Högskolan i Skövde

his.sePublications
Change search
Link to record
Permanent link

Direct link
Publications (10 of 14) Show all publications
Lundell, B., Lindroth, M., Gamalielsson, J., Katz, A., Brax, C., Persson, T., . . . Öberg, J. (2024). Half a step behind – bulk disclosure of confidential data in third-party GenAI solutions under the Swedish Public Access to Information and Secrecy Act. Digital Government: Research and Practice
Open this publication in new window or tab >>Half a step behind – bulk disclosure of confidential data in third-party GenAI solutions under the Swedish Public Access to Information and Secrecy Act
Show others...
2024 (English)In: Digital Government: Research and Practice, ISSN 2691-199XArticle in journal (Refereed) Published
Abstract [sv]

Technological progress poses unique challenges for the public sector. New technology should be adopted, but it must always be done within the framework of good administration. It follows laws governing public administration must be continuously adapted. Sweden recently amended its secrecy legislation to facilitate the use of third-party cloud solutions by public authorities. When the amendment was enacted, most public sector organisations had already been using external cloud solutions for a long time. Today, there is as much pressure on authorities to implement AI technology as there ever was to move administration into the cloud. This paper uses traditional legal methodology to investigate if the Swedish secrecy legislation adequately enables the use of cloud-based GenAI solutions. Findings indicate that the recent amendment is likely insufficient and that there are significant practical hurdles for the application of the law, particularly with services from global cloud providers. The paper contributes to the understanding of Swedish law, and of the difficulties that can occur anywhere when policy makers and legislators do not move in tandem.

Place, publisher, year, edition, pages
ACM Digital Library, 2024
Keywords
Artificial intelligence, Law, social and behavioral sciences, transparency, algorithm, freedom of information, administrative decision making
National Category
Law and Society Law (excluding Law and Society) Public Administration Studies Information Systems
Research subject
Software Systems Research Group (SSRG); Software Systems Research Group (SSRG)
Identifiers
urn:nbn:se:his:diva-23979 (URN)10.1145/3673659 (DOI)
Projects
SUDO
Funder
Knowledge Foundation
Note

CC BY 4.0

This research has been financially supported by the Swedish Knowledge Foundation (KK-stiftelsen) and participating partner organisations in the SUDO project. The authors are grateful for the stimulating collaboration and support from colleagues and partner organisations.

Available from: 2024-06-18 Created: 2024-06-18 Last updated: 2024-12-06
Lundell, B., Gamalielsson, J., Katz, A. & Lindroth, M. (2023). Avoiding lock-in effects through obtaining all necessary licences before use of a SaaS solution in a public sector organisation. European Journal of Law and Technology, 14(1)
Open this publication in new window or tab >>Avoiding lock-in effects through obtaining all necessary licences before use of a SaaS solution in a public sector organisation
2023 (English)In: European Journal of Law and Technology, E-ISSN 2042-115X, Vol. 14, no 1Article in journal (Refereed) Published
Abstract [en]

With increased adoption and use of cloud-based software-as-a-service (SaaS) solutions from international providers many public sector organisations expose themselves to a dependency on specific providers and a range of different lock-in effects. The article reports from a case study which investigated how a large Swedish public sector organisation addressed licensing issues and lock-in effects during adoption and use of a SaaS solution (Microsoft 365). The study identifies problematic licensing issues and presents a legal analysis related to the organisational implementation of the SaaS solution in the specific organisation. Findings show that the organisation has failed to successfully obtain all necessary licences and all necessary rights which would allow for long-term maintenance of all its digital assets independently of the SaaS solution currently in use.

