Abstract
The global economy’s digital infrastructure is based on free and open source software. To analyse how firms indirectly collaborate via employee contributions to developer-run projects, we propose a formal definition of ‘industrial public goods’ – inter-firm cooperation, volunteer and paid labour overlap, and participation inequality. We verify its empirical robustness by collecting networks of commits made by firm employees to active GitHub software repositories. Despite paid workers making more contributions, volunteers play a significant role. We find which firms contribute most, which projects benefit from firm investments, and identify distinct ‘contribution territories’ since the two central firms never co-contribute to top-20 repositories. We highlight the challenge posed by ‘Big Tech’ to the non-rival status of industrial public goods, thanks to cloud-based systems which resist sharing, and suggest there may be ‘contribution deserts’ neglected by large information technology firms, despite their importance for the open source ecosystem’s sustainability and diversity.
Introduction
Free and open source software (FOSS) created in self-governed online projects is ubiquitous: a survey of 1200 information technology (IT) professionals found that 92% of applications contained open source libraries (Szulik, 2018). IT firms are paying developers to produce FOSS, although significant areas of the FOSS universe retain a hobbyist community character, relying on volunteer labour. This workforce comprising employees and volunteers and these hybrid commercial and communal social worlds and value systems defy traditional categorisations. How can we define and measure the production of open source software, which is at the heart of contemporary digital society? The concept of ‘industrial public goods’ has been advanced as a solution. Its origins lie with economists Paul M. Romer and Zvi Griliches’ (1993) proposal to institute ‘self-organizing industry investment boards’ to fund non-rival goods (a resource is deemed non-rival if, for any level of production, the cost of providing it to an additional user is zero). This proposal was intended to address the classic collective action problem posed by non-rival goods: some actors may decide to ‘free ride’ and benefit from others producing non-rival goods, without contributing anything in return. Since then IT firms have indeed self-organised to participate in the production of non-rival FOSS. French sociologists (Alcaras, 2020; Jullien and Zimmermann, 2013) used Romer and Griliches’ (1993) original proposal of inter-firm cooperation to analyse how firms actually co-produce FOSS. This latter definition of ‘industrial public goods’ was based on traits such as developers appropriating the means of production and controlling technical expertise, the existence of an overlap between paid and volunteer work, and the value of non-commercial production being recognised. Building on this work, we suggest that firms now cooperate both directly (e.g. via firm-sponsored entities such as the Linux foundation) and indirectly (via employee contributions to developer-run projects). While the concept of ‘industrial public goods’ seems to fit this indirect co-production of open source software, it has yet to be formalised and empirically validated. In this article, we map contributions to GitHub open source repositories as the means to explore the fitness of this concept. We suggest that industrial public goods satisfy three criteria: firms indirectly cooperate to produce non-rival goods; contributions are highly unequal and there exists an overlap between paid and volunteer work. We first seek a clearer understanding of how much firms are engaging with FOSS. Our first research question is:
RQ1. Which firms contribute the most to FOSS projects, and which projects most benefit from firm investments?
We present an empirical study of the network of connections between firms and projects within a subset of highly active repositories in the popular GitHub code sharing platform. We collect the email addresses of the committers (or contributors: a ‘commit’ is a source code change) to a selection of GitHub repositories and use corporate email address domains (e.g. @microsoft.com) as a proxy for paid employment by firms. In particular, we focus on the question of collaboration between nominally competing firms, and our second research question is:
RQ2. To what extent do firms collaborate?
Analysing contribution patterns evokes another trait, noted since the origins of FOSS (Hill et al., 1992): contributions to FOSS are often found to be unequal, that is to say, concentrated in the hands of a few hyper-productive participants. We posit that the production of industrial public goods will be similarly unbalanced, and our third research question is therefore:
RQ3. To what extent are contribution patterns unequal?
Finally, we address the relationship between paid and unpaid work during open source software coproduction by focusing on the amount and timing of paid and volunteer contributions, and our fourth research question is as follows:
RQ4. To what extent do individual firm employee and volunteer contribution patterns overlap?
We analyse our GitHub dataset using content- and network-analytical methodologies and find that our definition of ‘industrial public goods’ is validated by our data. We uncover firm industrial strategies in the shape of ‘free riding’ and of ‘contribution territories’ whereby employee contributions of the two most central firms in our network never co-occur in the top-20 repositories.
Background
Evolution of firm engagement in FOSS
The benefits of FOSS are now orthodoxic in the IT industry. How did FOSS come to occupy this position, given it was originally perceived as a major threat by firms because of licences such as the General Public Licence (GPL; ‘copyleft’), which contradicted traditional understandings of intellectual property (IP)? This section summarises the evolution of IT firms in this respect. Microsoft is particularly notable, as its early antagonism to free software was well-known: in 1998, a leaked Microsoft report, the ‘Halloween memo’, recommended the following strategy: OSS projects have been able to gain a foothold in many server applications because of the wide utility of highly commoditized, simple protocols. By extending these protocols and developing new protocols, we can deny OSS projects entry into the market.
