We All Depend on Open Source. One Country Should Not Hold The Keys To Defending It.

A coordinated effort to secure Open Source is overdue. But routing the world’s most sensitive security data through a single jurisdiction recreates the very weakness it sets out to fix.

 

About three weeks ago, a United States export-control directive ordered the suspension of access to two frontier artificial intelligence models - models, whose defining capability was finding software vulnerabilities at scale - for any foreign national, whether inside or outside the United States. There was no exemption for allies or partners. NATO members were not carved out. The company involved had no choice but to comply, switching the capability off for everyone within hours.

In an immediate response, a new initiative has been announced to coordinate the full vulnerability remediation lifecycle. It’s a serious response to a real emergency. AI has not only collapsed the cost of writing software to near zero, it has also collapsed the cost of finding and weaponising software vulnerabilities. Finding a serious flaw in a major project used to take an expert weeks. It now takes a machine minutes. While identifying vulnerabilities is one side of the coin, managing and mediating them is the other side: Maintainers around the world, who watch over the Open Source software backing our banks, hospitals, or power grids, are being overwhelmed. A coordinated effort to pool that defensive work—to deduplicate, prioritise and remediate vulnerabilities across sectors, and to fund the unglamorous maintenance that critical infrastructure quietly depends on—is overdue.

But how a project is governed matters as much as its existence itself. The question is not whether this coordination should exist, but how it will be governed. Under the current design, it will assemble what may become the most security-sensitive dataset in the world: A single repository of known Open Source vulnerabilities, with member organisations granted early, confidential access before fixes are public. It is reasonable to expect that the repository will be domiciled in the United States, that it will sit under US jurisdiction, and potentially within reach of US national-security authority.

We have just been shown, in the most direct way possible, why that should concern every stakeholder and every government outside Washington.

A live demonstration, not a hypothetical

The export-control suspension was not a thought experiment. It was a live demonstration that a single gateway cannot govern a distributed commons. Open Source is not a product shipped from one place; it is a global, federated software development model —millions of contributors, thousands of independent projects, maintainers on every continent, dependencies that cross every border. Its resilience is a direct function of that distribution: In similar fashion to the distributed network that builds today’s Internet infrastructure, there is no single point of failure, no single owner, no single switch. To channel the remediation of its vulnerabilities through one central repository under one jurisdiction means to contradict the very architecture that makes Open Source trustworthy in the first place—and to manufacture precisely the single point of failure that the distributed model was built to avoid.

The coordination is necessary, the centralisation is the flaw: Its governance should mirror the basic architecture of Open Source and the global commons. A distributed commons calls for federated stewardship—interoperable nodes coordinating through shared best practices, not a shared gatekeeper. Only a federated stewardship model can ensure that disclosure and remediation actually flow across the network at the pace of the threat, with no one jurisdiction, company, or server able to decide who gets to defend themselves and when.

And the export-control suspension was not the first warning. The Common Vulnerabilities and Exposure programme - the naming system on which virtually the entire vulnerability-fixing ecosystem sits - is run by a single US non-profit on sole-source US government funding, and last year it came within days of going dark when that funding nearly lapsed. The problem was not an attack but an ordinary budget cut - in other words, a single government decision. The effect would have been global. 

Two examples, two different mechanisms - export control in one case, budget adjustments in the other - pointing to the same structural fact. One single entity or government should not hold the keys to our shared global infrastructure.

Three precedents, one lesson

The immediate European answer could be to build a rival: A regional repository, a European gateway, a sovereign alternative. Similar to the reaction in the months after the funding scare, when both the EU and a separate international coalition stood up their own vulnerability-identifier systems, the EU could build a continental initiative. That instinct is understandable, but it won’t solve the problem of a missing distributed governance model. A fragmented commons is a weaker commons, and a defensive map split along jurisdictional lines will only support attackers. 

The lesson is not that these regional systems and initiatives should not exist. The lesson is that regional initiatives must federate rather than integrate actions into one single initiative - and that requires a shared, neutrally governed layer beneath them, not a gatekeeper in each capital. The world has dealt with shared, borderless, dangerous-when-misused resources before, and the durable answer has never been fragmentation. It has been a public–private partnership anchored on neutral ground.

Interesting examples to learn from include radio spectrum, nuclear technology, and life-saving pharmaceuticals. None of these resources are governed or managed perfectly, and especially in the nuclear context, there are arguments to consider it a failure. Still, all of these examples are worthwhile to revisit.

Radio spectrum—finite, invisible, useless if everyone transmits at once—has been governed since 1906 not by a world government but by a shared treaty under the International Telecommunication Union. The idea was not to create a world government for airwaves: Sovereign states kept the right to license their own users. What they ceded was the right to cause harmful interference across borders, and they accepted a shared treaty, a common register of frequency assignments, and a standing process to de-conflict competing claims.  

Nuclear technology, the hardest case because the same capability that powers a city can kill an entire nation, was brought under the "Atoms for Peace" bargain and the International Atomic Energy Agency: States gained guaranteed access to peaceful applications in exchange for accepting safeguards and inspection, with a neutral agency holding both halves together. Notably, the United States originated that regime and convened it—but the institution was domiciled neutrally in Vienna and governed multilaterally. The originator was not the owner.

Life-saving medicines locked behind patents were made accessible not through expropriation but through the Trade-Related Aspects of Intellectual Property Rights (TRIPS) public-health flexibilities and pooled, tiered access administered neutrally, so a private innovator kept its rights while public authorities guaranteed access on non-discriminatory terms.

Three different technologies, three different crises, one recurring structure: A public-private partnership model, whereby the public side supplied the rules and the access guarantee, the private side supplied the substance and kept control of it, and a trusted intermediary—domiciled on neutral ground—held it steady. None of these required inventing a new sovereign. And all of them refused to let the most powerful participant also be the gatekeeper. None of them has proven perfect, but they can serve as case studies to help find a solution to the current software security emergency.

A constructive way forward

This is not a call to abandon the work that has begun - it is a call to finish the design. The structural observation and the historical perspective point in the same direction: The effort needs a governance framework built around it. The ask is to build a permanent, resilient, and sustainable model on the institutions we already have - public bodies that can supply legitimacy and an access guarantee, private capability providers who supply the engineering substance, and a distributed network of Open Source stewards to coordinate and share practices. 

Three commitments would turn a promising announcement into a durable effort: First, charter it as a multi-stakeholder partnership rather than a single-entity repository, with federated nodes that interoperate through shared disclosure practice. Second, adopt a binding non-discrimination commitment for access to AI-assisted security capabilities, so that no export directive or other national instruments can switch off the peer review and defence of code on which the whole world is based. Third, build the maintainer-support and disclosure coordination functions on neutral institutional ground, where the custody of embargoed vulnerabilities is governed multilaterally rather than held at the discretion of one state or one company.

With that in mind, the structural observation described above and the historical reflection are meant as an invitation to think beyond the newly announced initiative and to consider a governance framework built around it. The window to get this right is open now, but it will not stay open forever. We can secure the global commons together - provided we do not, in the act of defending it, allow one single jurisdiction to decide who gets to be safe.