National Category
Computer and Information Sciences Software Engineering
Research subject
Software Systems Research Group (SSRG)
Identifiers
urn:nbn:se:his:diva-23719 (URN)
Note

Authors who publish with EJLT will retain copyright and moral rights in the underlying work but will grant all users the rights to copy, store and print for non-commercial use copies of their work. [further conditions, see:] https://ejlt.org/index.php/ejlt/article/view/861

BILETA Special Issue

Available from: 2024-04-16 Created: 2024-04-16 Last updated: 2024-07-05Bibliographically approved
Lundell, B., Gamalielsson, J. & Katz, A. (2023). Implementing the HEVC standard in software: Challenges and Recommendations for organisations planning development and deployment of software. Journal of Standardisation, 2, Article ID 1.
Open this publication in new window or tab >>Implementing the HEVC standard in software: Challenges and Recommendations for organisations planning development and deployment of software
2023 (English)In: Journal of Standardisation, ISSN 2772-9249, Vol. 2, article id 1Article in journal (Refereed) Published
Abstract [en]

Implementation and use of an IT standard in software involves legal, technical and societal challenges. This paper addresses how an organisation can, and should, determine the conditions for implementation and use of the HEVC standard in software. The investigation considers the availability of the standard’s complete technical specification and the extent to which an organisation can access the information necessary to assess the licence conditions for standard essential patents impinging on the standard. Through an action case study approach the investigation analyses declarations in patent databases relevant to the standard and seeks to obtain patent licences from each declarant permitting implementation of the standard in software, where that software is to be provided under one (or several) of three specific open source software licences, and alternatively to be provided as an online service. Our analysis of legal and licensing conditions for use of the standard shows significant obstacles. We find that it is impossible to obtain licences from patent holders that would allow for implementation and use of the standard in open source software. The paper illuminates significant challenges related to conditions for use of the standard under (F)RAND terms and identifies that references to the standard in public procurement projects lead to anti-competitive effects.

Place, publisher, year, edition, pages
Delft: TU Delft OPEN, 2023
Keywords
HEVC, ITU-T H.265, ISO/IEC 23008-2, Open source software, Standard essential patents, Licence conditions, (F)RAND
National Category
Software Engineering Computer and Information Sciences
Research subject
INF304 Open Source; Software Systems Research Group (SSRG)
Identifiers
urn:nbn:se:his:diva-22154 (URN)10.18757/jos.2022.6695 (DOI)
Note

CC BY 4.0

Published: 3-2-2023

Corresponding author: bjorn.lundell@his.se

This research has been financially supported by the Swedish Knowledge Foundation (KK-stiftelsen) and participating partner organisations in the SUDO project. 

Available from: 2022-12-20 Created: 2022-12-20 Last updated: 2023-09-06Bibliographically approved
Lundell, B., Gamalielsson, J., Katz, A. & Lindroth, M. (2022). Data processing and maintenance in different jurisdictions when using a SaaS solution in a public sector organisation. eJournal of eDemocracy & Open Government, 14(2), 214-234
Open this publication in new window or tab >>Data processing and maintenance in different jurisdictions when using a SaaS solution in a public sector organisation
2022 (English)In: eJournal of eDemocracy & Open Government, E-ISSN 2075-9517, Vol. 14, no 2, p. 214-234Article in journal (Refereed) Published
Abstract [en]

Many public sector organisations (PSO) use SaaS solutions from dominant global providers. Implementation of these solutions may raise issues concerning both lawful data processing, and the obligations that those PSOs have to maintain their digital assets. One example is a large Swedish PSO which addressed these issues as part of the adoption and implementation of Microsoft 365. The study identifies challenges and presents an analysis of the organisational implementation of that SaaS solution, exposing legal issues that arose in that context. Findings show an absence of a documented risk analysis related to the PSO's use of that SaaS solution, covering data processing and maintenance of its digital assets. Recommendations are presented to facilitate a PSO's procurement and implementation of such a SaaS solution to address issues around data processing and the processing of digital assets.

Place, publisher, year, edition, pages
Krems: Department for E-Governance and Administration, Danube University Krems, 2022
Keywords
SaaS, lock-in, Microsoft 365, public procurement, contract terms, GDPR, case study
National Category
Computer and Information Sciences
Research subject
Software Systems Research Group (SSRG)
Identifiers
urn:nbn:se:his:diva-22153 (URN)10.29379/jedem.v14i2.749 (DOI)2-s2.0-85144647669 (Scopus ID)
Note

CC BY 3.0 Creative Commons Attribution 3.0 Austria

Available from: 2022-12-20 Created: 2022-12-20 Last updated: 2024-01-03Bibliographically approved
Lundell, B., Butler, S., Fischer, T., Gamalielsson, J., Brax, C., Feist, J., . . . Mattsson, A. (2022). Effective Strategies for Using Open Source Software and Open Standards in Organizational Contexts: Experiences From the Primary and Secondary Software Sectors. IEEE Software, 39(1), 84-92
Open this publication in new window or tab >>Effective Strategies for Using Open Source Software and Open Standards in Organizational Contexts: Experiences From the Primary and Secondary Software Sectors
Show others...
2022 (English)In: IEEE Software, ISSN 0740-7459, E-ISSN 1937-4194, Vol. 39, no 1, p. 84-92Article in journal (Refereed) Published
Abstract [en]

Open source software (OSS) and open standards have become increasingly important for addressing challenges related to lock-in, interoperability and long-term maintenance of systems and associated digital assets. OSS projects operate under different conditions and many projects and organisations consider successful governance and strategic involvement with projects to constitute major challenges. Today, many companies seek to establish work practices which facilitate strategic engagement with OSS projects. Based on findings from collaborative research which draws from rich insights and extensive experiences from practice, the paper presents seven actionable strategies for organisations that seek to leverage long-term involvement with OSS projects. 

Place, publisher, year, edition, pages
IEEE, 2022
Keywords
Collaboration, Companies, Interoperability, Linux, Open source software, Software systems, Standards
National Category
Information Systems Computer Sciences Computer Systems
Research subject
Software Systems Research Group (SSRG)
Identifiers
urn:nbn:se:his:diva-19521 (URN)10.1109/MS.2021.3059036 (DOI)000733943900015 ()2-s2.0-85100845589 (Scopus ID)
Funder
Knowledge Foundation, The LIM-IT project
Note

CC BY 4.0

Tidigare titel: Effective Organizational Strategies for Use of Open Source Software and Open Standards in Organizational Contexts

Available from: 2021-03-04 Created: 2021-03-04 Last updated: 2023-08-28Bibliographically approved
Lundell, B., Gamalielsson, J., Katz, A. & Lindroth, M. (2022). Use of Commercial SaaS Solutions in Swedish Public Sector Organisations under Unknown Contract Terms. In: Marijn Janssen; Csaba Csáki; Ida Lindgren; Euripidis Loukis; Ulf Melin; Gabriela Viale Pereira; Manuel Pedro Rodríguez Bolívar; Efthimios Tambouris (Ed.), Electronic Government: 21st IFIP WG 8.5 International Conference, EGOV 2022, Linköping, Sweden, September 6–8, 2022, Proceedings. Paper presented at 21st IFIP WG 8.5 International Conference, EGOV 2022, Linköping, Sweden, September 6–8, 2022 (pp. 73-92). Cham: Springer Nature Switzerland AG
Open this publication in new window or tab >>Use of Commercial SaaS Solutions in Swedish Public Sector Organisations under Unknown Contract Terms
2022 (English)In: Electronic Government: 21st IFIP WG 8.5 International Conference, EGOV 2022, Linköping, Sweden, September 6–8, 2022, Proceedings / [ed] Marijn Janssen; Csaba Csáki; Ida Lindgren; Euripidis Loukis; Ulf Melin; Gabriela Viale Pereira; Manuel Pedro Rodríguez Bolívar; Efthimios Tambouris, Cham: Springer Nature Switzerland AG , 2022, p. 73-92Conference paper, Published paper (Refereed)
Abstract [en]

Lawful and appropriate use of cloud-based globally provided Software-as-a-Service (SaaS) solutions by a public sector organisation (PSO) for data processing and maintenance of digital assets presupposes an investigation of all relevant contract terms. Having obtained, analysed, and filed all relevant contract terms when using a SaaS solution is a prerequisite for good administration. Identifying and obtaining all relevant contract terms for a SaaS solution involves significant obstacles which in practice may be impossible to overcome for each PSO. This paper addresses how PSOs investigate contract terms prior to adoption, and why PSOs use a globally provided SaaS solution without having identified and obtained all relevant contract terms. Through a review of responses to questions and public documents from Swedish PSOs we analysed how each PSO had investigated contract terms and licences for the Microsoft 365 (M365) solution prior to adoption and use of the solution in each PSO. We find that no PSO had investigated all relevant contract terms prior to use of M365, which implies that each PSO uses M365 under unknown contract terms. Further, we find that all PSOs use M365 for data processing of its digital assets under unknown contract terms and that each PSO has significant dependence and trust in its supplier.

Place, publisher, year, edition, pages
Cham: Springer Nature Switzerland AG, 2022
Series
Lecture Notes in Computer Science, ISSN 0302-9743, E-ISSN 1611-3349 ; 13391
National Category
Public Administration Studies Information Systems, Social aspects Information Systems Other Computer and Information Science Law and Society Software Engineering
Research subject
Software Systems Research Group (SSRG)
Identifiers
urn:nbn:se:his:diva-21741 (URN)10.1007/978-3-031-15086-9_6 (DOI)000874748500006 ()2-s2.0-85138008540 (Scopus ID)978-3-031-15086-9 (ISBN)978-3-031-15085-2 (ISBN)
Conference
21st IFIP WG 8.5 International Conference, EGOV 2022, Linköping, Sweden, September 6–8, 2022
Funder
Knowledge Foundation
Note

CC BY 4.0

This research has been financially supported by the Swedish Knowledge Foundation (KK-stiftelsen) and participating partner organisations in the SUDO project. The authors are grateful for the stimulating collaboration and support from colleagues and partnerorganisations.

Available from: 2022-08-31 Created: 2022-08-31 Last updated: 2024-01-03Bibliographically approved
Lundell, B., Gamalielsson, J. & Katz, A. (2021). On Challenges for Implementing ISO Standards in Software: Can Both Open and Closed Standards Be Implemented in Open Source Software?. In: Information Resources Management Association (Ed.), Research Anthology on Usage and Development of Open Source Software: (pp. 63-95). IGI Global, 1
Open this publication in new window or tab >>On Challenges for Implementing ISO Standards in Software: Can Both Open and Closed Standards Be Implemented in Open Source Software?
2021 (English)In: Research Anthology on Usage and Development of Open Source Software / [ed] Information Resources Management Association, IGI Global, 2021, Vol. 1, p. 63-95Chapter in book (Refereed)
Abstract [en]

Over the years, the importance of open standards has been acknowledged in EU and national policies. Formal (e.g., ISO) standards are often referred to in software development and procurement. Use of formal (ISO) standards and to what extent ISO standards can be implemented in open source software is considered, with particular reference to patent licensing. It is shown that not all formal standards are open standards and that FRAND commitments may impose major challenges for use of such standards. Further policies and procedures set by standards setting organisations (SSOs) regarding the notification of standards-essential patents (SEPs) present challenges for organisations wishing to implement standards in software. This chapter elaborates implications and suggests ways of addressing the challenges identified. Use of formal standards may create barriers for implementation in open source software and inhibit an open and inclusive business-friendly ecosystem. 

Place, publisher, year, edition, pages
IGI Global, 2021
National Category
Computer Systems Software Engineering Computer Sciences
Research subject
Software Systems Research Group (SSRG)
Identifiers
urn:nbn:se:his:diva-21131 (URN)10.4018/978-1-7998-9158-1.ch004 (DOI)2-s2.0-85129107762 (Scopus ID)978-1-7998-9159-8 (ISBN)978-1-7998-9158-1 (ISBN)1-7998-9158-5 (ISBN)
Note

© 2021 by IGI Global. All rights reserved.

Information Resources Management Association (USA)

