No cross-government Open Source Programme Office to own the 'open by default' policy
France, Germany (ZenDiS) and the European Commission run public-sector OSPOs; the UK, which wrote the open-by-default playbook, has none. Ownership is fragmented between GDS (Service Standard point on open code), the Technology Code of Practice and individual departments; nobody audits whether departments actually publish code, curates cross-government reuse, or owns licensing and stewardship questions. The cost of this vacuum showed when NHS England's open source policies silently lapsed after the NHSX merger and the pages were deleted in December 2025. OpenUK's UKRI-commissioned guidance (2025-26) is advisory and GDS Local's work is nascent; neither is an accountable institution.
A policy without an owner evaporates, as the NHS just demonstrated. An OSPO converts fourteen years of aspiration into measured compliance, reuse savings, and a single door for maintainers, vendors and international peers to knock on.
A cross-government OSPO in GDS/DSIT with a mandate to audit Service Standard compliance annually, publish a code-reuse catalogue, steward government-maintained projects, and represent the UK in international public-code networks; modelled on the EC OSPO and ZenDiS.
// State-led: Instrument: machinery-of-government decision creating a GDS/DSIT OSPO with audit mandate.
Policy without an accountable owner evaporates, as December 2025's silent NHS lapse showed; the EC/ZenDiS instrument is proven but nobody is mandated to run it here.