Ask HN: Why are ISO standards so expensive? | Better HN

86 comments

53 comments · 22 top-level

jjoonathan7y ago· 10 in thread

Many other standards organizations have figured out funding models that don't shut out hobbyists, the interested public, academics, and professionals with tangential (rather than direct, funded) interest. ISO has not. They are behind the times in this regard.

ISO is full of vested interests that don't want hobbyists, the interested public, academics, and professionals to access the documents and be able to implement them at a lower cost.

mrozel7y ago

This has always been my opinion. Plus, I've found them ripe with anti-patterns that contradict what they actual iso standards stand for.

theincredulousk7y ago

I don't think $100 can really be considered a major roadblock to any technology professional capable of doing a standardized implementation...

jetti7y ago

Do you have examples of those standards organizations? The only other one that I have first hand experience with is ANSI and I know they charge for their standards. I have been dealing with X12 EDI and some of the standards for that are close to $1000 and that is for a single file format. The health care X12 standard has dozens of file format standards.

dragonwriter7y ago

> Do you have examples of those standards organizations?

WHATWG, IETF, W3C. Not that each doesn't have other issues, but charging through the nose for standards isn't one of them.

kelsolaar7y ago

ITU standards are usually available free of charge too.

Like W3C? “Standards” funded by Google’s ad monopoly? How is that going for them? The demand for everything to be “free” is destroying the idea of neutral standard. Standard must be funded somehow. The ISO model has worked for decades. The W3C model, where you don’t charge for either the standard or the products, has become a tire fire.

The W3C's failures pale in comparison to what I hear of the ISO MPEG process, in which companies compete to put as much of their patented technology in the codec standard as possible without any regard for coherence. ISO is worse than the W3C.

Just because the standard is free does not mean that any single implementation is, you are free to charge for software implementing a standard just as you would be otherwise.

A proper standard needs to be free (both as in speech and beer), otherwise it needs investment to see that a implementation meets the standard (which in itself goes against the idea of having standards) or to modify it to propose improvements.

The work of developing standards can be done by people/companies who benefit from the standard, either financially or via other ways and those people/companies have their motivations to work on it.

jjoonathan7y ago

Open standards organizations in general and the W3C in particular were in full swing long before Google existed and will continue to do meaningful work long after Google's ad monopoly gets broken up or disrupted into irrelevance.

It takes a special kind of singlemindedness to look at modern web standards and the open source WebKit ecosystem, dismiss their wild, outsized success as a tire fire, and call for more corporate exclusivity as the solution.

andrewaylett7y ago· 4 in thread

I've been part of a team developing C++ compilers and run-time libraries. We used the final draft, which (at least for C++) is freely available. I suspect anyone relying on the final text (were it to differ from the last public draft) would be disappointed to discover that pretty much no-one uses it.

It doesn't seem to me to be a terrible trade-off to say that ad-hoc use via public drafts is fine, but if you need to use the actual spec for whatever reason then you're probably being paid to abide by the spec and it makes sense to charge for it.

Where I strenuously object to non-public specifications is where they're referenced in (and required by) legislation: if ignorance of the law is no excuse, the law had better be freely available.

I agree that the legislative concern is more serious, but think you are underestimating the harm of ad-hoc use.

When I want to reference an official specification, it is gennerally not a need. I can normally satisfy my own usecase by hacking together enough knowledge from reverse engineering and public sources (often with less effort then actually reading the spec requires), but I view it as my responsabilty to be spec compliant wherever possible.

A spec is only as good as it is followed. By not making the spec free, it is less valuable to me even if I pay for it, because there are now even more noncompliant systems out there I might need to interlop with.

radford-neal7y ago

... anyone relying on the final text... would be disappointed to discover that pretty much no-one uses it.

Indeed! A "standard" that costs $100 to read is not actually a standard at all. The standard is, by definition, what the users think it is.

Causality17y ago

One is reminded of the legal fight over the public posting of Georgia's penal code.

More info? I tried to google and I can't find any good links - was it that only people that could afford printed copies had access to the Law?

octocode7y ago· 3 in thread

The fee is to pay for the ISO's operating costs of maintaining and distributing the standards. They do have a section of publicly available standards, if you're interested: https://standards.iso.org/ittf/PubliclyAvailableStandards/

They probably have a gold web server that can only be powered by the tears of albino giraffes. For the price they charge for distributing one standard once, normal organizations can distribute files to anyone who asks essentially forever.

I suspect (although I've made no effort to verify this) that some standards organisations were set up in the days of paper copies and secretaries and typists, when they needed a 10-storey office building [1]. So naturally they set up a pricing structure reflecting those expenses.

Then they kept the employee numbers and pricing structure due to institutional inertia.

