Category: Long Thought

A longer thought.

Thoughts on recent Drupal governance decisions

(Content warning: This post discusses BDSM and abuse.)

[Updated 12:20 PDT 28 March 2017: Corrected spelling errors and added a few clarifications, including the opening notes 1-3 below.]

[Update 9:30 PDT 31 March 2017: Dries and Drupal Association have posted a thoughtful follow-up regarding this situation. Link added in-line below as well.]

[Updated 18:50 PDT 3 April 2017: Fixed minor typos. Added clarification about targets of kink-shaming. Added notes 4-5.]

[Updated 10:30 PDT 18 April 2017: Added notes 6 and 7.]

Note 1: In many contexts, including when talking about community governance, I use a rather broad definition of “abuse” and “abusive.” Abuse includes not just physical and sexual assault, but also repeated interpersonal misconduct as well as harassment. Interpersonal misconduct includes many things such as: lying, deception, and manipulation; violating the boundaries of others; not respecting the agency, autonomy, and equality of others; and more. These types of transgressive behaviors are often hard to detect and discern by others in a way that is actionable and can go on for a long time without the person engaging in them being brought to account.

Note 2: Many have characterized what I have written below as evidence of my passing unfair, hasty judgements about the contributor who was asked to step down from Drupal leadership. Some assume I made these judgements based on the sole fact of that contributor’s participation in the Gor community. In reality, I reviewed a lot of the contributor’s publicly available writing, including Drupal-related ones and formed my opinions based on that. If you haven’t done that and are vehemently defending the expelled contributor, I encourage you to reassess. And if you have and found the writing perfectly okay, I question your experience, maturity, and judgement.

Furthermore, I intentionally and specifically did not make direct statements about the “guilt” or “innocence” of the contributor or whether or not he is an abuser and nothing below should be read as such. Rather, the below should be read for two things: a) an explanation and refutation of common misconceptions people have about these kinds of situations when they arise, and b) a hypothetical alternative point of view of what might have happen in a situation such as what unfolded recently in the Drupal community.

Note 3: Several people have commented that Drupal has a Code of Conduct and a conflict resolution process, that it was followed and that the Community Working Group (CWG) found that the contributor had not violated the code of conduct. This is true, but doesn’t mean that there wasn’t a serious issue to address. In fact, the CWG indicated this to be the case and escalated up the leadership chain. Those who have experience in these matters know that even the most well-thought out and well-written policy isn’t going to handle every edge case and that you will need to have a process for handling those edge cases. That is, community governance doesn’t end with your code of conduct. In the most recent situation with Drupal, I believe they found an edge case where a contributor’s conduct was counter to the kind of community they wanted to foster but that they hadn’t accounted for in their code of conduct. (And, this doesn’t really surprise me, Drupal is using one of the weaker codes of conduct, one that I do not recommend, for this very reason, among others.)

Note 4: See this twitter thread for a follow-up analysis regarding those wanting a clear “victim” and wanting to know what the “rules” of conduct are. Also see this thread about consent and BDSM and this blog post about autism and compliance. See this thread for details on what makes me qualified to speak about the intersection of BDSM/Code of Conduct issues.

Note 5: A few people have asked which of the Drupal contributor’s public writings I read that informed my thinking on this issue. These include:

Note 6:  Below is a list of follow-up responses from various groups involved.

Statements from Drupal Community Working Group (CWG):

Statements from the Drupal Association:

Statements from Dries Buytaert:

Note 7: Members of the Drupal community and outsiders (including alt-right brigaders) who oppose the decision to ask LG to leave have created Drupal Confessions (DC) to pressure a reversal along with other governance changes. A lot of the language in DC’s statement reminds me of statements from LambdaConf organizer and Fantasyland Code of Professionalism (FCOP) author John de Goes. I wrote about what’s wrong with the FCOP earlier this year and updated my analysis in this twitter thread.


The Drupal community recently asked a long-time contributor to leave. (See follow-up post from DA/Dries on the matter here.)

A lot of the public response I’ve seen has been negative. And, most troubling, the separate decisions by the Drupal Association and project leader Dries are being cast by some as bigoted and exclusionary. I am seeing this sort of response from folks who are normally supportive — at least on a surface level — of projects having a code of conduct and of supporting diversity and inclusion. Interestingly, I am also noticing who is staying silent about the manner — a lot of women and folks who I generally know to have experience and good judgement in this area.

I am not part of the Drupal community, though I was part of the PHP community for many years. I do not have insider knowledge of the situation.

From my view as an outsider, I think the Drupal Association and Dries made the right decisions. If anything, they likely could have acted more decisively and skillfully sooner than they did, but that is often the case with these situations. Hindsight is 20/20, of course, and the FLOSS community is just started to exercise these type of governance skills. We have a lot to learn and we’re going to stumble along the way.

What I want to address in this post are the misunderstandings and misconceptions I see repeated every time one of our FLOSS communities reaches the point of imposing significant consequences upon a long-term, well-known contributor. And I want to share an alternative idea of what might have happened, one not based in bigotry or ignorance about consensual BDSM.

BDSM is not a protected class

While those who engage in BDSM might feel marginalized by mainstream society, they are not, as a class, subject to oppression anywhere near equivalent to what queer and trans folks, non-Christians, people with disabilities, and persons of color are. I believe folks have a right to privacy, including in regard to their sex life, and don’t believe in kink-shaming. However, to equate engaging in BDSM in and of itself with being a member of an oppressed class is incorrect and gross. (Furthermore, on a personal note, I loathe the equating of BDSM and queer in this way because it re-contextualizes being queer as being about sex, which it’s not.)

Furthermore, I do not think folks are commonly ostracized from communities simply because it becomes known that they engage in consensual BDSM play. In fact, I’ve never encountered this at all. (Update 3 April 2017: When I wrote this I was thinking in terms of white, straight, hetero cis men as those who are not kink-shamed. I absolutely recognize marginalized folks are subject to kink-shaming. See Shanley’s twitter thread for more on this.)

What I do now to be common are the following two scenarios.

One, a non-BDSM community or community member sets a boundary and asks someone not to discuss their BDSM practices within that community setting. This is entirely appropriate. No one is entitled to share and have an audience to share the intimate details of their sex life whenever they want. This isn’t oppressive or bigoted. It’s reasonable and appropriate boundary setting. (Tangentially, it’s not appropriate to “come out” as BDSM either, especially during times set aside for queer folks to do that.)

Two, a BDSM or BDSM-adjacent community ostracize a community member who has been engaging in transgressive behavior. Usually this is abusive behavior conducted under the guise of consensual, above board BDSM but instead crosses the line of established norms and practices into abuse.

BDSM and Gor are not equivalent

Okay, so the bit about Gor is kind of specific this Drupal incident…I hope? Regardless, it exemplifies the kind of discernment skills we need to be able to apply in these situations. One (acceptable) thing can look like another (not acceptable) thing and we need to practice telling the difference.

Even a cursory bit of research tells you that Gor and BDSM are not the same thing. Predominantly, those who engage in Gor are into the philosophy (not the fantasy) of the Gor novels. These novels posit that women are intrinsically inferior to men and should be rightfully dominated by them. For many who call themselves Gor, these ideas exceed the realm of fantasy enacted as part of recreational roleplay and extend into their everyday world view. This fact, to me, crosses the line from the privacy-deserving consensual power exchange of BDSM into something unacceptable and deserving of scrutiny. A “lifestyle” follower of Gor is overwhelmingly likely to negatively impact any community in which they participate in a non-trivial way.

Perhaps this seems harsh. Maybe it is. I strongly believe folks have a right to whatever weird private life they want to have. But there are limits. If on weekends you like to roleplay as a Nazi in charge of exterminations at Auschwitz, or a white plantation owner who whips Black slaves, I have a hard time believing you are a perfectly decent person during the week at work. Maybe it’s possible, I don’t know. My personal experience with kink is minimal and tangential (never really my thing). But I know folks with kink experience and they confirm the Gor sub-community is not well-regarded.

(For more details about Gor and how it isn’t BDSM, check out this article.)

Slippery slope!

Some folks have invoked a slippery slope argument: Well, if we exclude folks based on their misogynistic private life, are we also going to exclude fundamentalist evangelical Christians who publicly espouse misogyny and homophobia?? To which is say: Yes.

Yes, it is okay, and, I would argue, just, to exclude people from your community who publicly express cis, white, male, straight, Christian, heterosexual supremacy (in any combination of those attributes). Those who do this are the people keeping everyone else who is not them away. You do not need to coddle or protect these people. If you think your project cannot survive without the support of white male supremacists and their enablers, stop to consider if perhaps you are part of the problem.

Lack of public details does not automatically indicate bad governance

Those of us who have been a part of FLOSS communities for a long time are used to certain ways of working. We’re used to “working in the open” via written, recorded media. We expect to be able to get up to speed on an issue by reading though a mailing list’s archives, an IRC channel’s log, or a bug’s comment thread. We feel entitled to access and absorb this information and then chime in with our own view of things, be it lay opinion or reasoned expertise, or something in between. We expect to have this point of view meaningfully considered in the process of decision-making.

