In one of her first tasks as Taiwan’s digital minister in late 2016, Audrey Tang—hacking prodigy, civic activist, and world-renowned developer—recompiled the Fedora Linux kernel. The old version didn’t support containers, and would thus be incompatible with Sandstorm, an open-source platform that enabled developers to build productivity apps, which users could self-host with the guarantee of security and the promise of pliability.
Tang had been following Sandstorm’s progress since 2014, when she was among the largest donors to a crowdfunding campaign by cofounder Kenton Varda to push it into production; she also maintained EtherCalc, a collaborative spreadsheet app hosted on the platform. Sandstorm, she knew, containerized apps based on data, which enabled an especially high degree of individualized security. For example, each document in Etherpad, a Sandstorm app for collaborative document editing, lives in its own isolated container called a “grain.” The frontend and database for that document live within the same grain. With apps containerized and sandboxed in this manner, a malicious or bug-filled app in one grain doesn’t affect the rest, attacks on the server become harder, the underlying Sandstorm platform handles logins and permissions, and the user is effectively guaranteed security from the get-go.
These container-enabled features were just what Tang needed to tackle the mammoth project in front of her. As digital minister, she was tasked with creating an online platform to share updates about the government’s ongoing work and actively engage with the public on policy matters. The goal was to help move the country into an age of digital democracy built on the tenets of transparency, accountability, and open dialogue between public officials and the people they serve. Any platform developed for this purpose had to be secure against infiltration and robust enough to power this virtual democratic experiment. Sandstorm appeared to fit the bill.
Tang decided to purchase and self-host the platform, harnessing it to power Taiwan’s move to digital democracy.
Tang commissioned a comprehensive security review—one can never be too cautious—and over the course of six months, Devcore, a team of top-notch security researchers in Taiwan, scrutinized Sandstorm’s code and put the platform through its paces. Sandstorm easily passed the tests. A couple of minor glitches needed fixing to strengthen email address validation and prevent server-side request forgery, which Varda addressed. Tang also requested a custom feature that would allow users to easily and securely connect one grain to another or connect a grain to the internet. Varda completed the build of this feature, called the “powerbox,” in early 2017.
Internally, however, all was not well at the company. Sandstorm had raised $1.3 million in seed funding in 2015, but struggled to establish a user base and a revenue stream. After failing to raise a Series A funding round, the project was on the verge of collapse.
Tang was determined to seize the opportunity Sandstorm presented, even after the company folded within weeks of developing the powerbox feature. Following Sandstorm’s closure, only Varda remained, maintaining the open-source community and pushing updates to the platform for those still self-hosting it on their own servers. Instead of walking away, Tang decided to purchase and self-host the platform, harnessing it to power Taiwan’s move to digital democracy.
Change was afoot in Taiwan’s government in 2016, as it was in Taiwanese society as a whole. In 2014, the Sunflower Movement had seen thousands of students and civic groups occupy core government buildings in peaceful protest, triggered by the ruling nationalist Kuomintang (KMT) party’s attempt to force a sweeping trade agreement with mainland China through the parliament without allowing for scrutiny or discussion. Tang played a pivotal role in the protests, using her phone as an uplink connection to help protestors broadcast the events in real time. Along with civic hackers from an organization called g0v (pronounced “gov zero”), she linked multiple occupation sites through a secure intranet connection and helped broadcast the events happening inside online—as well as onto the walls of the parliament building, using projectors. What followed over the next 20 days was a matter-of-fact public dialogue about the minutiae of the trade agreement.
The Sunflower Movement introduced Taiwan’s citizenry to tools typically used by software developers, illustrating that with a few strategic modifications, they could be harnessed to serve a broader purpose. The movement showed “Taiwan’s digital democracy is a work in progress,” Tang says, “taking place peacefully across multiple platforms managed by the government and public citizens who identify as civic hackers.”
Indeed, since 2012, the civic hackers within g0v had worked to “fork the government” by building digital tools that help disseminate, clarify, and personalize government policies for the general public. The Sunflower Movement thrust them into the spotlight. So deeply was Taiwanese democracy affected by this tech-powered movement that Jaclyn Tsai, the digital minister under the KMT government, joined Tang and g0v at a hackathon. There, she proposed developing a platform that could facilitate policy discussions between polarized online communities. One month later, g0v released vTaiwan, a discussion board that enables public servants and citizens to discuss matters pertaining to digital policy.
It was “the first time a minister became a hacker and a hacker became a minister.”
When the Democratic Progressive Party (DPP) won the next election in 2016, Tang assumed Tsai’s role. It was, as Tsai puts it, “the first time a minister became a hacker and a hacker became a minister.” From the start, Tang’s goal was to expand vTaiwan into a full-fledged platform that would bring public servants at all levels of government and their constituents into a single, shared digital space. By holding policy discussions online, people too young to vote and those from underrepresented or rural communities would have a voice beyond the ballot box. Tang envisioned a platform that would support inclusive participation, where, she says, “best-of-breed civic tech could be incorporated as government tech with minimal effort, while safeguarding privacy and cybersecurity.”
It was Sandstorm’s cybersecurity guarantees to civic developers that initially drew Tang to the platform. After carrying out its security review, Devcore wrote that the platform’s fundamental design rationale—“to assume that every app installed is malicious”—made its defense mechanisms “comprehensive and watertight.” Containerizing every app in its own sandbox ensured no threat could be posed to Sandstorm’s servers, and leveraging the hostname randomization made possible by the Linux kernel’s namespaces feature mitigated common client-side attacks.