In other words, the memo advocated adopting open standards and protocols and then modifying them – possibly proposing new features, but mostly making Microsoft versions incompatible with free versions (Rosenberg, 1998), a model variously referred to as ‘embrace, extend, extinguish’ or ‘copy and corrupt’. Twenty years later, in 2018, Microsoft joined the Open Innovation Network, a ‘defensive patent pool and community of patent non-aggression’ aiming to protect Linux and related packages, signifying that Microsoft renounced extracting value from violations of their patents that may occur in open source products. 1 That same year, Microsoft also bought GitHub for US$7.5b. Still in 2018, IBM acquired Red Hat for US$34m, and Google adopted Debian as the base for its internal operating system. IBM’s engagement with FOSS in the early 2000s inaugurated a larger corporate movement to translate FOSS principles into a neoliberal language of market agility, consumer choice and an ‘improved bottom line’ (Coleman and Hill, 2004). The adoption by IT firms of open source licences subsequently enabled the full integration of FOSS into the IT industry. This constituted an evolution between what Broca (2018) defined as Microsoft’s ‘informational capitalism’ – in which the firm seeks to protect the value of its closed proprietary systems – to Google’s more flexible ‘digital capitalism’ – whereby the firm integrates the commons into its business model and prioritises mobile and cloud business models using big data and artificial intelligence (Rikap and Lundvall, 2020; see also Birkinbine, 2020; Lund and Zukerfeld, 2020). Another integrating factor was the creation of online platforms such as GitHub (in 2005) and Stack Overflow (in 2008). Stack Overflow has become a key resource for mentoring and advice, while GitHub facilitates large-scale collaborative development. Finally, open source’s adoption by firms was facilitated by the emergence of key mediating entities or ‘boundary organisations’ (O’Mahony and Bechky, 2008), chief among which is the Linux Foundation. This Foundation was originally created in 2000 to employ Linux’s creator Linus Torvalds to prevent him from being attached to a single firm which would thereby gain inordinate influence. It has become a key hub of software interoperability and firm-project coproduction; its growth has been described as ‘extraordinary’ (Biddle, 2019).
Paying for FOSS: research and mapping
Researchers have investigated developers being paid to produce FOSS in various guises. The question was initially addressed via developer motivation, which can be intrinsic, such as self-fulfilment, or extrinsic, such as financial gain (Alexy and Leitner, 2011; Krishnamurthy et al., 2014). Krishnamurthy (2006) noted that FOSS had a ‘diversity of project structures, diverse employment arrangements, co-existence of corporations and communities and co-existence of the creative and commercial elements’ (p. 25). By co-producing code with communal projects, firms are engaging in external collaborations with an ‘unknown workforce’ without the usual guarantees – in terms of delivery dates, for example – provided by contracts (Ågerfalk and Fitzgerald, 2008)
The employment of FOSS developers has also been addressed in terms of its impact on projects. For Mansell and Berdou (2010), workers being paid by firms to contribute to the commons does not affect the ‘cooperative spirit’ of communal projects. O’Neil et al. (2020) examined the institutional logics of firms and projects, arguing that the integration of the commercial logic of firms with the communal logic of the Debian project required rhetorical legitimation: firm employees invoked developer self-fulfilment, irrespective of whether the work was paid by a firm or not. Butler et al. (2021) examined the type of contribution made by firm employees to communal projects, distinguishing between bug reporting, feature requests, support (seeking or providing help) and other activities such as documentation or governance.
In terms of size, Mansell and Berdou’s (2010) examination of GNOME found that 75% of ‘core’ modules were maintained by developers affiliated to firms. Riehle et al. (2014) found that 23% of authors working on the Linux kernel were paid for their work, as were between 10% and 20% of developers in GNOME, Netbeans IDE, KDE and KVM. These authors based their analysis of the proportion of paid and volunteer work in projects on the time of commits to Linux – were these made during ‘business hours’ or not? – and estimated that approximately 50% were paid. As concerns the evolution of this relationship, they suggested that the number of paid developers remains stable overall as work during leisure time is higher in new projects, and work during office hours higher in more established projects. Claes et al. (2018) criticised Riehle et al.’s (2014) approach, arguing that considering any commit made on a weekday between 9 am and 5 pm as paid work, and work outside this timeframe as voluntary work, ‘completely ignores unemployment, flexible working hours and overwork’ (p. 437). While this critique has validity, we contend that the time of commits is a valuable heuristic which should not be discarded. That being said, a limitation of Riehle et al.’s (2014) analysis of paid labour is that they do not examine in detail which firms are contributing to FOSS development by paying employees. As noted by Eghbal (2016), ‘With better metrics, we could describe the economic impact of digital infrastructure (. . .) Right now, it is impossible to say who is using an open source project unless that person or company discloses their usage’ (p. 129). Although we propose to explore contributions by firms to open source, while Eghbal is referring to firm use of open source (which can occur with zero contributions, aka ‘free riding’), both these approaches agree that firm involvement in open source is under-documented. Indeed the literature on industrial public goods also calls for concrete, quantitative evidence about the scale of firm involvement (Alcaras, 2020). We address this question by collecting commit data automatically from GitHub, but instead of starting with the time of commits, we first analyse the professional email addresses of committers. We now present how our GitHub dataset was built.