These norms work relatively well for collaboratively producing software. They do not, however, work for addressing certain community governance topics, including most conduct issues. These require private communication, limited numbers of people involved in making decisions, and a vagueness when publicly reporting outcomes.

All but the most trivial issues regarding community members’ conduct requires careful handling. The security principle of least access necessary applies. Only those who need to be a part of the decision-making process should be party to the often very private details of conduct-related incidents. This is especially true of situations regarding on-going or long-term abuse.

When a decision is reached it is unwise and likely unethical to share the details of the evidence that was considered in making that decision. Public statements you make about individuals involved in the decision are subject to libel and defamation law suits. The more specific your statements, the greater the risk. Not only to project leads have an obligation to limit the liability they expose their projects too, they also have an obligation to protect the privacy of all those involved, perpetrator and victim alike.

Unlike with technical decisions, decisions about governance, especially conduct, can never be as transparent as we’d like. As such, a certain amount of opaqueness is not necessarily a sign of bad governance. In fact, it can be a sign of good governance. At best project leads should, if they are able, share the nature or category and volume of evidence considered as well as the process that was followed.

Because in these cases good governance prohibits complete transparency, it’s incredibly important that you trust your project leaders. And, likewise, it’s important that project leaders work to establish and build trust continually, not just when code of conduct issues arise.

Lack of understanding of abuse dynamics

Each time one of these conduct issues arise, I’m reminded of how insidious abuser dynamics are and how little awareness there is with in our community about how they work.

This lack of understanding combined with lack of information about specific incidents causes a lot of otherwise decent community members to come to the defense of those who have engaged in transgressive behavior, including serial abusers.

Abusers are master manipulators. They are adept at shaping how people perceive them and they use a whole array of techniques to do this, deflection and distraction chief among them. Abusers always have the upper hand when it comes to (mis)information because they aren’t playing by the same rules as the rest of us. They will lie, violate others’ privacy by reveling intimate details, and overshare irrelevant details. Anything they communicate serves the purpose not of genuine communication and connection, but of creating a particular outcome in their favor.

In terms of public opinion, organizations who take action against serial abusers are almost always at a disadvantage. It’s the prisoner’s dilemma (to use an imperfect analogy). You always lose when you play with a cheater unless you’re also a cheater.

Abusers leverage social power and privilege to gain access to potential victims and to maintain their ability to abuse. It’s not unheard of to discover abusers have been masquerading as advocates for women in tech, for example. Doing so gives them credibility, cover, and access.

Abusers groom victim as well as accomplices. This is an incremental and long-term effort. Abusers do not exist in a vacuum. Their abuse is enabled by others who look the other way, come to their defense, and otherwise provide cover. Perfectly reasonable, “good” people participate in this all the time. It’s hard to spot and hard to break away from. Abuse endures through denial. It’s “normal” for those subject to abuse to minimize and lie about what they experience until they’ve been able to breakthrough this denial. Having previously said good things about your abuser, characterized their behavior as okay, or come to their defense is not an indication you weren’t abused.

Most abuse is never reported. As such, most abusers aren’t reported until they’ve abused multiple people and most communities don’t or aren’t able to take action until they’ve received multiple reports about a single person.

Fruit of the poison tree

Sometimes we hear things about others we’d rather not have been told. Sometimes we are given information obtained through questionable or even transgressive means.

In US law, evidence obtained through illegal or improper means is usually excluded from consideration, as being “fruit of the poison tree.” While I think this is an important standard in criminal legal proceedings, I do not think it applies in the same way to community stewardship. I’ve written before about how communities can and should act extra-legally and I believe the same concept applies here.

So, as opposed to in a court of law, in community we must still account for the fruit of the poison tree, even when we’d rather not.

Earlier I invoked the prisoner’s dilemma, in which the only way to win against a cheater is to either not play or to cheat as well. Dealing with abusers is not all that dissimilar. It’s hard to gather enough information about a potential abuser in order to confirm their abuse, and to do so, you often have to play their game, at least a little bit.

Am I condoning outright digging into anyone’s personal life and sharing those details with project leadership or the public? No, I’m not. There’s great potential there for abuse, especially of already marginalized folks. But if that’s the only way to reveal serial abuser? Yeah, then a certain amount of it might be justified.

Furthermore, the appearance of poison fruit could be an intentional distraction designed to deflect blame, or even a mere coincidence. It is not unheard of for abusers, when their abuse is revealed, to claim discrimination or persecution based on some unrelated aspect of themselves, including participation in BDSM activities.

What might have happened

Again, I don’t have insider information about the Drupal situation. But I have been on the leadership side of complicated community conduct situations. It is never easy or straightforward.

In the case of Drupal, it’s my best guess that something like this happened:

It was an open secret that the long-time contributor (LTC) they asked to leave held problematic views. He did not act on them so egregiously as to provide a clear, unequivocable reason to expel him. Instead, some in leadership positions grimaced at LTC’s conduct, while others looked the other way, or failed to see the problematic behavior at all or as problematic. People warned their friends to stay away from this LTC and tried to shield them as much as possible from his bad behavior. At the same time, this LTC had allies who supported him and helped him maintain his leadership position.

Over some period of time, people started coming forward with reports of abuse by this LTC. As is often the case, the folks making the reports request privacy and that the details of their reports not be made public or otherwise shared widely (and so most of us will never have direct knowledge of it). Perhaps also at this time people who felt this LTC’s behavior was problematic took it upon themselves to try to help and started mining private message boards for incriminating information about him. They found some and shared with project leadership.

At this point, project leadership has several reports of abuse by this LTC (which they can’t tell us about in any detail) along with information about LTC private life they’d rather not know, but that they feel they must act upon, particularly in light of the several other reports of misconduct they’ve received.

So, project leadership works their process, perhaps skillfully, perhaps less so, and this culminates in LTC being asked to step down from their leadership position and/or leave the project. Being less than experienced at dealing with such issues and wanting to respect people’s privacy as well as limit the liability exposure of the project, they refrain from making a public statement.

The LTC, seeing an opportunity to gain back some of the upper hand, posts his own story in which he includes a bunch of semi- or completely irrelevant details, crying BDSM discrimination, in hopes of obfuscating and confusing the real reason he was asked to leave. Project lead, in turn, responds with a post attempting to explain as much as he can, as clearly as he can, without violating anyone’s privacy or exposing the project to a defamation/libel action.

I have no idea if I’m right, but that’s my intuition about what’s going on in this case. I certainly find the above scenario far more plausible than a project expelling someone who is otherwise completely decent for consensual BDSM play in their private life.

An Analysis of the Fantasyland Learning Code of Professionalism (FCOP)

Update 17:15 PDT 2017-04-12: The FCOP has been modified since I wrote the analysis below. I do not believe any of the updates resolve any of the concerns I raise below. If you’re curious about which version I analyzed, it was probably commit 9a5fa97. And if you want to see what’s been updated since then (as of today, commit 051d3ed), take a look at the nice diff I made. One of the primary authors of the FCOP is going around asserting I am a liar, so I want to be clear about which version I analyzed and that I maintain the concerns I raise are still valid in the current FCOP. 

Update 11:45 PDT 2017-04-14: For an analysis of the “current” FCOP, see this twitter thread.

I have a good amount of experience regarding codes of conduct for open source communities. I am co-author of the Citizen Code of Conduct. I was part of the incident response team for Open Source Bridge and Stumptown Syndicate for several  years. I know what’s involved in responding to the code of conduct you adopt for your community.

Part of my experience includes reading a lot of other communities’ codes of conduct and providing feedback on what is likely to work well and what is not likely. Creating governance policies is not easy, and is more difficult so the less experience you have.

Recently the organizers of LambdaConf drafted and adopted a code of conduct, which they call the Fantasyland Institute of Learning Code of Professionalism (FCOP). This code is beyond mediocre. It’s downright dangerous. I do not recommend you adopt it in your community nor that you attend any event using this as its code of conduct.

To demonstrate why, I will give a detailed textual analysis of the FCOP.


STATEMENT OF PURPOSE

The Fantasyland Institute of Learning Code of Professionalism (FCOP) dictates the terms and conditions under which we allow you to participate in the community.

First off, the name “Fantasyland” gives me the creeps. I either think Disney-style amusement park, or the adults-only connotation of “Fantasyland” related to sex toys and porn. Neither of these have much to do with what I think of as professional programming spaces.

Also, “dictates” and “we allow you to participate” indicates a very top-down, hierarchical approach.

The purpose of FCOP is to facilitate inclusiveness and productivity (towards our professional goals) in our community despite operating in a pluralistic society.

Use of the word “despite” presupposes that community and diversity are necessarily at odds with each other. My way of looking things is that conflict in inevitable in any community, and that certain types of conflict arise when you have a very diverse community. Conflict is a normal part of social interaction. It’s how we learn and grow together. Conflict is not the same as abuse, though conflict not appropriately resolved can lead to abuse and abuses certainly create conflict as a way to exercise power and control.

To accomplish this goal, we restrict the community to civil people, and protect such people from discrimination, stereotyping, harassment, judgmental communication, and breaches of privacy.

