Open Source, Not Vendor Lock-in: Why India Must Stand by FOSS

The recent news in The Hindu that government email systems have migrated from open -source, government- hosted platforms to the proprietary Zoho Mail has reignited an important debate about software freedom and digital sovereignty in India. The issue goes far beyond the choice of a mail platform, it’s about the very principles on which India’s technology ecosystem should be built.

A Step Backward in Digital Sovereignty

For years, India’s digital policies have emphasised the use of Free and Open Source Software (FOSS) for e-governance, precisely to ensure strategic control, transparency, and cost efficiency. Shifting from open systems to proprietary, vendor- locked software, even when the vendor is Indian, represents a regression from those values.

There is no real difference between proprietary software made in India and that made abroad when it comes to user freedom and control. Whether it’s Microsoft or Zoho, proprietary software locks the user into a single vendor’s ecosystem. Even if Zoho hosts its services on government servers, the government still has no access to or control over the core source code. This means that the nation’s digital infrastructure remains dependent on the policies and priorities of a private company, not on the collective technological sovereignty of the Indian state.
Debunking the “Security” Myth

A particularly concerning aspect of the recent discourse is an anonymous official’s claim that open-source software “poses security risks.” This statement is both misleading and contrary to global evidence.

In fact, FOSS is inherently more secure because it is open. The source code is publicly available for review by thousands of developers and security researchers worldwide. Vulnerabilities, when found, are rapidly fixed by a distributed global community. This “many eyes” model of transparency creates a self-c orrecting security ecosystem.

Proprietary software, on the other hand, operates on security by obscurity, users must trust the vendor blindly, without knowing what’s running under the hood. If a flaw exists, only the vendor can detect, admit, and patch it, often on their own timeline. History is filled with examples of major data breaches in closed- source systems that went undetected for months or even years.

Ironically, by abandoning open systems in the name of “security,” we may actually be making our digital infrastructure less secure.

Kerala’s Example: The Power of Open Source

Kerala stands as a living example of how FOSS can be effectively integrated into public systems. From the early 2000s, Kerala became the first Indian state to mandate the use of open- source software in its schools through the IT@School (now KITE) initiative.

This transformation did not happen by accident. It was the vision and political will of the Left Democratic Front (LDF) governments, especially under E K Nayanar and later V S Achuthanandan, that laid the foundation for this movement.

Former Kerala Chief Minister V S Achuthanandan with Dr Richard Stallman, founder of the global free software movement

Under Chief Minister Nayanar, Kerala began exploring technology as a public good, not a commodity. His government’s early openness to free software ideas created the first institutional dialogues around using Linux in education. Later, under V S Achuthanandan’s leadership, Kerala formally embraced FOSS as state policy. It was during his tenure that the International Centre for Free and Open Source Software (ICFOSS) was established, and the state’s education system fully migrated to open-source platforms.

This visionary policy not only saved the state hundreds of crores in licensing costs but also empowered a generation of students, teachers, and technologists to innovate with freedom.

Community groups like Swathanthra Malayalam Computing (SMC) and state -backed institutions like ICFOSS continue to build on that legacy, contributing to global FOSS projects while strengthening local language technology and digital inclusion.

Freedom Over Ownership

The concept of software freedom is often misunderstood. It’s not about “free as in price,” but “free as in freedom.” It ensures the user’s right to run, study, modify, and share software. These freedoms foster innovation, local capacity building, and technological independence.

When governments adopt proprietary solutions, they sacrifice these freedoms for convenience, losing transparency, flexibility, and long-term control in return.

India at a Crossroads

India’s Digital Public Infrastructure, from UPI to DigiLocker, has earned global praise for being open and interoperable. Continuing down this path requires strengthening our commitment to open standards, open data, and open source.

By shifting to proprietary systems, we risk contradicting the very foundation that made these digital initiatives successful. Vendor lock-in, once normalised, becomes costly to undo, both financially and strategically.

The recent move toward proprietary platforms like Zoho should prompt serious reflection within the government. Open source is not an ideological choice; it is a practical one, ensuring transparency, cost-effectiveness, and long-term national security.

The FOSS movement, which Kerala has championed for over two decades, represents the true spirit of Atmanirbhar Bharat: not in slogans, but in practice. From the progressive vision of leaders like E K Nayanar and V S Achuthanandan, Kerala showed that technology can be people-centric, inclusive, and free from corporate dependence.

India should take inspiration from that model, not move away from it. True digital independence doesn’t come from owning servers or licenses; it comes from owning the freedom to build, inspect, and innovate. Let us uphold that freedom.

(Author is the founder of Faircode)