Dataset and methodology: GitHub commits by firm employees
Created in 2008, GitHub is a code hosting platform based on the Git version control system which makes participation levels in FOSS projects highly visible. It has grown to become the most popular FOSS collaborative development platform, hosting more than 200 million repositories, becoming the ‘cultural epicenter’ for open source’s explosive growth (Eghbal, 2016: 50).
Between early 2015 and mid-2019, the period of our study, approximately 10 billion commits were published on GitHub.
2
However, these numbers are deceptive. Kalliamvakou et al. (2014) found that despite being nominally oriented towards ‘social coding’, the number of committers per GitHub repository is highly skewed: 72% of repositories have one committer, 91% have two or less and 95% have three or less. They conclude that perhaps the biggest threat to validity to any study that uses GitHub data indiscriminately is the bias towards personal use. While many repositories are being actively developed on GitHub, most of them are simply personal, inactive repositories. (Kalliamvakou et al., 2014: 100)
For this reason, we targeted a restricted number of highly active repositories. By ‘committers’, we understand the original contributors (‘commit authors’ in Git terminology), not the maintainers who review contributions (‘commit committers’ in Git terminology). Our GitHub commits dataset was constituted between 1 January and 31 May 2019. One hundred thirty-five GitHub repositories were selected in three ways: (a) top-42 repositories by number of committers, commits and forks listed in the Open Source section of GitHub’s annual ‘Octoverse Report’ (1,934,848 commits, November 2015 to October 2018); 3 (b) top-45 repositories from the Technology section of the Stack Overflow (a popular Q&A site for software developers) Developer Survey (596,538 commits, January 2016 to December 2018); 4 and (c) finally, 48 most active repositories self-identifying as Open Source via GitHub tags by number of commits and stars were collected in May 2019 by the authors (293,304 commits, from their date of creation to 30 April 2019). 5
We collected commit information from these 135 repositories via GitHub’s REST API v3 with R, using packages such as httr, httpuv and jsonlite in May 2019. In total, 113,614 committers with 26,459 unique email domains contributed 2,824,690 commits to these 135 repositories between 1 January 2015 and 31 May 2019. Using a professional email address while contributing to an FOSS project signals that a developer is being paid to produce FOSS (O’Neil et al., 2020). Committers with an email address such as @google.com or @microsoft.com were classified as working for a firm. 6 ‘Foundation’ comprises addresses such as @linux.org and @php.net. ‘No affiliation’ comprises email address domains such as @gmail.com and @users.noreply.github.com. ‘Researchers’ comprises @***.edu and similar addresses. ‘Individual developer’ comprises addresses related to committers’ personal identities such as @***.nl.
GitHub accounts allow users to commit with different email addresses. We analysed this feature using ‘group by’ (author and author email domain) and ‘count’ in the R package ‘dplyr’ functions to identify accounts using at least one firm email address and one non-firm email address to commit to the selected 135 repositories, regardless of whether they used Foundation and/or researcher and/or no-affiliation and/or individual email addresses.
Findings
Which firms contribute the most to FOSS projects, and which projects most benefit from firm investments? (RQ1)
Our first metric for industrial public goods is collaborative firm engagement in FOSS projects. Figure 1 provides a numerical count of the most active contributing firms and Table 2 a numerical count of the projects most-contributed to by firm employees. Microsoft was the lead firm contributor on GitHub during the 2015–2019 period (a strategy confirmed by their 2018 purchase of the platform).

Top-20 firm contributors (by number of commits) in 135 GitHub repositories, 1 January 2015 to 30 April 2019.
Table 1 presents a proportional breakdown of commits made by firm employees to repositories. For reasons of space, we only include the top 20. We note that Linux is by far the central node in this firm-project GitHub network. This is due to the historical importance of Linux, the first massively collaborative software project, and to the fact that a kernel is mandatory in both hardware machines and virtual machines in the cloud, making a high-quality open source kernel hard to avoid.
Number and proportion of firm employee commits in top-20 projects (by number of commits), 1 January 2015 to 30 April 2019.
To determine whether firm contributions are significant, we collected commit source lines of code (SLOC), a software metric used to measure the size of a computer program by counting the number of lines in the text of the program’s source code. Table 2 provides detailed insights into the extent to which firms contribute to free and open source projects. Only SLOC for the top-20 projects with the largest proportion of commits made by firm employees were collected.
Percentage of commits by firm employees, number and percentage of SLOC by firm employees and non-firm employees in top-20 repositories (by highest proportion of firm commits), 1 January 2015 to 30 April 2019.
SLOC: source lines of code.