What is meant by “civil” is defined later on, and I find the definition given a bit bizarre. Before I get to that, I want to examine the text with regard to the dictionary definition of civil. The one that adds the most meaning to this context is: “adequate in courtesy and politeness.”

To me it doesn’t make sense to prohibit people from being discourteous or impolite. To do so is to confuse niceness for kindness and to prioritize manners over genuine interaction. What is considered mannerly behavior is highly contextual and is based on class, culture, ethnicity, age, gender, and more.

Part of being in community is giving space for people to express themselves even if that means doing so angrily or impolitely or in another manner you might find distasteful. Expressing anger is not necessarily the same thing as acting violently.

Moreover, it is entirely possible for a person to act abusively all the while doing so politely. In fact, this is how many serial abusers get away with their behavior for so long.

But, like I said, the FCOP authors aren’t using the dictionary definition, or even really a conventional meaning of “civil.” Here’s how they define it:

Civil. We define civil individuals as individuals who, in our sole estimation, do not and will not engage in the following behaviors during active participation or inactive participation:

Crimes. Any criminal behavior in which there is a victim.

Community Sabotage. Any behavior (excluding non-violent communication) directed at sabotaging the community for political, religious, ideological, or moral reasons.

Professional Sabotage. Any behavior directed at sabotaging a member’s career for political, religious, ideological, or moral reasons; including attempting to no-platform a member or pressuring an employer to fire a member.

So, to FCOP authors, and LambdaConf organizers, being civil and participating meaningfully in community is defined solely by not engaging in criminal behavior for which there is a victim, or any behavior that counts as sabotage of the community or any of its members.

Pretty low bar, don’t you think?

If anything, it tells you what they value most: Not wanting any responsibility for making decisions about handling “criminal behavior” (whatever that means, they don’t specify), and not wanting to have to respond to any negative criticism at all, which they characterize as sabotage.

FCOP is explicitly not intended to impose any system of politics, religion, ideologies, morals, or values onto members.

Perhaps not, but it is certainly doing so implicitly as any standard of community norms and behavior does, whether it is written or not. FCOP authors seem to be trying to impose an apolitical worldview upon their community, which is not possible (because there is no such thing).

SHORT-FORM

We welcome all civil people to participate in the community. We do not allow discrimination, harassment, judgmental communication, or breaches of privacy. We do not exclude any civil people from our community unless they have been banned by us for a violation of these terms and conditions.

Again, the use and emphasis on civility tells me “you can get away with a lot if you sound polite.”

(My former evangelical co-worker who, in one email, tells me how much he respects me but then reiterates that my invalid marriage threatens the very fabric of his and also that I am godless would love this provision.)

But, of course, once you scroll down to the TERMS section you’ll realize that’s not even how FCOP authors mean civility. You’re civil as long as you don’t perpetrate crime upon another or sabotage the community.

Furthermore, this is how FCOP authors define discrimination (from the TERMS section):

Discrimination. We define discrimination as any favoritism shown or withheld to someone either on the basis of a stereotype or a non-community related group membership.

When discrimination is defined without an reference to power dynamics, it is usually a bad sign. I’ve seen this definition used countless times to dismiss or discourage any program or effort designed to get more folks from underrepresented groups involved in tech. Those who cry “reverse racism love this definition.

WELCOME STATEMENT

We welcome civil people of all genders, gender-expressions, sexual-orientations, gender-orientations, races, ethnic origins, skin colors, physical handicaps, mental handicaps, ages, sizes, political views, religious views, philosophies, beliefs, and attitudes.

Again with the use of “civil.” Also, I am pretty sure “handicap” is not the preferred term any more.

We pledge that we will not tolerate discrimination, harassment, judgmental communication, or breaches of privacy. We pledge to hold ourselves to these same standards and, in so doing, set a positive example for others to follow.

Most of this sounds okay. But what is “judgmental communication”? Can’t wait to learn what they mean by that! It smells bad to me already.

Saying “we pledge to hold ourselves to these same standards” is a weird way to indicate that these rules also applies to leadership. The whole code of conduct should apply to leadership as well as “regular” community members.

We greatly value integrity and pledge to establish the highest levels of trust in members.

Who is doing the establishing here, leadership or members?

BEHAVIOR

Oh, now we get to the good part. First, they create a distinction between “active” and “inactive” participation. We don’t learn how each of these types of participation is defined until the end of the FCOP in the TERMS section:

Active Participation. We define active participation to include the behavior of members while they are in the boundaries of the community.

Inactive Participation. We define inactive participation to include the behavior of members at all times and under all circumstances.

Ah, so FCOP authors distinguish between “active” and “inactive” participation as a way to clarify scope: within community activities and outside of it.

ACTIVE PARTICIPATION

During active participation, you must behave as described in this section.

Don’t Stereotype. Treat everyone as unique. Do not infer characteristics of a person based on their [perceived] membership in some group or category.

This might sound like a good thing to include in your code of conduct, but is likely to have unintended consequences.

First, not all stereotypes are negative or invalid. If someone introduces themselves as a born-again evangelical Christian, and they don’t explicitly tell me they support marriage equality, there is a very good chance they do not. Second, stereotyping is an important cognitive tool that helps us make sense of the world. It’s not possible to prohibit it because it’s something we all do.

What’s important is how we act on the information an assessed stereotype has given us. And there’s nothing inherently wrong with making initial judgements about others based on stereotype. This is how we survive in the world. Stereotypes become problematic when we do not update our understanding of someone based on new information, when stereotypes are used to perpetuate biases not based in reality, and when they are used to reinforce existing unjust power structures.

Don’t Communicate Judgmentally. You must not communicate the idea that any person, place, thing, idea, or action is superior or inferior to any other. Instead, talk about observations, analyses, models, and your own personal preferences.

I can’t think of any way it would be possible to have meaningful discussion while following this rule. As worded, it is a prohibition against discerning right from wrong, or even good from better, about anything, even in the most relative or contextual ways.

As written, you couldn’t give a technical recommendation in the form of “Given what you just told me about your situation, I think X would be the best solution.” Rather, you would have to phrase it as “In a similar situation, I have observed A solution have B result, and X solution have Y result,” or as “In that situation, my preference is for X solution.”

What is the value is in asking your community members to jump through such linguistics hoops?

Furthermore, stating something as a personal preference doesn’t preclude folks from implying (and thereby communicating) the idea that something is inferior or superior. Saying, “I prefer that society only recognize the marriages of heterosexual couples and that all sexual activity outside of legal marriage be punished” sends a pretty clear message about what you find superior and inferior.

Don’t Harass. Do not interact with anyone who does not consent. For verbal and written interaction you may assume consent for the first interaction, until the recipient communicates otherwise. For physical interaction, close physical proximity, and persistent gaze, you must assume non-consent until the person clearly and unambiguously communicates otherwise.

Harassment is not defined here, but later on under TERMS with this very narrow scope:

Harassment. We define harassment as an attempt to interact with someone who does not consent to the interaction.

Neither statement addresses the issue of repeated, verbal and written communication to which there is no response or the many other forms of harassment which might occur.

Don’t Pry. Do not go out of your way to read, watch, or listen to the private communications of other members (including trying to read their screens or listening to their private conversations). If you do read or overhear a private conversation, do not share it.

This feels weird to me as worded and I wonder why it’s in here. Is the intent here to be respectful or people’s privacy, or is to shield bad actors from scrutiny?

Don’t Obstruct. Do not attempt to disrupt communication between members, the activity of members, or the congregation of members.

I feel the same about this provision as I do “Don’t Pry.” Would intervening when another community members appears distressed be considered obstruction? What about speaking up during a talk if the speaker is presenting inappropriate material?

Assume the Best. Assume the best intention when others communicate with you. If you don’t understand what someone meant, or have questions about it, ask them directly rather than speculating or spreading rumors. If someone appears to be communicating judgmentally (“Coffee is good”), assume they did so only as a shorthand way of speaking, and ask them to clarify what objective metrics and personal predictions and preferences they are implying (“I like coffee”).

Not everyone acts with the “best intention” and operating with those folks like they do can be detrimental. It is your choice how much good or bad intention to assume about another person’s behavior. No one else has the right to dictate that for you. It’s a highly personal decision, based on many factors including your lived experience in the world and possibly your prior history with the person, community, or context in question.

If “assuming good intent” works for you personally, great. But it’s a tactic that doesn’t serve everyone equally. And when you require community members to assume good intent, you take away their personal agency. It is a tool of domination. Don’t do it.

These requirements on behavior apply to members only while they are actively participating in the community.

If it applies to members only, what rules, if any, apply to guests in community spaces?

The standing of members is unaffected by behavior that does not comply with these requirements if this behavior occurs in other communities.

This is one of the most dangerous provisions in the whole code.

It means that anyone with a past or present history of bad conduct in another community is completely exempt from consequences in this community. Did you abuse your position of authority in another community? No problem in this one, you’re welcome to have a position of authority here. Are you a serial harasser and abuser of women elsewhere? No problem here, we welcome you with open arms! Have you been sanctioned by other communities for homophobic, transphobic, racist remarks? We welcome you!

The best predictor of future behavior is past behavior. It is patently absurd to make it a rule that you will ignore any and all information about a person’s past behavior in making decisions about how to include them in  your community.