Furthermore, the powerbox feature Tang had requested enabled the platform to connect one grain to another, or to an RSS feed or online link, through a capability-based security model. Both Tang and Varda prefer capability-based security over the more commonplace access control lists for its usability advantages. Because users aren’t required to explicitly specify hostnames, IP addresses, or access credentials, the platform is intuitive to use, regardless of a person’s technical savvy. It also allows for easier document sharing, whether between specific government officers, with the internal ministry, across ministries, or with the public at large.
Following Sandstorm’s security review and Varda’s completion of the powerbox feature, the next step was to repurpose the platform for open government communication and drive adoption. To accomplish this, Tang sought to onboard public servants at every level of the government by establishing a network of participation officers, government volunteers and appointees who would evangelize Sandstorm as a way to build a transparent work culture within their own ministries. Not all ministers were tech savvy—certainly, everyone was new to this open government experiment—but Tang believed they could be eased onto the platform one app at a time. They started with Sandstorm’s Rocket.Chat app, a Slack equivalent. Next, ministers were introduced to the Davros app, a counterpart to Dropbox. “We learned to work out loud using free software like Rocket.Chat,” Tang says. “We have a team of participation officers in every ministry [to help replicate] this work style.”
Taking their commitment to transparency seriously, when the outgoing cabinet left office, it uploaded a checkpoint document listing the details and status of all ongoing policy work to the public internet rather than handing it to the incoming cabinet. The incoming cabinet then downloaded the document for its own reference. Such agendas and catalogues, including transcripts of every meeting, would continue to be made available online, powered by Sandstorm’s Etherpad and EtherCalc apps.
Real-time transcriptions of the majority of meetings, speeches, and press interviews have also been released online, thanks to contributions from over 6,000 volunteers and a translator app written by Tang. Published onto the SayIt platform, an open-source tool for making transcripts accessible, each has its own link and is available for anyone to view in context. Join, an app similar to vTaiwan, facilitates discussion beyond digital policy matters.
On vTaiwan and Join, public discussions are held using a tool called Pol.is, which is not part of the Sandstorm platform. Pol.is allows people to post statements that others can vote to agree or disagree with, and based on these responses, Pol.is creates visual maps that illustrate clusters of consensus. (Direct replies aren’t allowed, so trolling and abuse can’t derail the process.) This visual structure gamifies the process of consensus building, incentivizing users to craft nuanced statements capable of breaking free of echo chambers. Hackfoldr, a tool built by g0v, uses EtherCalc to collect and publicly share links pertaining to a policy discussion, including comments from meetings captured on the SayIt platform and poll statements from Pol.is. Government officials can leverage this living body of data to inform policy decisions.
The tools that make up the open government platform are intended to reach across political and ideological divides to seek rough consensus, rather than unanimity, on contentious issues. This is not without its challenges; Taiwan faces the same disinformation and misinformation campaigns that plague the internet at large, and it too grapples with political polarization. The idea, though, is to use a suite of open-source tools to share accurate information and enable a new mode of discourse between public servants and their constituents.
During the COVID-19 pandemic, for instance, Tang proposed building a mask-rationing system based on the available data on the number of masks pharmacies nationwide had in stock, and released this data to the public using an open API. In response, civic hackers created over 140 apps, including real-time maps that showed which pharmacies had supplies and fact-checking services to counter misinformation. By inviting public feedback, moreover, the government was able to refine its policies, including widening mask distribution to convenience stores to reach people who lacked access to pharmacies.
“Democracy is a living social technology that’s still evolving.”
Taiwan has a natural advantage when it comes to using technology to power its democracy. There’s “a lot of innovation on civic legislation and social media because [the country] is very tightly bound,” Tang says. “Pretty much everybody is online, and everybody understands more or less the same language, so it’s very easy for ideas to spread.” Taiwan also enjoys high civic participation: In a nation of 23 million people, the Join platform alone has had well over 10 million unique visitors.
“Democracy is a living social technology that’s still evolving,” says Tang. So, too, are the tools that power it. In the four years since they adopted Sandstorm, Taiwan’s public servants have enriched its ecosystem. A simple lunch ordering app developed in-government is used by ministers on a daily basis, as is CodiMD, a real-time markdown editor used on the Talk page, where citizens or journalists can post questions and receive direct answers from officials. In this way, the open government platform continues to adapt to meet the challenges Taiwan’s government and its citizens face together.
Oftentimes, governments have no choice but to be late adopters of new technology; there’s generally little incentive for developers of SaaS apps to meet their strict security requirements. And yet, Taiwan’s government found a felicitous match in Sandstorm. Although it no longer exists as a for-profit company, Sandstorm’s unique approach to containerization by data had a ripple effect that continues to be felt in the country today. Tang goes so far as to describe Sandstorm as “essential public infrastructure”—ubiquitous and critical to Taiwan’s open government platform, its value as impossible to quantify as that of HTTPS.
Secure, open-source software has thus enabled Taiwan’s public officials and civic hackers to collaborate on the creation of tools that promote transparency, inclusive participation, and accountability in government processes. In this way, free software is helping to bridge the gap between government and citizenry.
There’s a strong incentive for governments to invest in promising software projects, as Tang did. “Now it’s part of democracy infrastructure,” she says, “not just IT infrastructure.”