Overall, SLOC contributed by firm employees are significant in volume, signifying that employees are not just gatekeepers harnessing volunteer effort: they do the actual work. In terms of specific projects, we note that Linux has significant non-firm contributions and that Kubernetes, which produces a popular open source solution for managing cloud infrastructure, has relatively few commits from firm employees (52%) but these contributions are more massive (82% of SLOC): volunteers contribute frequently, but to marginal sections of the product. Mono, though currently controlled by Microsoft, has strong community involvement, likely stemming from the project’s origins as a community-driven implementation of Microsoft’s .NET technology. PyTorch, a scientific machine learning project, has relatively few firm employee contributions, just like Tensorflow (Google’s machine learning framework). Contributions from researchers in these projects may be standing in for firm employee contributions; they could form the object of dedicated investigation in future work.
Apart from NixOS (2), Homebrew (3), PyTorch (18) and Apache Spark (19), which are community-managed projects, the top projects are either entirely developed by firms (via their employees) or managed by industrial consortia formed by firms with common market interests, whose boards are controlled by firms (e.g. by requiring high fee payments to join consortium boards of directors, the so-called ‘pay-to-play’ governance model). With rare exceptions, in contrast to community-driven projects, technical governance in those consortia-managed projects is not in the hands of developers but derive top-down from industry interests.
That the technical development of single-firm projects is directly controlled by the strategic interest of the controlling firm can be seen in Table 1 in the case of spring-projects (Pivotal, 89%), or vscode and dotnet (Microsoft, 72% and 71%). Diversity in terms of who-contributes-how-much is a factor to be taken into account when evaluating to what extent a project is controlled by a single firm, a group of firms, or a much larger group of stakeholders – as is the case for the Linux Kernel. Linux has by far the highest number of commits overall, 73% of which are authored by firm employees, and yet employees of the leading firm (Intel) only contribute 0.07% of commits (see Table 1).
To delve deeper into firm contribution patterns, we list in Table 3 the projects which the top-10 firms contribute to.
Contribution from top-10 firm contributors by number of commits to top-20 repositories (descending by number of commits).
SLOC: source lines of code.
In general terms, firms providing software and/or cloud services contribute to repositories which they initiated, and firms producing hardware mainly contributed to Linux. For example, Microsoft has its own kernel (Windows) and, has only started using Linux in-house in the last few years, so has little technical interest in contributing to this repository – this is marginally less the case since the introduction of Microsoft’s cloud product (Azure) which increasingly relies on Linux. Red Hat lies at the opposite end of the spectrum as its main activity consists in selling paid services to clients running Red Hat on servers (in most cases ‘metal’ servers, i.e. real hardware, instead of virtual servers). Hence, Red Hat has an interest in making sure Linux, the kernel it uses, runs well on hardware; the main way to make sure Linux runs well is contributing to the Linux kernel, which explains this firm’s high number of contributions. The quasi-entirety of Apple and Pivotal contributions go to single projects (swift/swift and spring/boot, respectively): 99% of the commits and SLOC their employees contributed went to these repositories. Despite adopting open source technologies early on, Apple is not helping to sustain top open source repositories. Table 3 enables us to understand which contributions can be said to correspond to a firm’s industrial strategy (e.g. when commits and SLOC number in the hundreds of thousands), and which are due to a developer’s hobby-like activity (e.g. when commits and SLOC number in the hundreds or dozens). We explore individual contribution patterns and firm cooperation in the following sections.
Before then, we need to consider another question: the role of automated agents or ‘bots’. If firm contributions are being made by bots, this would not change the technical involvement of firms in projects, but it would reduce their financial engagement, and the significance of human employees would need to be downplayed. We searched for well-known bots used in software development (Erlenhov et al., 2019) in our GitHub dataset and found commits made by two bots (‘dependabot’ and ‘greenkeeper’) which were used by non-firm employees. These two bots submitted 237 commits representing 2623 SLOC in total (amounting for 0.002% of total SLOC contributed by non-firm employees). We searched for users with email addresses containing ‘bot’ and ‘robot’, and, following Dey et al. (2020) we excluded false positives such as people’s names (e.g. ‘Abbot’) and company names which contain ‘bot’ or ‘robot’. This enabled us to identify 16 bots which generated 6,517,394 SLOC, representing 6.5% of SLOC submitted by firm employees and 2.8% of total SLOC. In short, bots have a minimal impact on the present study.
To what extent do firms collaborate? (RQ2)
We pursue our investigation of the fitness of industrial public goods as an analytical concept by examining how indirect firm cooperation (via contributions to developer-run projects) operates in practice. We list in Table 4 the top five firm contributors for the top-20 most active projects in our sample.
Top five firm contributors in top-20 repositories by SLOC.
SLOC: source lines of code.