INACTIVE PARTICIPATION

During inactive participation, you must behave as described in this section.

Be Civil. Do not engage in criminal activity, and do not sabotage the community or member’s careers for political, religious, ideological, or moral reasons.

Does that mean it’s okay to sabotage them for other reasons?

It can be dicey to draw lines around criminal activity, especially with regard to non-violent crimes for which people of color, for example, are arrested and punished for at much greater rates than their white counter parts. It also excludes a whole section of our citizenry who have almost no economical opportunities except those that are underground. Or those who break unjust laws for good reasons.

The reference to “sabotage” here reads to me like a prohibition against doing anything that might possibly create negative consequences for the community or one of its members. That’s problematic because: a) it’s not something one has total control over, b) it implies you’re supposed to subjugate your own needs to avoid even the possibility of bringing unwanted attention to the community or one of its members.

Don’t Dox. Do not disseminate any private details about others learned within the community without express permission, including but not limited to real name, address, phone number, or photo identity.

Other codes of conduct define doxing and “posting” or “publishing”, which implies doing so publicly, in a place available to a wide, uninterested audience (“uninterested” here meaning: without a valid interest in the information).

That FCOP authors use “disseminate” implies to me that you’re not to share anything you’ve learned about community members outside of that community, even in a non-public, secure way to an interested audience.

Sharing information about people, in order to increase the safety of the community as a whole, is not the same thing as doxing.

Don’t Shame. You must not negatively communicate about a member’s behavior (which occurred inside the community, or which you learned about while inside the community) with anyone outside the community without express permission of the discussed members, where the discussed members themselves decide what is negative.

Also one of the most dangerous provisions of this code.

It prohibits you from telling anyone outside the community about any “negative” experience you had with another community member without their permission. Someone harasses you? Can’t tell anyone about it unless the person who harassed you says it’s okay.

Moreover, the person who engaged in the behavior defines what is “negative”  so you might very well break this rule without meaning to or even knowing you did.

These requirements on behavior apply to members at all times, even when they are not actively participating in the community.

Ah, okay, so what you do outside of the community doesn’t matter as long as you don’t do something that happens to bring negative attention to the community. Got it.

PRIVACY

Private Communication. During active participation, you may take phone calls, direct messages, emails, and other semi-private forms of communication. Although private communication is not bound by FCOP, we expect all communication that can be seen or overheard by other members will comply with the requirements of FCOP.

Why is this even in here? It adds nothing except an onerous requirement than anyone you’re conversing with follow the FCOP if there’s any possibility they can be overheard or seen.

Private Consumption. During active participation, you may consume material on your own personal devices and from your own channels of communication, and this material does not have to conform to FCOP, assuming the material is not easily discernible to others.

Watching porn or reading ESRs blog out in the open in a community space is fine as long as no one knows you’re doing it. Okay. Wait, is porn even actually prohibited by the FCOP?

VIOLATIONS

No Victimless Crime. If you are a victim but you do not feel victimized, you may choose to not report the violation. In this case, we will not treat the incident as a violation.

In other words, we only want to do work if someone makes a stink about it. And we’re very specific about who is allowed to make a stink about it.

Reporting Process. Active participation violations must be reported to us within 15 days by victims, and may not be reported by third-parties. Inactive Participation violations may be reported at any time, and by anyone, even non-_members_.

Two weeks and a day. That’s all you get to rest, recover, and reflect upon anything that happened about which you might want to report. Take longer than that to process? You’re SOL. Get distracted by a work deadline, vacation, or come down with the conference crud? Sorry Charlie, you’re SOL.

I can’t think of any good reason for this provision other than reduce the amount of work for those tasked with responding to reports.

Want to report something you witnessed on behalf of another conference attendee? Nope, not allowed. Even if they’ve asked you for help.

Oh, except “inactive participation” violations can be reported at anytime, by anyone, including non-members.

 

Unofficial Resolution. For minor offenses and in cases where they prefer doing so, we encourage victims to speak to violators, using the language of non-violent communication (NVC). If you would like to do this with the help of an independent mediator, contact us and we will arrange for one.

This tells me organizers want to do as little work as possible, putting as much of it on those who are subject to transgressions. This is not how you empower those in your community, especially those who are marginalized.

Official Resolution. If you want an official intervention, we will appoint a judge. The judge will speak individually to all parties, including witnesses, before deciding on a course of action, which will involve rejecting the reported violation, or accepting it and imposing a penalty on the violator.

Correct me if I’m wrong, but don’t judges usually determine when a “person, place, thing, idea, or action is superior or inferior to any other”? Isn’t that disallowed by this FCOP?

The writers of the FCOP are so unimaginative and ill-equipped to be leading community, they can envision only two ways to respond to a report: outright rejection of it or a punitive measure. In my several years experience responding to code of conduct issues, the needed response has almost always been somewhere in-between those two extremes.

Penalties. Violators may be warned, asked to apologize, forced into training, counseling or mediation, or ejected and banned from the community, at the sole discretion of the judge.

That being warned, or asked to apologized, is framed as a penalty tells me a lot about how the FCOP writers think about stewarding community. Getting feedback on your behavior along with a request to modify it is not a penalty in and of itself. Nor is it handing out a penalty if you’re the one giving that feedback. It is part of being a social being. We all engage in inappropriate or unskillful behavior at one time or other and get feedback from others about it. Yes, sometimes this hurts and we feel shame, but this isn’t the end of the world. Learn from it and move on to do better next time.

You can’t force community members into training, counseling, or mediation. You can ask that they go as a condition of continued participation in the community, but that’s about it.

It’s not a good idea to have one person solely responsible for addressing code of conduct reports, as this implies.

Social Rehabilitation. No one can be banished for life, only for a determined number of years, not to exceed 5 years. Formerly banned parties can be reintegrated into the community through a rehabilitation process determined by us.

I would generally applaud a nod to rehabilitation, but I at this point I have zero trust in the authors of the FCOP. And including an arbitrary prohibition against lifetime banishment and a maximum of 5 years makes little sense to me. It implies banishment expires after 5 years, regardless of the circumstance.

Confidentiality. Reporting a violation is a confidential process. We will not publish information on any reported incident or the parties involved in the incident. Note that criminal behavior of any kind will not be kept confidential.

Again, I wonder how they determine criminality, at what point they make that decision and what they do with information they don’t consider confidential. This does not inspire trust as worded.

DISPUTES

In the event there is a dispute about the meaning of any term or clause in FCOP, we alone will clarify the intent.

In other words, it doesn’t matter how the community at large interprets what we’ve written in the FCOP. We’re free at anytime to clarify what we actually meant by what we wrote and use that instead.

More thoughts about the neveragain.tech pledge and what you can be doing instead

The neveragain.tech pledge continues to gain traction (if you can call it that) and I continue to analyze why I find it so troubling. For my initial thoughts, see this blog post.

A code of ethics or a call to collective action?

It’s not clear what the pledge is supposed to be. Is it a code of ethics and and conduct for our profession, or is it a call to collective action? I think it’s trying to be both, and it’s doing both very poorly.

Our profession already has a code of ethics.

In terms of trying to be a code of ethics: our profession already has this and has for some time. In fact is has a few to choose from. There’s the ACM Code of Ethics and Professional Conduct, the joint ACM/IEEE-CS Software Engineering Code of Ethics and Professional Practice, and the IEEE Code of Ethics. One of these are referenced by the pledge, but only way on down in the resources section and without context.

Whenever you eschew an existing standard, you ought to give a compelling reason why. Otherwise you give the impression of ignorance (not knowing about it in the first place) or egotism (doing something new so you can put your name on, h/t @JohnMetta).

I suspect a lot of us have never heard of any of the existing codes of ethics for our profession, or if we have it hasn’t been in any serious context of actually applying the code in our day to day work. If this is because so many of us are self-taught, or because these codes aren’t taught in computer science curricula, or some combinations there of, I don’t know. I am interested in finding out and in helping to educate my colleagues and put these codes into wider practice with commensurate accountability mechanisms.

If these existing codes are flawed and need revising, let’s work on that together. You can comment on the ACM’s revised draft now through 15 January, 2017. If you care about this stuff, go do that now. Don’t put it off.

In terms of serving as a code of ethics for our profession, the neveragain.tech pledge is significantly lacking. It is simultaneously uncomprehensive and overly prescriptive.

A poorly thought call to action.

In many ways, the pledge looks much more like call to collective action, especially given the part that commits signers to resigning their employment if they are forced to comply with behavior defined as misuse of data. This is a kind of direct action.

But in this it fails too, for any metric more significant than shallow performance. Where is the accountability, the support, the education, the building of trust required for effective collective action? Where is there any clue that the organizers of the pledge actually understand how to lead a collective action?

There are some glaring statements and omissions that make it clear to me they do not. First, the pledge requires people to quit their jobs rather than comply. Now, resigning might be the right thing for an individual to do based on their own sense of dignity or respect or emotional well-being. And, it might feel like a righteous and just action. But it isn’t necessarily the most effective action to take. For it to be effective many people would have to quit at once. And perhaps not even then. In their guide on Effective Strikes and Economic Actions, the IWW says “Workers can be far more effective when they take direct action while still on the job.”

