doing DRM, it's that I look at the freer-as-in-libre product and think it's just a more valuable thing for me to buy. Same with software.

Many more enterprisey, open-source averse companies still seem to have a woeful lack of understanding of what open source actually is.

Just yesterday I heard someone saying a down side of open source is that you're relying on people's (contributor's) free time for any feature to get done. He somehow overlooked the fact that the largest and most popular open source projects tend to have full time paid contributors (often at Microsoft or Google), or in other cases have an active community with a far better delivery record than just about any enterprise software team.

That makes much more sense.

One thing I've noticed is I am actually less interested in writing software that should be open source, but isn't. The kind of stuff where we'd never sell it, no one would ever buy it, yet my current employer paid me to write it, and the next employer will pay me to write it again. Solving a problem the first time is almost always interesting. Grinding through it again is less interesting, especially if it's hard to remember how I did it the first time. I always enjoy coding, but I try not to build the same thing twice, at least not in the same language.

ROI for whom?!? Who is investing money here? Who is reaping the rewards of investment? Yeah, no shit getting people to work for free has a high ROI. What the heck?

What open source projects do you know where there's a significant portion of the work being done for free and a corporation reaping significant rewards? I mean if you look at the Linux and Hadoop ecosystems, the most successful companies dump significant money into contributing to all sorts of projects. And most of the significant contributors I know are professional. You do see more involved bug reports from users and more student projects, but it's a minority of the work, and I'd argue they're reaping some good benefits from the community themselves. Mozilla is a community I've known several work-for-free contributors in, but Mozilla's not exactly raking in cash and flying their executives to exotic destinations in private jets all the time as far as I know.

My point above is precisely that I see open-source pitched to companies as "look you can get the community working for you" but I think that's (a) missing the point of free software, and (b) probably not happening much. Dumping stuff on Github might get some pull requests generated, but you don't get a functioning community without investing heavily in it yourself. Companies that don't really invest in open source generally have ghost-town communities and aren't well equipped to harness the power of those pull requests to begin with - it goes both ways.

A huge number of open source contributors do so on company time (with the blessing of their employer). It certainly isn't "for free".

n00b here. Can someone explain to me how this works. I imagine a good developer is fairly expensive, so letting them do something unrelated to there job must be pretty expensive. How does this make business sense?

Quite often the company's product is the open source project. It's just that instead of selling licenses, they're selling support contracts. You could get the software free, but for a fee you get to call the engineer that built it in the middle of the night for help keeping it running. And as a bonus, you get to leverage their ability to drive the roadmap when you have feature requests.

So really the debate here is not "do you hire an engineer full time or not?" it's "do you allow the output of that engineer to be open source or not?"

There's also a perk for the engineer: they work on stuff they can publicly point to as their portfolio full-time. Want to see me code? I don't necessarily have to have a bunch of side-projects on Github. Go check out the JIRA for these huge features I worked on!

1.) The task usually needs to be done, but is not business advantage. E.g. you wont sell more because of it. The developer asks the company whether the thing can be released and company does not care so it says ok.

2.) The developer has high status in the company and thus can do what he wish (up to the point). The company ends up tolerating it.

In addition to the other answers you've gotten, it's often the case that: (a) Developing what you need as a modest extension to existing OSS is cheaper than doing it all by yourself; and (b) Contributing those changes back to the community means that you've shed the burden of having to keep your local patch's changes in sync with the OSS version going forward.

("Hey, we wanted to use MAAS to maintain our cluster, but it doesn't support our particular power controller, so let's send the patch upstream...")

It's generally a technology somewhat related to your job.

For example, web hosts like GoDaddy do a fair amount of contribution to WordPress because they host a lot of WordPress sites and their customers will keep renewing their web hosting if WordPress is excellent and secure.

I wonder what the percentage of Linux kernel devs who are paid for doing it versus the ones that do it on the side. I bet the paid percentage is higher.

A good example of the ROI of Open Source is the OpenEMR project. That free system replaces multi-hundred thousand dollar hospital systems from companies like Cerner. I used to work at Oracle, and when I found out about OpenEMR I remember thinking "this makes the price difference between Oracle Enterprise Edition and MySQL Community look trivial".

A lot of times I hear the implementation cost is where all the money is so it doesn't matter what the software costs. That is sort of true, but large companies are not incentivized to make it any easier to implement, less they put their System Integrators out of business and/or push them to other vendors. The Open Source community does not have this incentive obviously.