Microsoft and Google, the most central entities in our firm network (see below), are ubiquitous, being present in 13 of the top-20 repositories, often as the leading contributors. The contributions of Microsoft and Google employees co-occur with significant contributions by employees of other firms (e.g. Intel, Red Hat, IBM). However, in the seven repositories where Microsoft is the dominant contributor, Google employee contributions are non-existent or close to zero, and the reverse is true of the six repositories where Google dominates: Microsoft employee contributions are always below 0.5%. This shows that these firms have clearly distinct ‘contribution territories’.
As for the seven repositories with low contributions from both Microsoft and Google: this absence can be attributed to the presence of a third-party competitor in the case of swift (Apple), PyTorch (Facebook) and servo (Mozilla), or to the repository’s niche character: nixpkgs is a GNU/Linux software distribution mainly popular in scientific contexts; godotengine/godot is a FOSS game engine, and Google and Microsoft are not heavily invested in the video game market (in any case players in that space have their own non-FOSS game engines); finally Elasticsearch is a software product used to index and search large amounts of documents, and Google have their own search solutions.
To further investigate firm cooperation patterns, we conducted network analyses of connections between firms and projects. Social network analysis quantitatively measures the behaviour of entities in networks as collections of nodes connected by ties. It also measures the degree to which networks are centralised and nodes are central. Two key measures of centrality are degree centrality, which measures a node’s number of connections, and betweenness centrality, which measures how much a node is likely to be in a favoured position (to the extent that the node falls on the shortest path between other pairs of nodes in the network).
Table 5 compares the two forms of centrality for the top-20 firms. Despite contributing far less in terms of volume of commits than Microsoft employees (see Figure 1), Google employees occupy the top position. This can be explained by the distribution of Google employee commits, which is more evenly spread out than that of Microsoft employees, as can be seen in Table 3. Despite contributing less overall, Google employees are thus co-contributing with a large number of other firm employees.
Centrality measures of one-mode network of firms with top-20 degree.
Another way to map connections between firms is to measure top dyads or pairwise connections between firms. Table 6 shows the top-20 connections between firms committing to common repositories. As in Table 4, Google and Microsoft are never paired. Red Hat and Intel, two other top firm contributors, collaborate with each other and with other leading firms such as Google, AMD and Huawei, but not with Microsoft.
Top-20 dyads by weight of tie in one-mode network of firms.
To what extent are contribution patterns unequal? (RQ3)
After firm cooperation, our second metric is contribution inequality. To address it, we map the connections between firms and repositories in the whole network. Figure 2 is a two-mode network (comprising two different types of entities: firms and repositories) which are connected according to the firms’ employees contributions to repositories. For the reason outlined above, Google is more prominent than Microsoft. Similarly, Linux not only receives the highest volume of contributions (see Table 1), but also has high betweenness centrality, signifying that it is receiving contributions from a great diversity of sources (as seen in Table 2). Figure 2 suggests there are inequalities in terms of contributions, with few prominent firms.

Two-mode network of firms and repositories. Node size reflects betweenness centrality.
Table 7 provides a summary of the properties of the entire network. The number of ties directed towards projects (indegree) and ties issuing from firms (outdegree) are distributed into four quartiles, each containing an equal number of nodes (6648). The firms and projects in the highest quartiles obtain by far the greatest number of connections: a minority of projects is attracting the overwhelming majority of commits and a minority of firms are overwhelmingly committing. Examining the GHTorrent dataset (a larger collection of GitHub repositories, users and events), Kalliamvakou et al. (2014) also found that the most active 2.5% of projects accounted for the same number of commits as the remaining 97.5%.
Network of contributors and firms on GitHub, 1 January 2015 to 30 April 2019.
We next analysed top email domains. The top-100 email domains with the greatest number of commits to the 135 repositories were classified in five categories (Table 8). There are 41 firm domains among the top 100, corresponding to 11,538 GitHub accounts, which are responsible for more than 1M commits. The other significant block of commits, of a similar size, is authored by unaffiliated email domains, corresponding to a much higher number of GitHub accounts (68,913): firm employees have a higher contribution rate. The single research domain is CERN.
Top-100 contributors to selected 135 repositories on GitHub.
Comprises email domains such as users.noreply.github.com, outlook.com, qq.com (common among Chinese developers) and mail.ru (a popular Russian email provider).
To what extent do individual firm employee and volunteer contribution patterns overlap? (RQ4)
One of the means we use to address our third metric (overlap between paid and unpaid work) is to focus on a subset of committers who use both firm and non-firm emails. As we will see, these findings also confirm our contribution inequality metric. But to start off with, we analyse the time of commits of individual contributions. Figure 2 conforms to previous literature (Riehle et al., 2014) which held that firm employee contributions dip during the weekend, whereas volunteer contributions remain constant, showing that our classification of employee and volunteer contributions is robust. 7
Figure 4 shows how SLOC relates to time of commit. Just like the average number of commits (Figure 3), the median SLOC number dips for employees during the weekend, whereas it remains constant for volunteers (Figure 4).

Average number of commits by a firm employee and a non-firm employee per day, 1 January 2015 to 30 April 2019.

Median source lines of code committed by individuals in a week.
We next analysed the relationship between volunteer and firm email contributions. Each account on GitHub can be linked to multiple email addresses. Among the 113,614 developer accounts who contributed to the selected repositories on GitHub from 1 January 2015 to 30 April 2019, there were 11,943 (10.5%) who used more than one email address. Of those, 3279 accounts (2.9% of total) were identified as using both a firm email address and a non-firm email address. These 3279 accounts contributed 614,746 commits or 21.8% of the total number. Another striking instance of contribution inequality occurs in terms of SLOC: these 3279 developers, or less than 3% of the total, contributed 24.4% of all SLOC. More than half (369,529) the commits contributed by the 3279 individuals who both used firm and non-firm email addresses were made using a firm email address, while 233,429 were made using a non-firm or personal email address, showing that volunteer contributions are significant (see Table 9).
Contributions of developers committing with both firm and personal email addresses.
SLOC: source lines of code.
Figure 5 shows that firm involvement in FOSS is rising: while non-firm email address use remains constant, there is a clear increase in the numbers of firm email addresses between 2015–2016 and 2017–2019. Firm email addresses are more numerous than non-firm addresses during the work week, and there is a sharp decrease of firm email account use on the weekend. Non-firm email addresses use also decreases on the weekend, but much less than that of firm email addresses.

Average number of firm or personal email addresses of the 3279 developers using both firm and personal email addresses to commit per week, 2015–2019.
Similarly, Figure 6 shows that for the 3279 developers using both firm and personal email addresses, SLOC have dramatically increased, but only for the firm email addresses used by these dual-email address developers (non-firm levels remain constant or decrease). Finally, we classified the relationship between firm and non-firm email use among the 3279 dual-email address-type developers. We defined as ‘occasional’ developers demonstrating less than 10% overlap between firm/non-firm email account use; as ‘parallel’ developers demonstrating constant and frequent overlap between firm and non-firm email account use; and as ‘sequential’ developers who changed from non-overlapping firm or non-firm email account use to the opposite non-overlapping firm or non-firm email account use. Table 10 lists these developer profiles. Among the 862 ‘sequential’ profiles, 494 moved from non-firm to firm email addresses, while 347 moved from firm to non-firm email addresses, and the rest (18) experienced more than one main change (staying with the same email address type more than 180 days).

SLOC submitted by 3279 developers using both firm and personal email addresses by type of email address in a week, 2015–2019.
Committing time patterns of developers using multiple email (N = 3279).
Discussion
Firms and industrial public goods
The development of new media and digital technology have disrupted traditional understandings of business by individualising what used to be solely organisational industrial production processes. In the same way that individual bloggers and social media ‘influencers’ have challenged the monopoly of news media and marketing firms, individual computer engineers or hackers have to a large extent appropriated their means of production and of recognising technical expertise. This has led to the emergence of key non-firm entities such as FOSS software projects, the recognition of the value of these projects’ output by firms and a blurring of the once airtight barrier between paid and nonpaid work. We have mapped contributions to a sample of top open source repositories on GitHub and shown that dominant players in the IT software industry contribute the most in terms of volume (Microsoft) or diversity of recipients (Google), with other major industrial actors (e.g. Apple, IBM) contributing significantly less (RQ1). 8 Following Alcaras (2020), we defined FOSS as non-rival ‘industrial public goods’ and proposed a formal definition including indirect inter-firm cooperation, contribution inequality and the overlap between paid and volunteer work. Our first metric (indirect inter-firm cooperation) was confirmed as we found evidence of employees from multiple firms contributing to GitHub repositories (RQ2). However, this cooperation was highly selective, with employees of the two most central firms, Google and Microsoft, never contributing to repositories where employees of their counterpart were the top contributors.
Large firms derive two main benefits from releasing some technology as open source: it allows these firms to showcase their technological credentials, helping them to attract talented developers in the highly competitive IT hiring market, and it also enables firms to benefit from the contributions of unpaid developers, without giving up their control of the technology. To that end, firms control who can commit to a given repository and who cannot (typically, only firm employees can commit directly, whereas others need to obtain approval via pull requests). This partly explains why a firm remains the main contributor to a repository of a technology it initially released. The technology is therefore ‘open source’ in terms of the code licence, but is not developed following an open or shared governance model whereby developers from different firms collectively decide its future direction (the Linux kernel is an obvious exception, as it features contributions from a very diverse group of firms). The mutualisation of the development costs of non-rival industrial public goods has been defined as ‘coopetition’ in which firms both compete and collaborate with each other (Nguyen-Duc et al., 2019; Teixeira et al., 2015).