It’s clear the organizers are overwhelmed and delighted by the volume of response to the pledge. However, it’s not clear to me they’ve given any real thought to the number of people required to partake in a collective action in order to make it effective and whether or not those numbers are achievable starting with this kind of online pledge.

How many does it take to be effective?

There’s no definitive participation rate at which strike-like actions are guaranteed to be effective. While we have a rich history of labor organizing upon which to draw, every direct action is different. What we do know is that whatever the circumstances, enough of the labor force needs to participate such that the target organization feels or fears significant, negative, long-term financial consequences.

Let’s say, for sake of this thought exercise, that the number is 20%. (Here is where I would love to hear from managers or executives about which percentage would cause you concern and make you change course.) According to the Bureau of Labor Statistics, approximately 4 million people are employed as tech workers. This doesn’t include those who are self-employed, and it might also be excluding those who have other job classifications but happen to write software. Again, this is a thought exercise, not a scientific paper. The idea here is to get a rough idea of scope.

20% participation x 4 million tech workers = 800,000 signers to pledge

As I’m writing this, 1943 people have signed the pledge already.

1943 / 800,000 = 0.24% towards goal

What would it take to reach the goal of 800k? Let’s say another 8k folks hear about the pledge through word of mouth, are sold right away, and show up to sign the pledge. That would bring the total to 10k.

10k / 800k = 1.25% towards goal

Now what would it take to get those additional 790k signers? Each existing signer would need to convince 79 of their colleagues to sign.

Applying the 20% goal to individual companies looks something like this to reach 20%:

  • Google (Alphabet): 13.9k
  • IBM: 75.5k
  • Facebook: 3.14k
  • Oracle: 27.3k

I’m using these companies global workforce numbers, because that’s what is most readily available, but you get the idea.

I bring up these numbers not to shit on the efforts of the neveragain.tech pledge organizers. I bring them up because I continually see our community fail to coherently, meaningfully discuss and analyze our tactics for driving change. It’s not enough just to have enthusiasm. You also need to know what you’re doing and have a good plan!

(The above numbers assume that everyone who signs the pledge will also follow through on their commitment to take direct action in their workplace. Assuming 100% is highly optimistic.)

There is more at stake than a Muslim registry. And there has been for a long time.

I say this not to minimize the threat to Muslim Americans or Muslim refuges living in America. That threat is very great.

It is also great to women, Latinos, Blacks, queer folks, those who are trans and gender non-conforming, those who are neuroatypical, those living with differently-abled bodies, those who struggle with houselessness, and those who are poor. The scale and nature of likely harm to individuals with differing intersections of these identities will vary, of course. I list them here not to equate them, but to demonstrate the scope of probable harm to our fellow citizens (of America and of the world).

Moreover, these folks have already been subject to varying kinds of harm and oppression and for quite some time. This did not start with the election of Trump. Tech has always had an obligation to stand up for these folks and by and large it has done a very bad job. Just look at how many of your co-workers are not white, straight, cis, male, and abled-bodied.

Every conversation about diversity and inclusion you stood by and watched or played “devil’s advocate” in was a missed opportunity to stand up for injustice. Every time you did not take us seriously about Gamergate. Every time you let your “difficult” colleague (who was likely a women, or Black, or queer, etc.) stand alone and be ostracized for raising an issue about how something your company was doing would have negative effects.

Tech colleagues, you’ve had a lot of opportunities that you’ve just completely squandered. I personally, have very little confidence, you will suddenly start to do markedly better.

And my confidence is not raised when the mechanism by which you are promising to do better repeats the very same mistakes we as a community have been making all along.

Continuing the status quo.

In my earlier blog post, I mentioned that I can’t join a movement when I don’t know who its leaders are. It turns out that the organizers of the pledge aren’t anonymous. They are revealing themselves to the media and on Twitter and probably elsewhere. But this isn’t the same as transparency or accessibility.

The pledge itself gives no background on how it was created or by whom. One should not have to dig for this information. It should be available via the pledge itself or no more than a link away.

Obfuscating leadership and process doesn’t promote individual responsibility nor does it make an effort more inclusive. All it does is obscure the context and motivation conferred by the project and make leadership less accountable to participants.

In tech, we have a long history of imposing our solutions on those who are marginalized, without their input or consent. We compound this error by ignoring or dismissing feedback when given.

Because the organizers have chosen to obscure who they are and by what process they created this pledge, I can only assume this same pattern is true. This is all the more true when at least one of the organizers is has a history of being hostile towards others’ religious practices and of ignoring the feedback from the people of color in communities they steward.

What I do see is a lot of (white) people on Twitter defending the pledge and Black folks saying it’s performative, shallow, and not helpful and not being listened to. Go see for yourself.

Not every effort deserves merit.

In my earlier blog post, I countered the idea that the pledge is the least folks can do. I want to expand on that by saying it might actually be quite counterproductive to support this thing.

It can hurt and does hurt to give attention to ill-conceived efforts. Attention is a finite resource. Giving our attention to poorly conceived or implemented efforts means there is less to give to ones that are better designed and better serving of their communities. Positive attention often brings benefits of all kinds: social and financial capital, credibility, etc. Folks with greater privilege, like white folks, receive more than their fair share of these benefits for work of lesser quality. And once they do, their projects and methods are remembered as good examples. And thus the cycle of mediocrity reinforces itself.

This is dangerous and counter-productive. It inhibits our ability to learn and grow. It reinforces the status quo and is antithetical to building solidarity.

Right action is way more complicated than you think.

Something else implied by this pledge is that there will be definitive moments where you know you are being asked to do something wrong and you will have a clear choice to comply or to walkaway.

In my experience, the actual situations we end up facing are nothing like this. They are complex and confusing and how best to act is quite often not clear. It takes continual, stumbling practice and a trusted network of advisors to gain enough experience to skillfully embody the ethical action we commit to.

And, for the most part, steps towards wrong action are gradual and indirect. I’ll illustrate this with a story.

Once upon a time, at my old job, I was on a call with the marketing team. We were discussing a project aimed at raising awareness about the importance of the open web. I noticed that the team, who was solely responsible for sourcing content for this project, was all men. I asked about the plan for including some women on the team. The response was deafening silence and the energy completely drained from the “room.” After some moments, someone responded with some kind of non-answer so empty I don’t recall now. The call continued and then concluded.

Sometime later, this same project published a pro-gamergate piece. All hell broke loose. Leadership had to deal with the ensuing PR mess. The project lead left the organization. We lost yet more credibility with our community.

Now, I’m not saying that having a woman on the team would have prevented the selection and publishing of a pro-gamergate piece. But I think it would have lessened its likelihood.

More importantly, the team’s and leadership’s failure to respond to the diversity issue I raised is directly related to the giant misstep it look later in publishing that gamergate article. No one was asked on that call to find and publish a pro-gamergate piece. They weren’t even asked to stay silent about the topic I raised; they simply did so because that was the prevailing culture. And in doing so, they took a small step towards creating the conditions for that later bad action to occur.

The lesson here? Start developing your senses now. Be on the look out for repercussions five, ten, twenty steps down the line. Speak up for all the little things because they lead to big things. Listen to your “difficult” colleagues when they raise issues even if you don’t quite understand where they are coming from. Use your privilege to assert publicly that what your colleague is saying is important and needs to be addressed. Start spending your social capital. Don’t wait for a rainy day, it is already upon us.

Some things you can do.

There are things you can do that require a lot more work than signing a pledge, but will be much more meaningful and impactful. Starting with the most specific and moving to the most general:

Read everything you can about labor organizing. If you’re curious about strike actions in particular, start here. Haymarket Books has a good collection of books about the labor movement and is having a 50% sale. While you’re ordering books from Haymarket, you might as well also get some on black politics and feminism. Read everything you can on IWW’s website. Then join if you are eligible. Figure out how to apply what you are learning in your workplace and in your community. A general strike is being planned for inauguration day. Learn about it and figure out if it makes sense for you to participate and how.

Commit publicly to abiding by one of the established codes of ethics for our industry. If you can’t decide, use ACM’s. Write a blog post saying that you’re committing to it and why. Tweet about it referencing neveragain.tech so folks following along know there is another option. Ask your colleagues to commit publicly as well. Encourage them if they hesitate. Start brining up the code of ethics in your daily work. You can do this by asking questions in your team meetings such as, “How does feature X abide or not abide with the code of ethics we’ve agreed to uphold?” Do this for processes that are already in place as well as new ones you are asked to create. Do this until it feels natural and then keep doing it. Hold your colleagues accountable, in whatever mechanism makes most sense, if you see them doing something contrary to the code. Likewise, support them if they seem to be struggling to uphold the code or being pressured to ignore it. Share your experiences doing all of these things, via which ever channels make most sense.

Find ways to materially and emotionally support the existing efforts of those who are most marginalized and at greatest risk. Support these efforts publicly, when it makes sense. Ask others to support these efforts. Listen deeply and learn from the folks leading these efforts without burdening them or colonizing their spaces.