EDIT: https://en.m.wikipedia.org/wiki/OpenEMR

Actually I think the Open Source community does have that incentive, assuming the developers are making a living as system integrators.

Good case study on one successful open source project. Shouldn't be used to draw any broader conclusions about impact of open source on any company's biz model. Some portions of typical software stacks are amenable to open source biz models (such as general purpose server OS), while many others are not.

Note that the study does not actually measure ROI from a revenue perspective, but estimates based on theoretical saved costs: The company invested $1M in open source infrastructure and potentially saved $2M in direct development costs (given that the code base is current worth $3M). [1]

Most interesting takeaway for me is the implications of open source for government funded projects, and a ratification of the idea that contributions of code for some public tool can save the general public tax money. A forward thinking org could try to broker some sort of tax cut based on SLOC contributed to public, government-sponsored projects? Maybe that already exists.

Would suggest studying Red Hat's rise to $2B in yearly revenue to understand how a company takes open source and turns it into revenue.

[1] GFDRR’s direct and in-kind investment in GeoNode over the past six and a half years has been in the range of $1.0–$1.5 million USD...GFDRR’s investment in GeoNode would be a reasonable amount even viewed strictly as a software development cost: the GeoNode software today represents an approximately 200% return on investment in terms of code written, since the current GeoNode project would most likely have cost $2.0–3.0 million USD if GFDRR had produced it alone as proprietary software, without building an open source community around the codebase.

I'm currently working on trying to replicate the success Wordpress has seen in monetizing open-source, It's my belief that the key to creating a viable open-source product revolves around creating a platform people can host themselves and make it open to plugin development. I don't see much value in the smaller projects most people work on because those rely on licensing for revenue.

Red Hat powers a bunch of USG supercomputer systems, I suspect their revenue without that would be difficult to sustain.

I haven't had time to read the report in detail, but it appears that the 200% ROI figure is simply derived from the ratio of externally written software to internally written software. So, by writing an open source tool instead of keeping it closed, they got contributions of code that exceeded their own investment. However, this is not actually the main point of the paper, and neither is it the whole picture. For example they discuss sponsoring in-person events and I don't think that kind of cost is accounted for in their ROI figure. Indeed, the paper goes to some effort to explain that the benefit they received goes far beyond the outside contributions of code. I know nothing of the project, but from their description it seems that it was very well run. I'm not sure that we can reasonably assume that they wouldn't get similar results from a well run consortium, for example.

Anyway, it looks like an interesting report and I look forward to reading it in more detail, but I think the headline in the blog-pointer is unwarranted.

Expenses like conferences (both organizing and sending attendees) are accounted for on the "investment" side of the ledger in this report, FWIW.

(Full disclosure: I'm one of the authors.)

This specific article is being criticized for not getting the sources right, and multiple intermediate sources are given, which is best, in your opinion, read the actual paper? Or the first secondary source?

Most people receive infinite return because they invest nothing.

A more meaningful measure is how quickly you can resolve a problem with open-source for X amount of investment, versus other options. With that, if a package doesn't do what you want then investing nothing appropriately yields NO return; whereas, investing certain amounts of time (asking questions, filing bugs, etc.) may yield more return, and fixing it yourself may yield the most.

Mods, can we change the title to that of the source report? "OpenDRI & GeoNode: A Case Study for Institutional Investments in Open Source."

The current title, "World Bank-Sponsored Report Shows 200% ROI on Open Source Participation," the contents of this link, and even the World Bank's own blog's title, strongly suggest that this was a World Bank-commissioned study across multiple open-source projects/communities. Note the plural in OP: "to quantify the benefit of contributing to and participating in open source communities." And the World Bank's blog title: "Leveraging Open Source as a Public Institution — New analysis reveals significant returns on investment in open source technologies."

But that's not the case at all. As noted in other comments, this is a single community, a single project. Granted, it's a successful one. But we shouldn't get our hopes up about "oh s*, this is an article I can forward to the C-suite to get us to invest in open source!" What we have here is technically accurate clickbait that relies on the brand of the World Bank's analysis. And, in being disappointingly vague, it tarnishes that brand.

Link references link:


Which references link:


Which references PDF:




Maybe dang can change both the title and the link. The World Bank blog is quite good as is the original paper. The linked article is complete garbage with a sensationalized title.

Thanks, all! We've updated the link from https://osenetwork.com/2017/06/13/bombshell-report-200-roi-o... to the summary blog post.

Flag this article and post the more accurate and closer to primary source.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact