Some thoughts on the recently approved ISO/IEC Microsoft Office Open XML (MSOOXML)

Submitted by fatima on Wed, 04/23/2008 - 11:37.

Microsoft Office Open XML now a certified standard: Some issues

With Microsoft Office Open XML (MSOOXML) now voted into an ISO/IEC standard (ISO/IEC 29500) in official announcements April 1 (see http://www.ip-watch.org/weblog/index.php?p=986), there is intense debate and criticism regarding the credibility of the ISO/IEC standardization process with reports of anomalies in several National standardization bodies worldwide (see http://www.noooxml.org/irregularities). This has prompted an investigation by the European Commission on the standards-setting process, particularly in EU member countries were irregularities have been reported (see "EC probes OOXML standards-setting process" http://www.theregister.co.uk/2008/04/04/ooxml_ec_investigation_iso/).

Earlier, in January 2008, the EC initiated two formal antitrust investigations against Microsoft in suspected abuse of dominant market position (Article 82 of EC Treaty Rules). The formal investigations were initiated following a complaint by the European Committee for Interoperable Systems (ECIS) and Opera (a web browser vendor). (See http://europa.eu/rapid/pressReleasesAction.do?reference=MEMO/08/19)

In the ECIS complaint, "Microsoft is alleged to have illegally refused to disclose interoperability information across a broad range of products, including information related to its Office suite, a number of its server products, and also in relation to the so called .NET Framework. The Commission's examination will therefore focus on all these areas, including the question whether Microsoft's new file format Office Open XML, as implemented in Office, is sufficiently interoperable with competitors' products."

With the formal investigations on-going and Microsoft's new format Office Open XML now an ISO/IEC standard, a number of issues arise. I would like to look more closely at some of these issues.

The moral authority of the ISO/IEC and the reformation of international standards development

The ISO/IEC have long established codes of conduct and votes on proposed standards are made by national delegation. Thus, standards-related disputes have not been brought to the international level. However, in other places, there has been successful litigation over egregious misconduct in writing industrial standards (see "Equipment Standards: History, Litigation, and Advice" by John Hedley-Whyte, MD and Debra R. Milamed, MS, http://www.pubmedcentral.nih.gov/articlerender.fcgi?artid=1420853). While the ISO/IEC is expected to investigate the reported irregularities in its own standards-setting process, member countries should find the irregularities to be of great concern because world-wide standards define what are adopted as national standards, thereby influencing what a country puts into law, in turn impacting trade and development.

Following complaints of intentionally manipulating the MSOOXML voting process in member countries, the European Commission has started an investigation into the allegations, sending letters to all EU national standards bodies requesting information about the process. Some national standards committee members have also filed protests to the ISO/IEC against irregularities observed at the national level. The ISO/IEC JTC1 Directives provide for an appeal process within two months, after which the standard will be published as ISO/IEC 29500.

While a number of groups question the decision to vote YES for a technically flawed specification, others argue that the technical issues may be fully resolved when MSOOXML is approved as a standard and then placed under the control of the ISO/IEC, in particular the SC34 (one of 18 sub-committees of the JTC1 (Joint Technical Committee). JTC1 was set-up with the mandate to design, develop, maintain, promote and facilitate standards within the Information Technology sector. SC34 deals with standards for Document Description and Processing Languages.

Following the ISO/IEC approval, ECMA (European Computer Manufacturers' Association, an international private (membership-based standards) organization for information and communication systems) will now turn over maintenance of MSOOXML to SC34. It was proposed in SC34 that three new working groups be created to manage the two document standards and work on interoperability and harmonization between the two.

It was also proposed at SC34 that two ad hoc committees be created, one for the maintenance of MSOOXML, and another for the initial collection of comments on MSOOXML. (See "Resolutions of ISO/IEC JTC 1/SC 34 Plenary Meeting, 2008-04-05/09, Oslo, Norway" http://www.itscj.ipsj.or.jp/sc34/open/1025.htm)

Just as ODF (OpenDocument format) earlier enjoyed standard status under OASIS (Organization for the Advancement of Structured Information Standards, the consortium tasked with the development and maintenance of ODF as Open Office Standard) in May 1, 2005, MSOOXML enjoyed standard status under ECMA when TC45 (the ECMA Technical Committee for document formats) published MSOOXML in December 2006 as a formal standard for applications fully compatible with the Office Open XML formats. With ODF already submitted at that time to the ISO/IEC for approval (ODF was approved as ISO/IEC 26300 in March 3, 2006), IBM voted NO to the ECMA standard recommending instead that work should be done on only one specification and any changes to such should be made to OASIS.