Contributions to FOSS being concentrated in the hands of a few hyper-productive participants has been noted since the origins of FOSS (Hill et al., 1992; Kuk, 2006), with more recent examples confirming this observation (Chełkowski et al., 2016). While examining OS development patterns some researchers found evidence for the so-called ‘Pareto principle’ whereby less than 20% of users make 80% or more contributions (Akond Rahman et al., 2018; Goeminne and Mens, 2011); others found less support for this principle (see Gasparini et al., 2020; Yamashita et al., 2015). Contribution patterns in our network were highly unequal, both when considered in aggregate, by firm domains (see Tables 7 and 8) with a few key organisational players massively contributing, as well as in terms of individual developers (see Table 9). This confirmed our second metric (RQ3).
In terms of our final metric to formally characterise industrial public goods, the connection between volunteer and paid work (RQ4), we found that although contributions made by non-firm email addresses are less numerous than those made using firm email addresses, they are still very significant. Developers being paid by a firm to produce code may be reluctant to use their professional email address when contributing to a project that is less directly relevant to their firm. This could also explain the very low number of contributions made by, e.g., large IT firm employees to repositories which their firm does not support. We found that firm email contributions dip significantly during the weekend, in contrast to non-firm emails. We can only speculate as to why this is occurring: this could be understood as a manifestation of the negative connotations of working on a paid job during the weekend, implying one does not have a good work-life balance, in contrast to working for intrinsic, or non-monetary reasons as indicated using a non-firm email. There is evidence of continuity between paid and volunteer work as some developers use predominantly one type of email address before switching to the other, with a slight majority of changes being from non-firm to firm email addresses. Clearer results concern the population of developers who commit using both firm and non-firm email accounts: firm email addresses are associated with significant increases in volume of commits and SLOC.
We acknowledge that the highly active nature of the repositories in our sample is not insignificant, and that focusing on a less active sample might produce different results. But for the time being, we interpret these results as supporting the definition of industrial public goods we have suggested: (a) firm cooperation, (b) employee and volunteer labour overlap and (c) contribution inequality. Apart from its indirect quality, our analyses show that informality is also a feature of the production of industrial public goods: though a minority of contributors commit, being able to rely on a crowd of micro-contributors whose motivations are not monetary is key for this new kind of non-rival resource. The intermingling of volunteer and paid labour on GitHub has been examined previously (Claes et al., 2018; Riehle et al. 2014), but we provided empirical evidence of its temporal evolution both in terms of the growing involvement of employees and of the interplay between volunteer and paid status. Finally our detailed network and content analyses of employee contributions enable us to distinguish between hobby-type and professional contributions by IT firm employees. This represents a pioneering insight into the industrial strategies of firms, whose employees’ participation is highly selective, demarcating clear ‘contribution territories’. Selectively occupying territories enables firm employees to co-produce industrial public goods with the employees of ‘co-opeting’ firms and with unpaid volunteers.
Threats to openness
Public goods, whether industrial or not, are meant to be open. FOSS developers agree to renounce to their exclusive property rights over the resource they have created (Benkler, 2013). FOSS licences such as the GPL created a legal environment in which motivated contributors could entrust their work with individuals with whom they had no prior personal contact (Lee and Cole, 2003). In other words, volunteer FOSS work was primarily done for the benefit of a community or project, and developers contributing without being paid challenged traditional understandings of work as linked to an employer. Whether this relationship exploited individual developers has been the object of much debate. 9
It seems less controversial to suggest that increased firm involvement is likely to influence project decisions of all kinds, from technical to licencing ones. And indeed the open status of industrial public goods is now at risk. To understand why this is the case, it is necessary to briefly review the current IT industry landscape. The near-ubiquity of FOSS in a growing range of applications means all firms today, not just IT firms, are benefiting from the free labour of FOSS project contributors who are not their employees. With a few exceptions, most non-IT firms that use FOSS components in ‘products and services’ (Butler et al., 2021) are reaping the benefits of FOSS without contributing in return. Foley (2013) calls this capture of outsourced intellectual rents ‘surplus-value appropriation’. Non-IT firms are purchasing data storage and analysis services, based on FOSS, from ‘Big Tech’ firms, sometimes referred to as ‘GAFAM’ (Google, Amazon, Facebook, Apple and Microsoft). These large IT firms contribute to FOSS projects ‘in ways that may not always be apparent from public sources, such as employing core project developers, making donations and joining project steering committees in order to advance strategic interests’ (Butler et al., 2021). Yet this firm support has entailed a considerable cost: several of the dominant ‘GAFAM’, with Amazon Web Services as the lead offender, are using cloud computing and Software as a Service (SaaS) products built with open source software to transform this scientific and technological knowledge, which is intended to be shared, into closed assets. 10 These assets are then sold as privately owned software business solutions to non-IT sectors such as the automotive, entertainment and energy industries. Birkinbine’s (2020) advancement of the notion of ‘incorporation’ over that of ‘enclosure’ (which typically refers to the imposition of higher excludability on the common resource) thus refers to a pre-SaaS era when value was being extracted without restricting the community’s access to their collective goods: cloud-driven enclosures do represent a clear and present threat to openness.