Look for ways to build and support community where you live and to help meet the needs of those living closest to you. Pay attention to your neighborhood. Be a meaningful, respectful part of it.

Find ways to do the hard work of changing yourself. Prepare to give up things you have long taken for granted.

Thoughts about movement building and the neveragain.tech pledge

I’m glad to see burgeoning efforts in the tech community to organize in response to Trump’s looming presidency. One current effort is the neveragain.tech pledge, which opposes the creation of a Muslim registry and vows to refuse participation in such work.

I absolutely oppose the creation or use of any kind of registry to oppress those deemed to be undesirable. But I haven’t signed the neveragaint.tech pledge and I probably won’t. I have concerns about the pledge in particular, and about efforts like it in general.

I am not criticizing you if you signed it, feel empowered by it, or otherwise derive value from attaching your name to it. There are many ways to act in the world according to one’s values and I don’t prescribe one right way of doing things.

Here I want to share my thoughts on the pledge, and movement building in genera, especially for those who might be concerned by the absence of my name on the list of signatories.

I need to know who my leaders are.

I am always cautious of joining movements (or communities), especially ones that appear to develop rapidly. It’s important for me to understand what the shared values, agreements, and goals of the movement are. It’s important that I know who the leaders are, how they govern now, and how they have governed in the past. All of this information helps me understand what committing actually means in practice and helps ensure that I am living up to the commitments I make.

The neveragain.tech pledge lacks nearly all of this context. I don’t know who started the pledge or what their history organizing is. I don’t know if they have a demonstrated pattern of acting ethically and in good faith. All I have to go on is the list of signers, which continues to grow. Many names I recognize. Some of the signers I know personally and trust a great deal. Others I know to be problematic actors. The latter adds to my weariness about signing on.

I appreciate the need for anonymity in many contexts. And yet, having anonymous leadership never works for me.

Update (16 December 2016): Organizers of the pledge are identifying themselves to media and on social media. Still, you have to go track down this information. It’s not on the pledge itself.

I  need to understand strategy, context, and history.

I also want to understand the long-term vision of a particular movement and the strategy of a particular action, including how it serves the short- and long-term goals of the moment. I want to know it is well thought-out and is likely to use resources wisely, including the material, emotional, physical, and spiritual resources of the people involved.

I do not want to participate in vanity exercises or ones that end up being learning experiences that merely retread well-documented ground.

Of course, we must learn by doing. That’s fine. But I don’t want to start at square one when it’s not completely necessary. I want us, the tech community, to understand that there is a long history of organizing for social justice and a deep body of knowledge and experience derived from that history. I want us to acknowledge and build from this wealth of experience, using it as our starting point.

What resistance strategies have been effective?

Being a student of history, I want to understand the role of similar pledges in resistance movements and in organizing for social justice. Off the top of my head, I can think of examples of a lot of other kinds of actions that proved to be effective. I can’t think of a single pledge-type activity that was. (Please, let me know if you have examples.)

I’m still learning about what’s been effective. What I’ve learned so far is that localized, direct action is critical. Coalition building over geographic distance is important for knowledge and resource sharing, as well as fundraising and consciousness building. But it’s localized, direct action and community building that is the fundamental building block of movements.

What building solidarity feels like to me.

Building solidarity and community, especially in terms of trusted relationships and networks of mutual support are equally critical to building effective resistance and social movements. Organizing is tough, dangerous work. When it’s effective, it has real consequences. Living up to the neveragain.tech pledge means putting your salary and your health benefits on the line. I think many of us in tech are not prepared to do that.

In order to achieve and sustain mass participation, we must be willing and able to take care of each other, especially those who are most vulnerable and who will bear the greatest losses. We need to work on adjusting our mindsets so we are willing to give up some of our own security to help out others. We need to become adept at pooling and sharing resources so that we can provide each other with food, shelter, sundries, rent and mortgage money, household repair, medical services, etc.

So does the neveragain pledge help build solidarity in this way? It doesn’t for me. Generally I find that solidarity-building efforts that are primarily online and distributed feel too diffuse and empty. I need more direct, person-to-person interactions. Solidarity is fundamentally about trust. I need to have opportunities for shared vulnerability in order to build trust. I can do a lot of that via online communication, but need interactions to be consistent and frequent. And even then I need a certain percentage of these relationships to be based near to where I actually live.

I can see how signing the pledge might be the first time some people have ever made a public statement opposing the status quo. I can see how if that’s the case, doing so would feel like they are putting something on the line for what they believe. And with this in mind, I could see how those folks feel like they are building mutual trust with the other signers.  It’s just not where I’m at personally and I’m eager to start at a much different place.

We need to support a multitude of approaches.

The neveragain pledge is highly aspirational and prescriptive but it lacks accompanying support mechanisms and context. It sounds nice and just. Signing seems like the obviously right thing to do. But how do you actually embody the pledge in your day-to-day life? It is my experience that the moral calculus of the situations we actually end up facing are far from simple and a clear best choice is hardly ever available.

I once thought there was always clear, undeniable value in the lone employee, or small group of employees, standing up and walking out after all other avenues of addressing injustice had been exhausted. But having experienced this personally, and witnessing it play out several times, I now think differently. Power does not care about the lone employee or even the few. Power might care about a mass exodus or work stoppage if it impacts their bottom line. On the other hand, the individual employee(s) almost always have a lot to lose.

If you’ve done something like this as a lone employee or in small group, I’m not saying you should not have. Sometimes you have to speak truth to power even if its seems likely nothing will change. I support you in doing so. Likewise, I want to find better ways to support folks who resist injustice, both in terms of limiting harm (to individuals and their families) and maximizing effectiveness (of the overall movement or specific action).

And I also support you if you aren’t in a position where you can just stop working for a problematic company. This stuff is complicated. It’s not my business to tell you to quit and/or make public statements, or take any particular action for that matter, especially if I don’t know about all the others things you’re dealing with in your life. And even if I did, it still wouldn’t be my place to judge since I’m not the one that has to live your life!

Aiming higher than “the least we can do.”

I’ve seen a few people saying that signing the pledge is “the least they/you/I can do.” And that’s precisely the problem with pledges like this. Just as electricity takes the path of least resistance, humans will quite often do the least they have to and then move on to the next thing. I worry that this pledge will have that effect for many. Instead, we need to be focusing on the most that we can possibly do at any given time.

Our energy and attention are finite. We need to use them both wisely. Maybe the neveragain pledge is a great first start, one that will mobilize a great number of people to significant action. Or maybe it’s just another demonstration from the tech community that will get a lot of attention for very little impact.

What can you confidently infer about who signs these pledges?

There’s a strange side-effect I’ve noticed with these kind of pledges that I’m rather uncomfortable with. Those who sign it are awarded a king of “good” point and those who don’t fail to get the point. Or, worse, are assumed to be in favor of the things the pledge promises to work against. I’ve already seen one person in my personal network say something like “sign this or don’t talk to me.”

I think this is why there is always a group of people who rush to be the first to sign these things. Is it because they have truly committed to embodying the pledge, or because they want to be visible as having signed it?

Seeing a name on this list, by itself, does nothing for me. What touches me is direct interaction with you. It’s witnessing substantive conduct on your part. It’s hearing first hand from others whom I trust about your actions and deeds. It’s collecting these touch points over a period of time and contexts sufficient enough for me to get a sense of your overall pattern of behavior.

Signing a pledge does not constitute substantive conduct. It’s everything you’ve done before and after signing the pledge that matters.

The machine is already here; Our focus needs to be subversion, sabotage, and protection.

Another thing this pledge supposes is that there aren’t already sufficient, significant mechanisms for identifying and surveilling those deemed undesirable. I believe there is. And I believe there are plenty of organizations and individuals willing, no matter how many of their colleagues quit in protest, to maintain and improve these mechanisms.

And so I am much more interested in collectively developing, practicing, and deploying counter-measures. How can we technologists disrupt and sabotage what is already here? What protective mechanisms can we provide? What existing in-person support networks and movements can we participate in? How can we support coalition building across our vast country?

 

Remote vs in-office work is a false dichotomy

Johnathan Nightingale, who I know from when we were both at Mozilla, recently wrote about Why More Companies Don’t Do Remote Work (and probably shouldn’t).

How we talk about “Remote vs. In-Office” work

I agree with much of Johnathan’s analysis. I don’t think those who favor in-office work are monsters. I don’t think companies shy away from remote work because they hate freedom. Nor do I think such companies should be shamed for their decisions. Mostly what struck me about Jonathan’s post, and many like it, is that we still think of remote vs in-office work as either/or.

At best, we talk about it as if it were a continuum. On one side, there’s flexibility, greater access to talent and the added benefits that come with building the infrastructure and communication practices required to make remote work possible. On the other side, there’s the efficacy that comes with being co-located, the ability to share central, office-based resources, the convenience of your co-workers being visible and in close physical proximity during business hours. Hybrid companies, as Jonathan refers to them, fall somewhere in between the two ends, slightly favoring one mode of work or the other.

What if they aren’t mutually exclusive?

What if, instead, we recognized that what we’re really talking about is modes of work that people naturally alternative between, depending on how they’re feeling, what’s going on in their life, the type of work they are trying to get done, and many other external factors? What if we design work places and processes that took this into account?

