NSF Award
2317168
Corporations, governments, and society as a whole have developed an extraordinary reliance on open-source libraries and frameworks, which comprise a sort of “open-source digital infrastructure.” As such, the utility and security of a great many important applications depends on maintaining this infrastructure to a high standard. However, open-source licenses typically completely eschew any form of accountability, providing no warranties of any kind. Moreover, maintainers of open-source projects are typically free to walk away at any time, rather than expected to comply with external demands. This research will investigate to what extent maintainers of open-source software are accountable to different types of users, as well as when and how this accountability emerges and varies in response to evolving user needs or regulatory moves. The results of this research will highlight the scenarios under which the current open-source governance mechanisms contribute to or fail to address the external accountability that is sought for durable infrastructure, as well as any trade-offs involved. Ultimately, this research will help inform how a range of effective interventions can be designed to move open-source projects and ecosystems in the direction of greater accountability, resulting in more sustainable open-source infrastructure. <br/><br/>This project will shed light on accountability in open-source ecosystems through an orchestrated set of mixed-methods empirical studies across two research thrusts. First, qualitative interviews and a survey will reveal how maintainers and users think about accountability, the extent to which it becomes embedded in project and ecosystem culture, and the alignment of expectations of the two sides, across a dozen ecosystems and a spectrum of arrangements that involve commercial firms, government institutions, and research labs with open-source communities. Second, additional interviews will reveal how successful open-source communities mount effective collective responses to specific episodes that starkly challenge accountability (e.g., the introduction of regulation), and statistical and econometric models will estimate how the effects of such shocks on project outcomes vary across governance models and other project context factors. This project is expected to yield a framework, with different contingencies and trade-offs grounded in empirical data, that explains the emergence (or lack thereof) of a system of accountability in open-source communities. More generally, this work will bring together perspectives of accountability from the software engineering, information systems, and management research communities that are interested in open-source ecosystems, stimulating new research in these disciplines grounded in current challenges in open-source practice.<br/><br/>This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