Rikap and Lundvall (2020) position the involvement in FOSS of ‘GAFAM’ as typical of their widespread ‘predatory’ behaviour. Examples include releasing libraries to open source to set standards, enabling start-ups to integrate their applications into GAFAM platforms and – in case they are acquired – facilitating their integration into the platform. Predatory GAFAM behaviour also takes the form of the re-appropriation of co-authored research: 78.3% of Microsoft’s 17,405 publications between 2014 and 2019 were co-authored with university researchers; during the same period, Microsoft applied and was granted 76,109 patents, 0.2% of which were co-owned (Rikap and Lundvall, 2020).
Several interlocking reasons explain why the open source community has been unable to withstand this expropriation: the use of aggressive tactics by Big Tech companies to reject SaaS-resistant licences such as the Affero GPL; the fact that many developers are themselves employed by Big Tech firms; the rhetorical strategies deployed by firms which aim to transform open source developers’ values (O’Neil et al., 2021); finally, this is also due to the way FOSS developers view themselves and their activity. Part of the computer hacker philosophy is to view one’s activity as a calling, not a profession, with Eghbal (2016) suggesting, for example, that money is a ‘taboo’ topic in projects. The ethics of reciprocity, transparency and openness which animate FOSS have traditionally been understood in terms of the need to protect the ‘four freedoms’ (to access, copy and modify software, as well as to distribute modified versions). Software should be considered as an asset upon which users have certain rights – not as the product of work that deserves monetary retribution, or as a now-fragile resource that needs to be cared for (O’Neil and Broca, 2021). Will Big Tech firms’ increasing expropriation of collective resources and subversion of developer values generate a reaction from FOSS developers? At the least, a wide-ranging public debate in the FOSS community would perhaps clarify whether the term ‘free and open source’ still has any meaning when its core principles of openness and sharing are being systematically flouted.
Conclusion
To analyse the impact of FOSS in the digital economy, we proposed a definition of how industrial public goods are produced (encompassing metrics such as inter-firm indirect cooperation, participation inequality and coexistence of volunteer and paid labour) and we provided empirical evidence of this definition’s validity. We mapped a firm-project FOSS coproduction network on GitHub, which was dominated by a minority of key players, such as Linux and Microsoft. We found diverse firm contributory models, including quasi-monopolies, indirect cooperation between firms and extreme fragmentation in the case of Linux. Despite paid workers making the majority of contributions, unpaid workers played a significant role, indicating the informal nature of these hybrid work arrangements. Our mapping of exclusive firm ‘contribution territories’ led us to define indirect firm cooperation as ‘selective’ and raises the question of the existence of ‘contribution deserts’ – projects and code that are neglected by large IT firms and can only rely on volunteer labour, despite being important for the sustainability and diversity of the open source ecosystem. Further research would help determine the extent of these deserts and whether preserving these types of industrial public goods would warrant support from public authorities.
Supplemental Material
sj-doc-1-nms-10.1177_14614448221090474 – Supplemental material for Co-producing industrial public goods on GitHub: Selective firm cooperation, volunteer-employee labour and participation inequality
Supplemental material, sj-doc-1-nms-10.1177_14614448221090474 for Co-producing industrial public goods on GitHub: Selective firm cooperation, volunteer-employee labour and participation inequality by Mathieu O’Neil, Laure Muselli, Xiaolan Cai and Stefano Zacchiroli in New Media & Society
Footnotes
Acknowledgements
Some of our aims and findings were presented at the following events. 2019: Second French-Australian Forum on Policy Analytics, ANU Centre for European Studies, Australian National University, Australia; Australia New Zealand Communication Association Conference, University of Canberra, Australia; CommonsLab Heraklion, Crete, Greece; The Long Now of the Commons - People, Infrastructures and Dilemmas, IT University of Copenhagen, Denmark; Séminaire Capitalisme numérique et idéologies, Centre Internet et Société – CNRS, Paris, France; Open CIO Summit, Paris, France. 2020: Systematic Paris-Région, Paris, France; American Sociological Association Annual Conference, San Francisco, USA. 2021: Report launch: The coproduction of open source software by volunteers and big tech firms, News and Media Research Centre, University of Canberra, Australia; Plague Salon, Pretoria, South Africa. 2022: Séminaire du CIS, Centre Internet et Société – CNRS, Paris, France. We are grateful to the participants for their input. We also wish to thank the anonymous colleagues who reviewed this article for their valuable contributions to improving our argument.
Funding
The author(s) disclosed receipt of the following financial support for the research, authorship, and/or publication of this article: This research was supported by the Alfred P. Sloan Foundation and the Ford Foundation’s Critical Digital Infrastructure Fund (2019-2020).
Notes
Author biographies
References
Supplementary Material
Please find the following supplemental material available below.
For Open Access articles published under a Creative Commons License, all supplemental material carries the same license as the article it is associated with.
For non-Open Access articles published, all supplemental material carries a non-exclusive license, and permission requests for re-use of supplemental material or any part of supplemental material shall be sent directly to the copyright owner as specified in the copyright notice associated with the article.