Why I hardly ever went to Mozilla’s Portland office

To explore what I mean, it’s helpful to look at some real-life examples. When I first started at Mozilla in September 2011, it was as a remote employee. Later Mozilla opened a Portland office, but I still did most of my work from my home office. When I did go in, which was about 2-3 days a month, it was mostly to be seen and to catch up with co-workers.

Why didn’t I go into the office more? Couple of reasons:

  • The office environment was exceptionally distracting. All of Mozilla’s offices have an open-plan layout, which I find it nearly impossible to concentrate in. The Portland office also has a very limited number of conference rooms and they were nearly always booked. I couldn’t count on being able to use one for a quiet workspace (or even a meeting for that matter).
  • None of my direct team members were based out of the Portland office. While I always enjoyed talking with fellow Mozillians on other teams, going into the office didn’t give me the direct benefit of sitting side-by-side with whom I was directly collaborating.
  • It cost time and money. I’m one of those people who loathes commuting, even when transit options are timely and plentiful (which they aren’t from my home). A daily commute of 30 minutes each way is 5 hours a week I could better spend on any numbers of things. Meditating, doing yoga, walking our dogs, reading, writing, gardening, etc.

That said, I very much miss having access to the Portland Mozilla office. It’s incredibly useful to have a go-to, well-appointed space for collaboration. Offices are great for that.

I also think it’s great to have a go-to, well-appointed space for deep work. Unfortunately offices, particularly those with open plans, are terrible for that.

The drawbacks of remote work apply to in-office work

Regarding some of the supposed benefits of in-office work and the drawbacks of remote work, we are likely mistaking correlation for causation. The three drawbacks that Johnathan specifically mentions all apply to in-office work too. They are just sometimes more apparent with remote workers:

  1. Remote Work Exacerbates Performance Problems. Remote work is going to put strain on some worker-organization relationships and for others it will lessen that strain. Likewise, in-office work masks certain kinds of performance problems. Simply showing up each day and appearing to get shit done, doesn’t actually mean you are.
  2. Remote Work Often Creates Two Tiers of Employee. While I agree that remote workers are more easily left out of the loop, all organizations have tiers of workers, regardless of where they work. Unless the core groups of organizations work exceptionally hard at it, there will always be some employees more in the loop and with greater access to opportunity than others. This disparity isn’t eliminated when you’re all co-located and it’s a trap to think otherwise (because you’re then less likely to continue doing the work of including everyone).
  3. Marginal Drag Matters. Having remote workers may cause marginal drag in one direction, but what about the marginal drag created by requiring everyone to come into a central office in order to consider that real, focused work is being done? To assume there is none seems to ignore how people actually live their lives and do their work.

 

What would it look like to support both kinds of work?

What would it look like to recognize and fully support both remote and in-office work, allowing everyone the freedom to select which mode is appropriate at a given time?

I believe it would include:

  • Having well-appointed, accessible offices with flexible seating and plenty of meeting and private workrooms alike. I would like workplace to be much more like university libraries. The office should have great shared infrastructure, including all the tools and reference material you need to get work done. You should be able to go to it when it’s the best place for you to work, and when you need to collaborate in person, but not be required to be there any kind of set hours. Likewise, if you want to work only at the office, you can.
  • Great collaboration infrastructure that enables remote and in-person ways of working alike, at the same time.
  • Good, multi-modal communication and documentation is valued, supported, encouraged, and practiced at all levels across the organization.
  • Managers are trained and supported in leading inclusive and diverse teams, including how to deal with issues related to flexible schedules and work environments.
  • Team members’ expectations of one another are clearly communicated and there is a clear and supported process for resolving conflict when it arises. There is agreement about when and where people will be available, and people follow through on those agreements. The team meets regularly in person and remotely according to its needs.
  • Ample opportunities to socialize, both on-line and in-person, and in structured and spontaneous ways.

Such a setup would allow people and organizations to benefit from both kinds of working situations. So, rather than judging and vilifying the different ways of working, we can realize that each has benefits and drawbacks depending on the situation. And we can work to maximize the benefits and minimize the drawbacks of each .

You still have to make decisions

All of the above requires that an organization’s leadership recognize that there is no such thing as a one-size-fits-all approach. It requires they lead more and control less. It also requires a certain level of investment in technology infrastructure, though much less now that things like Skype and Google Hangout are ubiquitous. So, by far, the first requirement is the much harder one to meet.

And organizations still have to decide from how far away they are willing to hire. This should in part be a function of how much in-person collaboration is needed for the role, where the rest of the team is located, the annual cost that employee’s travel, and their willingness to travel.

Actually, now that I think about it, I would love for every job description to specify how much in-person collaboration is required. A job where I’m expected to spent half my time in meetings is very different from one where I’m expected to spend half my time pairing one-on-one, and different still from one where most of my work will be solitary.

And, even if you’re comfortable with remote work, hiring employees who live in different states, let alone countries, creates additional overhead.

 

Life one year after leaving Mozilla

A year ago tomorrow was my last day as a Mozilla employee. Quitting was the one of the best decisions I’ve ever made. I’m working for myself and I love it.

Here are some projects that I’ve been working on:

Building a wood bookcase from scratch.

Bookcase I built from scratch.
Bookcase I built from scratch.

Watching and photographing the birds that visit our yard.

Pine Siskins have words at the feeder.
Pine Siskins have words at the feeder.

Recruiting and on-boarding several new Stumptown Syndicate board members.

Driving to California (accidentally during a snowstorm) to visit family. One of the things we did on the trip was visit the Monterey Bay Aquarium, which I had never been to.

23774600566_edd8ecf29f_z

Starting a consulting practice, Authentic Engine. I have a few client projects now, and am looking to book more work for the Fall. Know an open source project wanting expert help with participation, leadership, or governance issues? Get in touch. I’m also available for contract programming (python, php). If you like stickers, I have those for sale too.

No endeavor is truly launched until it has stickers.
No endeavor is truly launched until it has stickers. And so it is with Authentic Engine. Buy some!

Learning audio recording and engineering and launching the Recompiler Podcast.

recompiler-podcast

Handing off the organizing of Open Source Bridge to two new co-chairs!

Taking Bertie to the beach for the first time. He loved it. Although, we learned the hard way bulldogs really can’t exercise for very long because Bertie needed several days of recovery afterward.

Bertie's first trip to the beach.
Bertie’s first trip to the beach.

Seeing my favorite band, The Cure. Twice! Once in Los Angeles and again closer to home in Ridgefield, Washington. We had much better seats at the Ridgefield show and had a fantastic time.

The Cure performing Just Like Heaven, Ridgefield, Washington, May 2016
The Cure performing Just Like Heaven, Ridgefield, Washington, May 2016

Touring SpaceX. While we were in LA to see The Cure, a friend of ours arranged a tour of SpaceX. It was amazing. Couldn’t take any pictures inside, unsurprisingly, but managed to get a goofy selfie outside.

Smiling because we just toured a fraking rocket facility!
Smiling because we just toured a fraking rocket facility!

Attending Allied Media Conference, including the excellent Growing our Souls tour (my photos) of Detroit.

Me, at Project Heidelberg in Detroit, Mi
Me, at Project Heidelberg in Detroit, Mi

Shopping for individual health insurance plans three times. Yes, three times in one year. The first was before I left Mozilla because applying COBRA would have been prohibitively expensive (~$1,400 per month). The second was during 2016 open enrollment because our rates had been raised over $100/month. The third was last month when the State of Oregon abruptly put Oregon Health Co-op into receivership. Fun times! But, hey, at least thanks to the ACA, we can actually sorta find health insurance outside of a group plan. We’re with Providence now and we hope they stay affordable and in business for a while.

Gardening. Lots and lots of gardening. This year we planted lots of vegetables and added several new flower beds, populated mostly with plants I started from seed. It turns out I have a bit of a green thumb! Who knew?

An evening's harvest from our garden.
An evening’s harvest from our garden.

 

Flower beds in bloom. Most of these I grew from seed.
Flower beds in bloom. Most of these I grew from seed.

Photographing the flowers I’ve been growing. I don’t have a macro lens, but am faking it well, I think, with my 35mm and some close-up lenses.

Bee on Shirley Poppy, one of the many flower macros I've taken this season.
Bee on Shirley Poppy, one of the many flower macros I’ve taken this season.

Watching hot air balloons launch at the Tigard Festival of Balloons. I first heard about this festival shortly after I moved to Portland in 2007 and realized just before my birthday that it’s practically in our neighborhood, so Sherri got us tickets. It was challenging to get up at 5am to get ourselves over there in time for the sunrise launches, but it was so worth it.

Hot air balloons launching at the Tigard Festival of Balloons!
Hot air balloons launching at the Tigard Festival of Balloons!

Speaking at Open Source & Feelings on a really tough topic.

Reading and more reading. Soon I will have read all of Walter Mosley’s Easy Rawlins‘ books and this will be bittersweet. I take solace in knowing I still have plenty left to read of Mosley’s Fearless Jones and Leonid McGill series and I’m only a little over half-way through Laurie King’s Mary Russell and Sherlock Holmes books. Plus you never know when you’re going to stumble across a great new detective series such as M.J. McGrath’s Edie Kiglatuk or Cara Black’s Aimee Leduc Investigations.