[1] https://goo.gl/maps/MK3C9AUgzV16Svem8

yamilg7y ago

Thank you for sharing this! For some reason I really enjoy reading standards documents.

bbatha7y ago· 2 in thread

Its also worth noting that you can basically find all of the standards in their draft forms for free. You need to be slightly careful about the revision numbers, but often the drafts are identical to the ISO ones. You really only need to pay for the draft if you want to be certified as in compliance or are an enterprise user. In which case the fee is paltry.

Is there a way to search for these? I've tried trawling through many sites to find draft versions of ISO 32000-2:2017 but it seems to have fallen down a memory hole. Is there a naming convention around drafts or is it just luck of the draw?

Apologies is this is not a valid query.

bbatha7y ago

luck unfortunately :(

shmerl7y ago· 2 in thread

Usual parasite approach. Accessing standards should for sure be free for everyone.

Why should it be free? What is your rationale?

shmerl7y ago

Because standards are not products. They should enable things, not to be used for profit. Profiteering from that hinders progress. It should be quite self explanatory.

danmg7y ago· 2 in thread

there are torrents that have all the standards...

Where?

danmg7y ago

  magnet:?xt=urn:btih:F046266BE1BFB1528A6C766526A8B17254059429&tr=http%3A%2F%2Fbt2.t-ru.org%2Fann%3Fmagnet&dn=ISO%20standards%20%2F%D0%A1%D1%82%D0%B0%D0%BD%D0%B4%D0%B0%D1%80%D1%82%D1%8B%20%D0%98%D0%A1%D0%9E%20(%D0%BF%D0%BE%D0%B4%D0%B1%D0%BE%D1%80%D0%BA%D0%B0)%20%5B1973-2017.%20PDF%2C%20ENG%5D

edit: nice emo downvotes. Torrents today. Torrents Tomorrow. Torrents Forever! They're the only cloud that matters.

brandmeyer7y ago· 1 in thread

IEC standards are also expensive. However, there's a hack available. Denmark has incorporated many of the international IEC standards as national standards "by-value". They are also available at a much lower price than the IEC standards.

So if you buy the ~100 USD DS-60950-1, you'll find a Danish cover page followed by the otherwise 900 CHF IEC/EN-60950-1 (the International/Eurozone IT equipment electrical safety standard), which also happens to be harmonized with the ~2500 USD UL-60950-1 (The American IT equipment electrical safety standard).

Tomte7y ago

ANSI used to have several interesting standards (C, C++) as PDF for 30 dollars each. Unfortunately, they upped their prices considerably.

chopete7y ago· 1 in thread

Can think of 2 reasons why it is not free.

a. These are meant for a business to show off its compliance. A business means it is already making money. I am sure every company would be happy to pay that 100CHF to buy it for you , just like they can afford to buy a book, if they are thinking about ISO.

b. The ISO compliance is to be asserted by a 3rd party auditor. They are a member of the ISO community and/or have a copy of the standard with them.

I am ok with a), but b): how should I comply with something I don't know. Sometimes I have to comply by law. What is this the soviet union?

s1mon7y ago· 1 in thread

I've often thought that if standards organizations were truly interested in encouraging the use of their standards, they would make them freely available and recover their operation costs some other way. Even worse than the standards orgs themselves is IHS which acts as an electronic library (gatekeeper troll) for these orgs. In theory they are providing a service of managing electronic copies of expensive standards so that a big company doesn't get into licensing/copyright violations, but really all they're doing is adding overhead on top of stuff which should be free in the first place.

At one point the orgs were covering printing and shipping costs, but with electronic downloads and PDFs, it's really crazy to charge $$$ for a standard, especially when it doesn't include updates.

A couple exception to this madness: US government stuff (e.g. Mil-Std) which by law is all copyright free and downloadable, and USB.org is surprisingly and pleasantly just available for download.

buckminster7y ago

All the ITU ASN.1 specs are free. Maybe other ITU specs, I haven't looked.

TomJansen7y ago· 1 in thread

Wouldn't it be a good idea to have a site just like SciHub but only for ISO (and other) standards?

weinzierl7y ago

It's called Library Genesis.

Ok, it's not really a SciHub for standards, but it is in the same spirit. Most people don't order standards from the ISO, they get them from their organization's (university or corporation) library. Very much the same as for papers.

What can you do if you are not affiliated with any organization that provides access? You can turn for SciHub for papers and to LibGen as your library. Needless to mention that both are infringing copyright and may or may not be legal for you to use.

w8rbt7y ago· 1 in thread

When you do buy an individual copy, it comes with your name printed in the footer of every page. I had a copy of one once (won't say which one) and I could not let my boss read it. For many topics, national standards (like NIST) are great. They are free too.

Edit: We went with individual purchases because the group license was way too expensive. Had we paid for that, then we could have shared the docs with upto X employees.

I'm not sure how they can restrict you from lending such things, unless you've signed a contract specifically saying so. Copyright cannot be used that way, at least in the US.

