Ask HN: Why are ISO standards so expensive?
Or, why are they not free?
Many times during my professional career I've wanted to read the underlying standard for a product or a system, and I can't ever be bothered to cough up the ~100 CHF they seem to demand. As a result I've never actually read a standard.
90 comments
[ 4.0 ms ] story [ 170 ms ] threadI have no idea why that is but I wish there was a scihub for ISO standards. Because a world in which ISO standards (or any international standards, really) are free for anyone to read is an objectively better world.
Then they kept the employee numbers and pricing structure due to institutional inertia.
[1] https://goo.gl/maps/MK3C9AUgzV16Svem8
But today's complex computer systems depend on hundreds of thousands of interfaces, and those interfaces are depended on by millions of organizations. Their business model inhibits standardization, instead of aiding it.
The problem is: the time when people learn most about programming is as students when they have too much time and hardly any money.
It takes a special kind of singlemindedness to look at modern web standards and the open source WebKit ecosystem, dismiss their wild, outsized success as a tire fire, and call for more corporate exclusivity as the solution.
As an example, C++, also an ISO standard, has notoriously few full implementations, and as a result C++ is largely defined by "what GCC/Clang accept" in practice.
A proper standard needs to be free (both as in speech and beer), otherwise it needs investment to see that a implementation meets the standard (which in itself goes against the idea of having standards) or to modify it to propose improvements.
The work of developing standards can be done by people/companies who benefit from the standard, either financially or via other ways and those people/companies have their motivations to work on it.
WHATWG, IETF, W3C. Not that each doesn't have other issues, but charging through the nose for standards isn't one of them.
On the other, you have to admit that they do a much better job of making money for the value they provide, compared to e.g. compiler developers. (Just from a cold capitalistic viewpoint. I don't philosophically agree with not having a free way to get started with programming.)
a. These are meant for a business to show off its compliance. A business means it is already making money. I am sure every company would be happy to pay that 100CHF to buy it for you , just like they can afford to buy a book, if they are thinking about ISO.
b. The ISO compliance is to be asserted by a 3rd party auditor. They are a member of the ISO community and/or have a copy of the standard with them.
http://www.open-std.org/JTC1/SC35/WG1/
STEbus seems to be IEEE 1000 and ISO 10859, perhaps you got confused with the numbers?
[1] https://en.m.wikipedia.org/wiki/ISO_1000
It doesn't seem to me to be a terrible trade-off to say that ad-hoc use via public drafts is fine, but if you need to use the actual spec for whatever reason then you're probably being paid to abide by the spec and it makes sense to charge for it.
Where I strenuously object to non-public specifications is where they're referenced in (and required by) legislation: if ignorance of the law is no excuse, the law had better be freely available.
https://www.techdirt.com/articles/20181019/12232640876/appea...
Basically there are annotations that are considered part of the law but they are behind copyright and can't be distributed in the way you expect public laws to be.
When I want to reference an official specification, it is gennerally not a need. I can normally satisfy my own usecase by hacking together enough knowledge from reverse engineering and public sources (often with less effort then actually reading the spec requires), but I view it as my responsabilty to be spec compliant wherever possible.
A spec is only as good as it is followed. By not making the spec free, it is less valuable to me even if I pay for it, because there are now even more noncompliant systems out there I might need to interlop with.
Indeed! A "standard" that costs $100 to read is not actually a standard at all. The standard is, by definition, what the users think it is.
So if you buy the ~100 USD DS-60950-1, you'll find a Danish cover page followed by the otherwise 900 CHF IEC/EN-60950-1 (the International/Eurozone IT equipment electrical safety standard), which also happens to be harmonized with the ~2500 USD UL-60950-1 (The American IT equipment electrical safety standard).
Apologies is this is not a valid query.
At one point the orgs were covering printing and shipping costs, but with electronic downloads and PDFs, it's really crazy to charge $$$ for a standard, especially when it doesn't include updates.
A couple exception to this madness: US government stuff (e.g. Mil-Std) which by law is all copyright free and downloadable, and USB.org is surprisingly and pleasantly just available for download.
Ok, it's not really a SciHub for standards, but it is in the same spirit. Most people don't order standards from the ISO, they get them from their organization's (university or corporation) library. Very much the same as for papers.
What can you do if you are not affiliated with any organization that provides access? You can turn for SciHub for papers and to LibGen as your library. Needless to mention that both are infringing copyright and may or may not be legal for you to use.
I needed to look at a 15+ year old IEEE spec, and thought "hey I'm a member, certainly I have access to it!". Nope. They wanted like $50 from a member. For a 15+ year old spec.
I let my membership lapse after that. Just couldn't figure out a way that it was worth $250+ year.
More generally: If a publisher charges money for a document, you should ask if the authors (or their employers) are getting paid a royalty on the profit. If the authors (or their employers) are getting paid a (decent) royalty, then that's a decent justification for the charge. If the authors/employers are not getting paid, then that looks suspiciously like an exploitative relationship. ISO is in the latter camp. Que bene?
I'll use ISO standards, and if my employer pays me I'll participate in an ISO process. But I strongly prefer working with standards organizations who have changed their processes to fit the 21st century. Today many people's expectation is that a standards body will make the standards freely available, since there's no excuse to do otherwise. ISO fails that test, and instead has a big paywall. The historical justification was to support a printing press, but that is completely unnecessary today (just post the PDF or HTML, that's all we need!). ISO will occasionally release standards freely (e.g., the Ada language specification and the Common Criteria were ISO standards that ISO agreed would be freely available even on initial ratification). But you have to work for it. Other standards-setting bodies, like the IETF, are typically wiser choices for developing standards.
I hope that someday ISO will change their policies. But as long as they're getting lots of free money, based primarily on work by people they don't pay, it's not clear why they would change.
How many people have this expectation and how do you know?
The other important thing here is being able to read the standard gets you nowhere. You have to implement the standard, and an independent third party has to verify that you have implemented them. Someone has to pay for all this work. It would be nice if this was tax payer supported, but if the government isn't going to pay for it, maybe you would like to setup an international fund to contribute? I'm sure they would love to make them free of charge.
>They should enable things, not to be used for profit. Profiteering from that hinders progress. It should be quite self explanatory.
I want to pay the people who work on the standards. Profits help with that. Ergo, profits help progress. QED :)
BTW, ISO standards have been for-pay for years. Please explain specifically how it has hindered progress. Some data would be nice. The burden of proof is on you, given the decades of counter-factual evidence.
Someone has to pay for the work for implementing them too, but not for accessing the standard itself. Lot's of things were not free, because of someone trying to sit in the middle, where they shouldn't have.
But to answer your question: Because the primary customers are organizations who are willing to pay. Individuals that are not affiliated with one of the paying organizations are not considered, unfortunately.
From a practical point of view it is not hard to get access. My experience is: As long as I was a student or an employee of a university the library provided me access and I was allowed to copy the standards as long as I needed them for my studies. When I left university I could still get a library card for the library and I could read the standards as long as I wanted but I wasn't allowed to copy them. Also every bigger company I worked for provided access. At least that's my experience.
Edit: We went with individual purchases because the group license was way too expensive. Had we paid for that, then we could have shared the docs with upto X employees.