Available from: 2022-05-12 Created: 2022-05-12 Last updated: 2022-09-29Bibliographically approved
Lundell, B., Gamalielsson, J., Katz, A. & Lindroth, M. (2021). Perceived and Actual Lock-in Effects Amongst Swedish Public Sector Organisations when Using a SaaS Solution. In: Hans Jochen Scholl; J. Ramon Gil-Garcia; Marijn Janssen; Evangelos Kalampokis; Ida Lindgren; Manuel Pedro Rodríguez Bolívar (Ed.), Electronic Government: 20th IFIP WG 8.5 International Conference, EGOV 2021, Granada, Spain, September 7–9, 2021, Proceedings. Paper presented at 20th IFIP WG 8.5 International Conference on Electronic Government, EGOV 2021, Granada, Spain, September 7–9, 2021 (pp. 59-72). Cham: Springer
Open this publication in new window or tab >>Perceived and Actual Lock-in Effects Amongst Swedish Public Sector Organisations when Using a SaaS Solution
2021 (English)In: Electronic Government: 20th IFIP WG 8.5 International Conference, EGOV 2021, Granada, Spain, September 7–9, 2021, Proceedings / [ed] Hans Jochen Scholl; J. Ramon Gil-Garcia; Marijn Janssen; Evangelos Kalampokis; Ida Lindgren; Manuel Pedro Rodríguez Bolívar, Cham: Springer, 2021, p. 59-72Conference paper, Published paper (Refereed)
Abstract [en]

When a public sector organisation (PSO) uses a software as a service (SaaS) solution from a global provider this imposes risks for different types of lock-in effects. In turn, use of such solutions by PSOs may prevent full control of digital assets that need to be created, processed, maintained, and archived for use and reuse over long life-cycles. This paper addresses perceived and actual lock-in effects related to use of SaaS solutions in the public sector. We review perceptions of lock-in amongst government agencies and investigate how 46 PSOs have addressed challenges related to obtaining licences and an effective exit plan related to use of the Microsoft Office 365 SaaS solution. Through a review of responses to a survey conducted by the Swedish Government Offices we find significant misconceptions concerning lock-in effects. We find that every one of the 46 PSOs investigated neither obtained necessary licences nor established an effective exit strategy to allow the PSO to independently access, process and maintain digital assets processed by the SaaS solution after decommissioning. We present recommendations for any PSO considering use of a SaaS solution.

Place, publisher, year, edition, pages
Cham: Springer, 2021
Series
Lecture Notes in Computer Science, ISSN 0302-9743, E-ISSN 1611-3349 ; 12850
National Category
Computer and Information Sciences Software Engineering
Research subject
INF304 Open Source; Software Systems Research Group (SSRG)
Identifiers
urn:nbn:se:his:diva-20531 (URN)10.1007/978-3-030-84789-0_5 (DOI)000769437800005 ()2-s2.0-85115199328 (Scopus ID)978-3-030-84788-3 (ISBN)978-3-030-84789-0 (ISBN)
Conference
20th IFIP WG 8.5 International Conference on Electronic Government, EGOV 2021, Granada, Spain, September 7–9, 2021
Funder
Knowledge Foundation
Note

CC BY 4.0

Also part of the Information Systems and Applications, incl. Internet/Web, and HCI book sub series (LNISA, volume 12850)

Available from: 2021-09-07 Created: 2021-09-07 Last updated: 2024-01-03Bibliographically approved
Lundell, B., Gamalielsson, J. & Katz, A. (2020). Addressing Lock-in Effects in the Public Sector: How Can Organisations Deploy a SaaS SolutionWhile Maintaining Control of Their Digital Assets?. In: Shefali Virkar, Marijn Janssen, Ida Lindgren, Ulf Melin, Francesco Mureddu, Peter Parycek, Efthimios Tambouris, Gerhard Schwabe, Hans Jochen Scholl (Ed.), Proceedings of Ongoing Research, Practitioners, Posters, Workshops, and Projects at EGOV-CeDEM-ePart 2020co-located with the IFIP WG 8.5 International Conference EGOV-CeDEM-ePart 2020: Linköping University, Sweden (Online), 31 August-2 September 2020. Paper presented at Ongoing Research, Practitioners, Posters, Workshops, and Projects at EGOV-CeDEM-ePart 2020 co-located with the IFIP WG 8.5 International Conference EGOV-CeDEM-ePart 2020, Linköping University, Sweden (Online), 31 August-2 September 2020 (pp. 289-296). Aachen: CEUR
Open this publication in new window or tab >>Addressing Lock-in Effects in the Public Sector: How Can Organisations Deploy a SaaS SolutionWhile Maintaining Control of Their Digital Assets?
2020 (English)In: Proceedings of Ongoing Research, Practitioners, Posters, Workshops, and Projects at EGOV-CeDEM-ePart 2020co-located with the IFIP WG 8.5 International Conference EGOV-CeDEM-ePart 2020: Linköping University, Sweden (Online), 31 August-2 September 2020 / [ed] Shefali Virkar, Marijn Janssen, Ida Lindgren, Ulf Melin, Francesco Mureddu, Peter Parycek, Efthimios Tambouris, Gerhard Schwabe, Hans Jochen Scholl, Aachen: CEUR , 2020, p. 289-296Conference paper, Published paper (Refereed)
Abstract [en]