While one may say that one of the intentions behind the ECMA standard was to generate a separate standard that developers may use in the creation of applications compatible with Microsoft's own Office XML format and that would give governments a basis for software procurements, it is also worth noting that in 2004, the IDABC (Interchange of Data between Administrations, a community programme managed by the European Commission's Directorate General) advised Microsoft to consider issuing a public commitment to publish and provide non-discriminatory access to future versions of its WordML specifications and to consider the merits of submitting XML formats to an international standards body of their choice. OASIS was advised to submit ODF for official standardization through the ISO/IEC.

The goal of the IDABC was to achieve high-quality, open, non-vendor-dictated document standards and to encourage the use of XML (Extensible Markup Language) as the preferred document technology in communications with citizens and businesses. The consensus to use XML is based on the technology's ability to separating content, structure, semantics and presentation making the potential for electronic data to be revisable and reusable independent of its format.

With this recommendation, the IDABC believed that standardization initiatives ensure not only a fair and competitive market but also help safeguard the interoperability of implementing solutions whilst preserving competition and innovation. (See http://europa.eu.int/idabc/en/document/2592/5588)

The recommendations of the IDABC must also be placed in context - that of OpenOffice.Org as a young and fledging format, and Microsoft WordML as a de facto format by a large monopoly. The recommendation towards standardization was made within the context of addressing accessibility of European public sector service and information by encouraging that these document formats not to discriminate against market actors or implementation across platforms.

But can standardization also be used to abuse a dominant market position and adversely lessen competition? Indeed, it would also be interesting to see whether or not ISO/IEC 29500 could lead to Microsoft's abuse of its market dominance, while anomalous Microsoft lobbying for MSOOXML has already placed the credibility of the standards-setting process into question.

While there are numerous other standards-setting bodies comprised of industry consortium, the ISO/IEC has the established reputation of an independent organization with very strong links with governments worldwide and a standards certification process that is believed to be more rigorous than other standards organizations. Thus while SC34 acts as if it will be "business as usual" by creating working groups and ad hoc committees that even gives ECMA privileged status within ISO/IEC, the fast-track process that MSOOXML underwent has undoubtedly affected the reputation of the ISO/IEC. SC34 might have little choice but to rectify this tarnished reputation because it has accepted to maintain a standard that is the subject of antitrust proceedings in the EC.

With ISO/IEC 29500 nearly in place, it might be interesting to see whether or not JTC1-SC34 can turn MSOOXML into a truly open standard, that is, a standard that can be used in the development of applications that can create documents in a format that retain data readability in the widest range of applications, independent of the software vendor, and implementable in both proprietary and free and open source software.

Otherwise, it must be made clear that MSOOXML is certified as a proprietary product specification standard and not an open standard. If Microsoft persists in claiming that MSOOXML is an open standard, then this could be seen as an attempt to abuse its market dominance.

From a business perspective, MSOOXML is a proprietary product specification standard. Under ECMA, it is an international standard for compatibility with Office Open XML and an important step towards control of its market share. True enough, there is no conflict between the use of a standards-based file format for Microsoft Office and Office compatible products, and the continuing and improving revenue from sales of Microsoft Office and royalties of its patents licenses.

However, there is an issue whether or not MSOOXML is an open standard. "Open" is usually restricted to royalty -free technologies whereas "standards" may permit patent-holders to impose "reasonable and non-discriminatory" (RAND) royalty fees and other licensing terms on implementations and uses of the standard.

Under the various definitions of "open standard", for example the European Union definition, MSOOXML may not be considered an open standard at all since the EU's Interoperability Framework requires that intellectual property such as patents present in the the standard (or parts of the standard) be made irrevocably available on a royalty-free basis. Thus, MSOOXML may have the stamp of an international standard but it fails in terms of interoperability. This is where the ECIS complaint lodged with the EC is most important.

By ITU-T (International Telecomunications Union) definitions, MSOOXML may pass the intellectual property rights requirements, but may have shortcomings regarding the ITU-T elements of collaborative process, balance (the process not being dominated by any one interest group), due process, and quality and level of detail.

Assuming that the MSOOXML standards-setting process was fair and unmanipulated and that the MSOOXML specification was of sufficient quality and detail, we would be left with the problem of harmonizing two standards with very distinct and potentially incompatible licensing and development models.

