You may have read our background article about ODF and OOXML and why Red Hat believes OOXML should not be approved as an ISO standard. This time, we focus on how the standardization process has been compromised at ISO.

ISO’s JTC-1 directives were designed to provide a fair, consensus-based way to design standards that are portable, interoperable, and adaptable to all languages and cultures. The OOXML proposal has suffered from two basic problems: (1) voting irregularities, and (2) the use of a fast-track process for a complex, new, large specification that has not received adequate industry review. The resulting specification was driven almost exclusively by one vendor, has not achieved industry consensus, and has had thousands of issues logged against it, largely due to issues involving implementability, portability, and interoperability. Although resolutions have been proposed for many of the issues that have been raised, there is virtually no time to review these resolutions to determine whether they fix the problems. And the voting irregularities have raised serious issues with the fairness of the process.

For a standards body to have credibility, the procedures it follows need to be credible. ISO’s JTC-1 directives say that the “objective in the development of International Standards should be the achievement of consensus between those concerned rather than a decision based on counting votes.”1 Clearly, there has been no achievement of consensus regarding the adoption of OOXML as a standard, and therefore ISO has turned to a voting process.

We believe that the flaws in the ISO voting process for OOXML are so serious that they must be addressed in order to maintain ISO’s credibility as a standards body. For a standards body to review a proposal adequately and achieve consensus, the participants need to be involved in the entire review process, not merely show up to cast a vote.

Unfortunately, the ISO voting process is not restricted to those who have participated in the past.2 Thirty-six new countries joined the JTC-1 technical committee–just in time for the OOXML vote3– and 90% of these voted in favor of the OOXML proposal. Only 36% of the original membership voted in favor of approving OOXML as a standard.

Allegations have been made that Microsoft encouraged new countries to join the JTC-1, or to upgrade their status (from O-status to P-status) to influence the vote. Contrary to what has been demonstrated, the JTC-1 directives say that the “objective in the development of International Standards should be the achievement of consensus between those concerned rather than a decision based on counting votes.”4

Before an individual country votes in the ISO process, it holds a vote within its own national body. An employee of Microsoft Sweden admitted to offering incentives to business partners to encourage them to vote for OOXML5, leading the Swedish Standards Institute (SIS) to declare its vote in favor of OOXML invalid. Critics have speculated that similar practices occurred in Italy, Switzerland, Spain, and other countries. Such allegations have prompted the EU to launch an investigation into Microsoft’s practices during the ISO vote.

OOXML was submitted to ISO using the fast-track process, which was intended to make it easier to approve an ISO standard if it has already been approved by an existing standards organization. This was meant to speed up the process for standards whose problems have already been resolved and where consensus has already been achieved. The process generally requires three years or more; fast-track can cut this time to six months.

The first review of the 6,000-page OOXML proposal resulted in a disapproving ballot by national bodies on September 2nd. There were over 3,500 comments. The issues identified with OOXML did not stop there.

After the 3,500 comments during the initial ballot, one delegate wrote, “I and my reviewers found 13 additional errors in the original specification. However, national bodies were not allowed to submit new comments (and rightly so, otherwise there would have been total chaos). Therefore, there was no way to submit and correct them.”6

In response, ECMA submitted a proposed Disposition of Comments report that was close to 2,300 pages long. This Disposition of Comments contained proposed changes scheduled to be discussed at a Ballot Resolution Meeting (BRM) in February. This gave only six weeks to review this documentation (that’s a rate of 55 pages per day) before the BRM; it was impossible for all technical issues to be addressed or resolved in that timeframe.

The BRM meeting itself only lasted one week, even though the JTC 1 Directives impose no such time limitation. The normal course for a BRM is to meet, recess with email discussion, and to meet again until consensus is reached on the changes to a proposal. (Remember, the JTC 1 emphasizes consensus in its standardization process.)

Complaints have been lodged with the ISO by some national bodies alleging that the BRM process was inadequate for the number of issues needing resolution. In the final vote at the BRM, only six of the thirty members voted to approve the changes. Four voted to disapprove, and 20 either abstained or refused to register and vote at all.

Obviously, ISO should have referred the proposal to a working committee for further improvements before it was placed on a fast track ballot. But the relevant ISO process was not designed to make this possible. When this is combined with the addition of new members at the last minute in order to influence a vote, the process is fatally flawed.

The IT industry clearly needs systems so that companies can work well together, and these systems need to work well in all countries. The ISO process for IT standards was designed to promote interoperability, portability, and cultural and linguistic adaptability,1 using a consensus process. We believe strongly in these goals, but the current process is not designed to achieve them. The OOXML proposal has exposed serious flaws in ISO process–especially in the fast-track process–and we believe these flaws need to be fixed.

The credibility of ISO is at stake.