As software as a service (SaaS) adoption increases in both the public and private sectors, so does dependency on specific providers and technologies and the consequent danger of lock-in. This paper reports on how public sector organisations (PSOs) can, and should, avoid lock-in throughout the lifecycle (commissioning, deployment and decommissioning) of their deployment of the Microsoft Office 365 SaaS product (O365). We investigate how 33 PSOs address different lock-in effects, focussing on the City of Gothenburg, and show that none of the PSOs determined possible lock-in effects prior to implementation or were able to provide documented evidence that they would be able to independently access, process and maintain the digital assets processed by the SaaS solution after decommissioning. We also report on jurisdictional and data processing issues, with consequent impact on digital sovereignty.

Place, publisher, year, edition, pages
Aachen: CEUR, 2020
Series
CEUR Workshop Proceedings, ISSN 1613-0073 ; 2797
Keywords
lock-in, public sector, SaaS solutions, cloud, open standards
National Category
Computer and Information Sciences Software Engineering
Research subject
INF304 Open Source; Software Systems Research Group (SSRG)
Identifiers
urn:nbn:se:his:diva-19373 (URN)2-s2.0-85099210665 (Scopus ID)
Conference
Ongoing Research, Practitioners, Posters, Workshops, and Projects at EGOV-CeDEM-ePart 2020 co-located with the IFIP WG 8.5 International Conference EGOV-CeDEM-ePart 2020, Linköping University, Sweden (Online), 31 August-2 September 2020
Funder
Knowledge Foundation
Note

CC BY 4.0

EGOV-CeDEM-ePart ISSN 2524-1400

Available from: 2021-01-08 Created: 2021-01-08 Last updated: 2021-11-19Bibliographically approved
Svorc, J. & Katz, A. (2019). Breathe In, Breathe Out: How open hardware licensing can help save the world. The Journal of Open Law, Technology & Society, 11(1), 49-56
Open this publication in new window or tab >>Breathe In, Breathe Out: How open hardware licensing can help save the world
2019 (English)In: The Journal of Open Law, Technology & Society, ISSN 2666-8106, Vol. 11, no 1, p. 49-56Article in journal (Refereed) Published
Abstract [en]

As with any other open source field, there are countless far-reaching advantages in open hardware licensing, as opposed to its proprietary counterpart. This paper takes the example of a low-cost portable mechanical ventilator design and considers the effect of the application of the three different variants of the newly-released CERN Open Hardware Licence Version 2. This paper considers the importance of licensing, and demonstrates how open hardware licensing can facilitate efficient further development of a project, improve its safety and reliability, and encourage collaboration. Most importantly, open hardware licensing allows anyone to freely use, study, modify and distribute improvements to project design, and make, sell or otherwise distribute products made to that design, making it a cost-effective means of developing and deploying the device throughout the world, from the most developed to the most vulnerable territories. Finally, this paper argues that open hardware licensing also encourages economic activity whilst it protects third-party intellectual property rights.

Keywords
open source, open hardware, licensing, CERN, ventilator, medical equipment, accessibility, CERN-OH
National Category
Computer and Information Sciences
Research subject
Software Systems Research Group (SSRG)
Identifiers
urn:nbn:se:his:diva-18360 (URN)
Note

10.5033/jolts.v10i1.139

Available from: 2020-04-06 Created: 2020-04-06 Last updated: 2020-08-27Bibliographically approved
Organisations
Identifiers
ORCID iD: ORCID iD iconorcid.org/0000-0002-1001-0283

Search in DiVA

Show all publications