ODF is an open standard with its royalty free license on patents. ODF introduces an unrestrictive, open and free model for standardisation in the information technology sector. MSOOXML on the other hand uses a RAND licensing scheme which is incompatible with GPL (the GNU General Public License, a widely used free software license written in 1989 by Richard Stallman for the GNU Project) and possibly some open source licenses. Thus, the RAND patent license can be discriminatory against GPL and free software developers even if fees or royalties were not imposed, because in principle, according to a BSA lawyer, GPL is at odds with the field-of-use limitation, restriction on sublicensing and reciprocity requirement, the three common terms in standards-related patent licenses.

In addition, the Software Freedom Law Center and the Free Software Foundation has found a number of shortcomings in Microsoft's OSP (Open Specification Promise, a promise that is supposed to protect developers from patent risk) as far as GPL and other open source licensing is concerned, because the OSP permits implementation under free software licenses only so long as the resulting code is not used freely.

RAND and OSP clearly demonstrate incompatibilities with GPL and the free software model, and because of Microsoft's market dominance, the standardisation of MSOOXML could indeed be a way of killing off free software and the free software development and economic model, one of Microsoft's biggest competitors in the software market. Thus, because of MSOOXML's impact on GPL, the task of translation (as proposed by the German National Body to SC34) and harmonization between MSOOXML and ODF is not recommended.

On the positive side, if JTC1 will conscientiously carry out its portability and interoperability mandate, the standardization of MSOOXML could mean the development of standards-based solutions to the problem of large Microsoft legacy database back-ends. Here, we may go back to IDABC recommendations which can be interpreted as an attempt to leverage on Microsoft's monopoly of the office document market in achieving true document freedom.

From a consumer welfare perspective, it might also be interesting to investigate MSOOXML quality assurance. Numerous technical flaws have been disclosed in the comments generated during the review of the proposed MSOOXML format in the fast-track ISO/IEC process. It is also mind-boggling that Microsoft Office 2007 itself fails conformance tests with its own ISO/IEC standard (see http://www.groklaw.net/article.php?story=20080421091129596). It seems that quality assurance is Microsoft's least of concerns. I guess in the end, consumers do get what they deserve.

What can be done?

Where irregularities are reported, votes may be nullified in the National standards bodies.

In order to counter the lock-in effects of "self-certification", it could be proposed that an open standards certification process be adopted within the JTC1 as part of its harmonization and interoperability mandate.

Where open standards policies are in place, National standards bodies can implement an open standards certification process in the adoption of document format standards as national standards.

The actuality of open standards and interoperability should be taken into serious consideration by governments and the private sector when making decisions on the software acquisitions. The question of data integrity and ownership, independent of vendor application, should be raised.

Where large legacy database back-ends are concerned, governments and companies have rights to their data and must demand accessible solutions. The standard design and development process within ISO/IEC TC1 should address the issue of legacy Microsoft systems through MSOOXML compliance with open standards and interoperability.

Because ODF currently complies with the open standards definition, it may be considered as national standard and its development and implementation must be broadly supported. It is best to wait until irregularities with MSOOXML and the EC Antitrust investigations are settled before deciding to adopt MSOOXML as national standard.

The Philippine vote

The Philippines is an O-voting (Observing) member to the ISO/IEC, as opposed to a P-voting member (Participating member). Two-thirds of P-member votes is required for the ratification of a proposed standard.

The Philippine Bureau of Product Standards (BPS) voted DISAPPROVE in September 2007 but on March 28, 2008, they reconsidered, and was deadlocked at 4 votes to 4. The Chair of the technical committee led by the CICT-NCC (Commission on Information and Communications Technology-National Computer Center) voted APPROVE, bringing the final tally to 4-5 in favor of MSOOXML. (See http://www.openmalaysiablog.com/2008/04/the-philippine.html)

The CICT said that it voted affirmatively because it was in favor of multiple standards and that all seven comments by the technical committee were addressed by ECMA. The latter reason was questioned by University of the Philippines Department of Computer Science professor Prospero Naval, also a member of the Philippine technical committee, stating that of the seven comments, only two were satisfactorily addressed by ECMA and that the earlier Philippine position of "DISAPPROVE with comments" will only change if all of the comments were addressed. Whilst BPS and CICT insist that all seven comments were addressed, Naval asks why these were never made public.

On the matter of having multiple standards, the Department of Science and Technology-Advanced Science and Technology Institute maintained their NO vote believing that, among other issues, "an ISO standard for Open Document format already exists ... and in the spirit of ISO, a competing standard to an existing one is not usually encouraged because this discourages interoperability and encourages confusion in the marketplace and additional costs to end users."