FrozenVoid7y ago· 1 in thread

Very few programmers care about standards and even downloading drafts of them - despite all these forum/mailing lists arguments "what/which code is standard"( a tiny vocal minority), their market is likely some sort of enterprise bureaucrats that must have the Official(TM) Standard(TM) printed in triplicate to bully local programmers into following it "up to legal code". If the standards were free, i guess they're going to be a bit more popular, however thats too late to change programmer culture[1] which evolved without them - so standards organizations don't have much of an incentive to make them public domain. [1] Compiler manuals are what people using as standard, and standards eventually adopt compiler features.

zaarn7y ago

Programmers care a lot about standards; we just have more open standards like RFCs and W3C/WHATWG.

dwheeler7y ago· 1 in thread

Because ISO likes free money. In most cases ISO doesn't pay the authors and reviewers of standards, so instead of posting the document for free, it gets to indefinitely receive 100% of the profit from the work. It's a sweet deal for ISO, and a terrible deal for the rest of the world. ISO's paywall makes it very difficult to apply their standards. It's essentially an anti-standardization stance, not what you'd expect from a standards body. It's especially a problem because today's complex systems depend on millions of agreements that need to be standardized (not necessarily by ISO).

More generally: If a publisher charges money for a document, you should ask if the authors (or their employers) are getting paid a royalty on the profit. If the authors (or their employers) are getting paid a (decent) royalty, then that's a decent justification for the charge. If the authors/employers are not getting paid, then that looks suspiciously like an exploitative relationship. ISO is in the latter camp. Que bene?

I'll use ISO standards, and if my employer pays me I'll participate in an ISO process. But I strongly prefer working with standards organizations who have changed their processes to fit the 21st century. Today many people's expectation is that a standards body will make the standards freely available, since there's no excuse to do otherwise. ISO fails that test, and instead has a big paywall. The historical justification was to support a printing press, but that is completely unnecessary today (just post the PDF or HTML, that's all we need!). ISO will occasionally release standards freely (e.g., the Ada language specification and the Common Criteria were ISO standards that ISO agreed would be freely available even on initial ratification). But you have to work for it. Other standards-setting bodies, like the IETF, are typically wiser choices for developing standards.

I hope that someday ISO will change their policies. But as long as they're getting lots of free money, based primarily on work by people they don't pay, it's not clear why they would change.

>Today many people's expectation is that a standards body will make the standards freely available, since there's no excuse to do otherwise.

How many people have this expectation and how do you know?

lathiat7y ago· 1 in thread

Sometimes you can access standards from a library. Not sure how common that is for ISO but maybe look it up.

I asked at my local university library in Germany: they can't be accessed there.

theincredulousk7y ago

TBH I think IEEE is worse than ISO. After a fairly hefty yearly membership fee, they want you to pay for individual specs that other IEEE members created???

I needed to look at a 15+ year old IEEE spec, and thought "hey I'm a member, certainly I have access to it!". Nope. They wanted like $50 from a member. For a 15+ year old spec.

I let my membership lapse after that. Just couldn't figure out a way that it was worth $250+ year.

gumby7y ago

I know this question relates to the scandal of standards documents, but unlike the IETF it's possible to write ISO standards that are essentially proprietary by including various patent encumbrances, making them prohibitively expensive to implement. IEEE standards are particularly terrible in this regard.

Nominally to cover the costs of production. However, this is a convenient barrier to entry for Open Source and amateur developers that many companies who are standards participants don't object to.

weinzierl7y ago

I don't like the high prices either and wish these were available for free. At least the demand to have them for free is not unreasonable given that a large part of the work that goes in the standards is ultimately financed by tax money.

But to answer your question: Because the primary customers are organizations who are willing to pay. Individuals that are not affiliated with one of the paying organizations are not considered, unfortunately.

From a practical point of view it is not hard to get access. My experience is: As long as I was a student or an employee of a university the library provided me access and I was allowed to copy the standards as long as I needed them for my studies. When I left university I could still get a library card for the library and I could read the standards as long as I wanted but I wasn't allowed to copy them. Also every bigger company I worked for provided access. At least that's my experience.

Yeah ISO are de facto laws and the should be free

I view ISO standards as a tax on companies who are willing to stand by their product and processes. Modulo obvious caveats, if they can get certification/compliance/accreditation , the end user can have a modicum of confidence when dealing with the business. It lets you buy toys for your child with a peace of mind, or get into a car with ISO certified airbags, or buy network equipment for your server build, etc etc. Its trivial to point out flaws in any system, its not easy to propose something better that you can actually implement in the real world.

Scene_Cast27y ago

On one hand, I ran into this myself a couple of times (needed to spec some tolerances for shafts and holes; wanted to find laboratory glassware specs). Didn't end up getting them since it was a one-off query each time.

On the other, you have to admit that they do a much better job of making money for the value they provide, compared to e.g. compiler developers. (Just from a cold capitalistic viewpoint. I don't philosophically agree with not having a free way to get started with programming.)

strongbond7y ago

Because it costs money to sustain the armies of talentless paper-pushers who work for these organisations.

j / k navigate · click thread line to collapse