Ethical considerations for your open source governance

Posted by j.laird on 7 July 2022 - 9:30am
chess board
Photo by JESHOOTS.COM on Unsplash

By Yo Yehudi, Arielle Bennett, Gemma Turon, Declan Bays, Sarah Gibson, Stephan Druskat, Yadira Sanchez and Sophia Batchelor.

This blog post is part of our Collaborations Workshop 2022 speed blog series

Open source projects are rooted in ethical principles. Sharing the code so that anyone can use it, welcoming contributors and creating communities around specific projects are the core of open source. But open source communities also have a responsibility to ensure they are a safe, inclusive environment, understand who might be affected by their projects or check that their tools are not being misused. Therefore, Open Source Governance Models should embed those ethical considerations within their structure, but the framework to do so is far from well-established. In this post, we discuss some key points to take into consideration when designing and implementing ethical guidelines in governance models.

Ethical governance starts with self-reflection

Take things right back to first principles and ask yourself (and the project team):, why are you doing this project? Who is the project for? Who creates and maintains it? How will the project be used? These questions may not always be captured in the initial README, however by scoping the impact and influence of a project before it begins, a team can lay an ethical foundation from the outset. 

For many projects that are community led, this means involving the people that are affected by its outcome in the design, development, and deployment stages. True co-creation is an active process of inclusion, and there are many levels of engagement that can be tailored to a project’s individual needs (see Figure 1. Arnstein's Ladder of Citizen Participation), which a governance model might also need to take into account. For example, how is delegated power dealt with by the project? 

Figure 1: Arnstein's Ladder of Citizen Participation, illustration credit: @clinical.creative.psychologist (Juliet Young)

No open source project is an island, and the goal of making projects open source (we hope) is to openly invite the use and collaboration on a project which leads to a community of contributors and collaborators making the world a better place, one commit at a time. It's important that the governance model you select provides robust mechanisms for the level of community participation you are hoping to achieve with your project, with self-reflection being a useful starting point to guide your decision making. 

Ethical governance is a continuous process

There are many ways in which your project can (and probably will) change over its lifetime, and some of these changes may be unexpected, for example, use of your software in domains you may never have thought about, a faster growth rate than you have expected, or an influx of new contributors.

This may also mean that you have to change the way that the project is run to actively include new parts of the community, deal with a surge in contributions, or face new challenges. In this scenario, try and reflect the ways in which the governance of your project should evolve to reflect the ethics you commit to, e.g. is it built to allow the whole community to participate and influence a project, that will in turn influence themselves and their work?

It may feel like a giant leap to go from, say, a free-form do-ocracy to something more structured, or to give up your position of benevolent dictator, or to introduce different voting rules for the steering committee, but if you want your project to reflect your ethics, you will need to allow your ethics to impact the project, and iterate on this process. It’s a bit like putting debugging checkpoints in the way you run your project: run, but halt to reflect if you encounter a state that is unethical, based on your definition of ethical. In short: if (ethical == true) { // Do stuff } else { // FIXME }.

Ethics need governance to become actionable

Open source project communities may already have an implicit set of ethics regarding their project in place. However, unless these ethics are being made explicit, and inform a structured model of governance, they will remain inconsequential or, as Jo Freeman has put it in her essay The Tyranny of Structurelessness, impotent.

In order to empower your project to act on your ethics, it will need a governance model to adhere to. There are already a number of more-or-less established governance models, and because exploring these in depth goes well beyond the scope of this blog post, we encourage you to have a look at some of them. Keep in mind, though, that not all of them may cater well for an ethical framework, or the specific ethical framework you have in mind, in fact…

Existing governance structures for open source may not have explicit ethical frameworks - don't rely on technology to do the thinking for you 

In an age of automation, of bots, and of exceptional investment into AI, you might be inclined to think “This all sounds like a heavy workload - how do I even get started?” You might consider a couple of options:

1. Do I adopt an existing governance model? 

2. Maybe I should get a computer system to do it for me, or at least help me out?

Pulling a governance system out of the box is a great way to get started, but don’t assume that because a governance system has been in use before - perhaps even successfully - that the governance system has all the ethical kinks worked out, or even all the practical challenges. BDFL, the “benevolent dictator for life” open source governance model has practical kinks - what if that BDFL has an unexpected health crisis and disappears, for example - as well as potential ethical problems (how do we ensure that the dictator stays benevolent? What if they’re missing viewpoints that were obvious if only the governance committee was more than one person?). You can find more examples of open source governance models here.

Relying on technology to be your governance is equally risky. Technology can be an incredible tool, but so long as it’s the only tool you have making governance decisions, it’s likely to be a potential problem. One of our participants shared a story of a hardware maker community that used an online booking system for access to shared equipment in a makerspace. Without intentional guidance from the community, there was no way to ensure equitable access to the space’s equipment. In this case, technology - the booking system - was used in lieu of real governance. By using the tool, the community was easily able to assert “access to our resources is fair - anyone is able to book time with our equipment”, without acknowledging that a technology tool can not make judgment calls, and can not recognise systemic flaws around equitable access to resources. 


By its nature, open source technology can deliver benefits to all societies. However, projects started with all the best of intentions can still evolve into something malicious through poor guidance and oversight. Such considerations should therefore be noted and addressed through the application of a formal governing structure throughout any such projects, especially in sensitive areas where conflicts are likely to arise. And while the use of a governance structure doesn’t negate the possibility of bad things from happening, it does however provide a framework which allows us to put such actions into context.

This blog post gives some ethical pointers for open source project communities to consider when constructing their own governance models, with the intention of supporting the continual evolution of open source towards a more just and equitable ecosystem for all contributors and users. You can find more information on some of the governance models discussed at the links throughout the post, but we hope this also starts a conversation about the use of established governance models in open source that allows the communities within it to critically evaluate just how ethical they are.

Want to discuss this post with us? Send us an email or contact us on Twitter @SoftwareSaved.  

Share this page