The BPS should know better that having more than one standard in the same field of application leads to a wasteful "battle of the standards" situation. The CICT-NCC, which decided to support multiple document standards because "the interoperability of documents complying with approved international standards is what we are aiming for to give our end-users the free choice to select the document format which meets their requirement", should also know better that interoperability and the needs of end-users are best served by a single agreed-upon standard by which vendors agree in developing their own formats. For users to have choice, vendors can create multiple formats, but for interoperability to actually take place, those formats must adhere to a single free and open standard. Formats are not to be confused with standards.

Also, both BPS and CICT-NCC should know that in the competition of multiple standards, the one used with the most dominant application often wins, and not necessarily the better standard. With Microsoft's monopoly of the office document market, and the fundamental incompatibility of its specification with ODF, the standards-setting process effectively destroys competition.

With technical concerns remaining unresolved, as pointed out by the DOST-ASTI and the UP Department of Computer Science, the BPS has no reason to change the Philippine vote from DISAPPROVE to APPROVE.

A philosophical appreciation: the problem of language

While what IT regulators see as practical solutions are not perceived as such by the problems (the monopolies) that the solutions are intended to address, it might be worth considering the philosophical under-currents in order to achieve alternative understanding of the issues.

I adopted a critical stance upon the concept of XML when prodded in early January 2008 towards a new product called Xcerion XIOS/3, a Swedish start-up led by an XML pioneer who built the first XML-based server. The company just received an enormous investment from a US venture capitalist and was in the beta stage of development. It was reported then that Microsoft was very interested in Xcerion XIOS/3.

Historically, XML comes from SGML, an ISO standard. XML is a free open standard, however, there are two US patents on the application of XML though not (yet) enforced in litigation.

One of XIOS/3's selling points is that they are making the computing process visual or graphical so you won't need any knowledge of programming. XML is perfect for this, because the mark-up language allows the separation of logical and physical structures (elements and entities), the separation of data and metadata (elements and attributes), and the separation of processing from representation (processing instructions) - among other things. In the implementation of the technology for documents, XML is seen as having great potential for electronic data to be revisable and reusable independent of its format.

In XIOS/3, XML is demonstrated as having great potential for creating "social software." This is interesting because the technology's ability to separate content, structure, semantics and presentation is the driving force of this 'socialization.' This means that there is a social-ideological dimension inherent in the technology.

I am not saying that XML is bad or "social" or whatever. My critical position is more towards the concept of language in computers and in society. XML is an example of a language that exploits the enforced perception of dissonance between form and content, a perception that is not so easy to enforce through programming languages.

XML as a solution to interoperability reneges on interoperability's other necessary condition: the re-engineering of legacy systems, the greatest challenge for the problem of lock-in and true interoperability. These inter-related problems cannot be addressed through mark-up web-based solutions that provide front-end support for data because these only offer legacy enablement.

The solution, I think, is broad integration of processing and representation in data creation and management, and this might be more conceptually possible through modeling languages. This is also a technology more ripe for the innovation of new capabilities outside of legacy systems and more integrated with a deeper understanding of enhancing relationships between workflow and data hierarchies.

The problematique of language also offers an alternative appreciation of the problem of citizens representation in the standards-setting and similar democratic process: what really establishes a standard? An ISO/IEC vote or the consensus of implementation based on understanding? The vote by national delegation will always be subject to manipulation unless the transparency of processing and representation is ensured. What might be the most open and democratic language for achieving this?

Even if we solve the problem of monopoly and have achieved true interoperability, another monopoly will emerge, more pernicious than the previous: a monopoly on the way we think. This is where GPL poses a most critical principle that could establish the basis for standards within the Information Technology sector. The MSOOXML fast-track serves a challenge to society's determination to transform.

Resources:

MSOOXML and the EU

Microsoft Under Third EU Investigation for OOXML
http://www.informationweek.com/news/showArticle.jhtml?articleID=20610695...

EU investigating OOXML in Poland
http://polishlinux.org/poland/possible-manipulation-around-ooxml-process...

Anomalies in Norway
http://boycottnovell.com/2008/04/19/norway-oxml-true-story-on-moox/

Norway official protest
http://www.informationweek.com/news/management/showArticle.jhtml?article...

New OOXML scandal, leaked email surfaces in France
http://www.groklaw.net/article.php?story=20080418111340426

MSOOXML defective

JTC1-SC3 leader admits MS Office 2007 fails ISO OOXML conformance tests
http://www.groklaw.net/article.php?story=20080421091129596

OOXML is defective by design
http://ooxmlisdefectivebydesign.blogspot.com/

20 good reasons to disapprove OOXML
http://www.noooxml.org/open:rejectooxmlnow

Red Hat opposes OOXML
http://www.press.redhat.com/2008/03/13/red-hat-opposes-ooxml/