Feeling better about myself and being less stressed than anytime during the previous 4+ years. Our income isn’t steady yet and dealing with health insurance is obnoxious. But we’re making it work. I can say now that leaving a job that was steadily grinding me down was absolutely the right call, even if it felt totally wrong at the time.

Thanks everyone who’s supported me along the way and continues to do so! You make all the difference. If there’s anything I can do for you, please let me know.

 

Free speech and its many meanings

The last two weeks I’ve been spending way too much time reading, thinking and tweeting about LambdaConf. If you’re unfamiliar with the situation and want to catch up, read this excellent post by @codepaintsleep.

One thing observing the situation has made me realize is that some folks have a very different conception of free speech than I do.

In my mind, our right to “free speech” prohibits the government from restricting or punishing speech. I do not view it as anti-free speech when a group of private citizens denies you the opportunity to speak in their spaces. Nor do I believe our constitutionally protected (in the United States) right to free speech guarantees anyone the right to unfettered expression via commercial platforms such as Twitter, Facebook, etc.

That’s not to say that I don’t have concerns about how companies and commercial bodies regulate expression within their realms. They often do it badly, enabling abuse, or reinforcing existing inequalities. Some entities have sufficient control in how business is done in their industries that their suppression of speech can have adverse affects similar to government censorship.

I also have complicated and unresolved feelings about the use of boycotts. Particularly this is true when it’s a call to boycott a vendor who provides a lot of things to the general public. I think even the most offensive material, should be available for people to learn from, to understand, to be aware of, should they choose to investigate. I think it’s possible in certain contexts to sell something without endorsing it.

Furthermore, I believe that the right to free speech must be balanced with the right to choose with whom we spend our time and what we do with our bodies. This doesn’t make me anti-free speech. This makes me pro-free speech, pro-free association, and pro-bodily autonomy. None of those rights make sense on their own without the others. If your right to free speech means that I have to listen to you no matter what, my right to free association and bodily autonomy is diminished.

Prior to this year’s LambdaConf debate I never thought there was a real debate about this. I’ve been around open source for a while, so I’m familiar with the idea that some think any restriction on speech, regardless of context, is censorship.

What’s new to me is that there are folks who think any mechanism which enables someone not to listen to you violates free speech and is censorship. By this logic, if Twitter were a noisy cafe, then putting on your headphones so you could concentrate would be censorship. And, by this logic, any tool that allow others to reduce their exposure to harassment (blocking, muting, etc.) is censorship. It’s even more egregious censorship if these tools are provided at scale.

Furthermore, some of these folks seem to think ‘free speech’ is an exemption from civil behavior and social norms.

I’m still processing what this means. If nothing else, it helps me understand better what’s going on when we debate about this stuff. Being weary of centralization and government interference is different from being weary of systems which empower individuals to choose what they consume and how they communicate with each other online.

I firmly believe we can create tools and systems which mitigate harassment and abuse while enabling free expression and exchange of information based on choice and autonomy. I believe we can design these systems in a ways that preserve anonymity when desired and that don’t necessarily further government surveillance and intrusion.

But we probably aren’t going to build these systems with the help of folks who are fully committed to prioritizing free speech at the expense of free association and bodily autonomy.

 

 

A product development epiphany

At the beginning of the year, I announced Authentic Engine, my new consultancy.

I’m going to share a rather honest update about how things are going, and I plan to do so with some regularity. This gives me some trepidation. Visibility nearly always makes me feel vulnerable, even if the attention is subjectively positive. And general business wisdom favors secrecy and possessiveness above transparency and sharing. Instead, I’m making a deliberate choice to muster courage to favor intimacy (which requires vulnerability) and community.

Perhaps some of you reading are potential clients or customers and in reading about my uncertainties and missteps you’ll decide not to work with me. I’m okay with that, for if my writing here turns you off then we were never going to be a good match. What’s gained, I believe, will be far greater than whatever’s lost. Some will be enriched reading about my experience. Others will appreciate my candor and that I’m willing to do the scary work of making mistakes, sharing those mistakes, and trying again. Some of you will be motivated to work with me explicitly because of this writing.

So here goes it!

A raison d’etre

While I have a great deal of open source tech experience (my first tech job was in 1997 at UC Davis’ network operations center), I have almost no experience consulting in the way I’ve set out to do now. I’ve worked at start-ups and well-established companies. I’ve started and ran non-profits. I ran my own programming shop under CK Web Development. All those experiences have been immensely valuable, but my experience with them has limited applicability to what I want to build now.

I’ve gravitated towards consulting because I want to apply my experience as a programmer, a technical project manager, a developer advocate / technical evangelist, a non-profit manager, a small business person, and an open source community organizer to help folks working in those fields have better work experiences.

By better work experiences, I mean a few things:

  • authenticity, presence, mindfulness, and empathy in day-to-day work;
  • empowered, adaptive leadership;
  • effective navigation of organizational life; and,
  • the building of meaningful and fulfilling careers without burning out.

This isn’t just about making people feel better at work. Whatever your current role in tech, these are practices which will make you better at your job. The production of software, the governing of open source projects, the evangelizing of technology all requires building and maintaining relationships with people. The better your people skills, the better you can effectively apply your technical skills.

By focusing my work on individuals, I intend to contribute to a cumulative effect of improving our technical and open source communities. The more the folks that make up our communities practice and cultivate the above “people” skills, the more inclusive, sustainable, resilient, and commons-serving they will be.

So that’s my raison d’etre for starting Authentic Engine, but how am I actually going to make a living?

What appeals to me about “consulting”

Before I announced Authentic Engine, I did a lot of reading on what it mean to be a consultant and how to run a consulting practice. Some things I read resonated with me deeply: consulting as a calling, humble inquiry, being a trusted adviser, process consultation and the helping relationship. Other things I couldn’t connect with at all, especially the nature of the marketing and sales processes many consulting business books (such as this one) espouse. I don’t want to have a ton of annoying pop-ups soliciting your email for watered-down content, or resell someone’s proprietary organizational trait assessment. Moreover, many books are scant on details about how to actually develop customers if you don’t already have a base established.

Finally it occurred to me to start thinking in terms of answering the question, “what is my product?” The consulting books say you are your product. Okay, I get that to an extent. But it doesn’t feel very sustainable or scalable to me. Nor does it have the depth of experience I want Authentic Engine to bring to others. I want many teachers, and coaches, and trusted advisers, with all their varied histories, experiences and backgrounds to inform and create what we bring to others.

If I am not my product, what is?

So now that I’ve rejected that I am my product, I have to find out what is. That has me researching and learning all about product development. Working in technology as a programmer, project manager, and developer advocate means that I’ve been on the periphery of product management and development most of my career. Now I’m embracing the role officially, which means learning and practicing a new way of thinking.

I’m in the middle of Steve Blank’s The Four Steps to the Epiphany, which focuses on a kind of lean product development for startups that Blank calls Customer Development. So far the framework is making a lot of sense to me. It centers upon developing a deep understanding of your customer and their needs and using that to inform your product development.

Learning deeply from my customers

So that’s what I’ll be doing next. I’ll be thinking about my customers — starting with folks who hold the jobs I’ve had before: technical evangelists (aka developer advocates) and their managers, software developer and their managers, technical product marketing managers (which I’ve worked for, producing events), and open source project stewards.

Actually I’ll be doing more than just thinking about them. I’ll be reaching out to as many of them–as many of you–as possible to listen and learn what their pain points are, what those pain points are costing them, and how they’d like to solve them. I’ll use this information to validate and improve my hypotheses about the Authentic Engine products that will help them.

Exciting and scary

I’m finding this approach very exciting. I love connecting with people, learning about them, building connections, and figuring out ways . But it’s also terrifying because I know this will take time and our financial reserves are dwindling. While I’m developing my customers and products, I’m also going to have to find income, either through consulting or contracting.

How you can help

So, if you or someone you know is needing help with planning a community-focused technical event (like Open Source Bridge, which I co-chaired for 5 years), or managing a technical project (like creating a localization platform for Firefox OS App developers, which I did at Mozilla), or revitalizing a community contributor platform (like I did with MozillaWiki), or improving open source governance (Stumptown Syndicate), or anything else about which I have subject area expertise, please get in touch or book a meeting.

A promise to continue sharing and connecting

Meanwhile, I’ll keep sharing here what I’m working on and what I’m learning.

Soon I’ll post about:

  • realizing I need to be talking to lots more people and how I’m following through on that despite how weird and shameful it can feel;
  • what I’ve learned about content-based marketing and how I’m putting it into practice;
  • how Sherri and I are figuring how how to support one another and keep our household functional while we both build new businesses;
  • what I’m doing to manage my workload, replenish my “spoons,” and avoid burn-out; and,
  • learning to be okay with uncertainty, imperfection, and iterative improvement.

Keeping in touch

As I intimated above, I promise to make more, better connections with all of you. And I invite you to do the same. Leave a comment below, send me an email, or a tweet, or give me a call (go to authenticengine.com for phone number).