At the beginning of September, I left my role as Head of Programs & Contributor Experience at Automattic and stepped away from the WordPress project. It has been An Adjustment, leaving such an invigorating role that, for a long time, I truly loved. In truth, I’m still processing my choice to leave a company and community I had been embedded in for six years.
After WordCamp US 2024, it has been impossible to look away for all the unexpected reasons.
It is heartbreaking to see people dear to me suffer in a community they previously upheld. Seeing programs we worked so hard for negatively impacted is devastating. It’s uncomfortably unfamiliar to be watching this latest WordPress kerfuffle from the outside.
I’ve been deep in my thoughts and reflecting. On how much energy it takes to build programs well, and how easy they are to tear down. Does the good we generate along the way matter? Did it make a meaningful difference for people? I still believe so. I’ve been thinking about how difficult it is to gather and point people in the same direction. It’s invisible work that unaware leaders readily discount.
Recent reflections
My latest reflections are around this curious change to the WordPress project Code of Conduct. Listed alongside other unacceptable behaviors, a fresh undesirable: publishing private messages without consent.
Changes like this are always intriguing because I want to know what made them necessary. I’ve long known that a community code of conduct is not a magical balm. It can be weaponized to subvert its original intention. For caring community members, the tasks ahead are complex. How can you identify when that happens? What can you do about it?
Weaponizing a code of conduct
We’ve all seen a code of conduct, policy, etc., weaponized before in a community, government, or other regulating body. The result is horrible: it hurts the very people the code of conduct intended to serve. The weaponization of a code of conduct can come in many forms, so here is a non-exhaustive list of examples I’ve observed across various communities.
Community members weaponize a code of conduct when:
- They feel they’ve “won” their code of conduct report and publicly announce just enough detail to diminish other community members or to raise their credibility.
- They claim code of conduct violations intending to suppress opposing voices, even if the criticism is fair.
Administers of the code of conduct weaponize it when:
- They inequitably apply the code of conduct, perhaps in reaction to specific situations or by issuing a more severe response only in particular situations.
- They adjust the code of conduct to benefit a particular group or individual.
- They adjust the code of conduct intending to restrict contrary but valid viewpoints or to suppress dissent.
There is absolutely nuance to all of this, especially when considering the impact of power dynamics, additional context, etc. But it is a fact that when community property is so offensively wielded, it hurts the community itself, often underrepresented individuals. It also makes the work of any response team intensely far more complex.
And to be clear, every community should have a code of conduct. At its core, a code of conduct describes the behaviors expected when engaging in a shared space and what might happen if unacceptable behaviors occur. The best code of conducts are up-to-date, clear, to the point, and provide information on where to go for help or questions. The worst are vague, an exhaustive list of don’t do-s, and provide no recourse for follow-up. When properly created, a code of conduct exists to serve the community and offers current and new members a concept of community culture.
Focusing on the WordPress Code of Conduct, this latest change is something that most people under regular circumstances, will likely readily agree to. However, it contradicts my experience with the Community and Incident Response Teams. We generally tried to avoid making very specific “don’t do this” type rules, opting instead for behaviors we wanted to encourage. Changes to the Code of Conduct usually follow some discussion (an example). The WordPress Incident Response Team is a close-knit group, and I have difficulty believing they would make such a change without public discussion. To my alarm, team members also seem to be voluntarily resigning. And never before, were changes (or anything about Code of Conduct, really) published on /News.
The timing is also suspect, or right, given everything happening in WordPress at the moment. It depends on how you prefer to view it.
As I shared, I’ve left WordPress and Automattic, and in keeping with standard practices, was removed from the Incident Response Team spaces on my last day. I don’t have insight into what happened. However, to my earlier question of how one can identify if a code of conduct is being weaponized, these observations sprang to mind.
What can we do?
Which brings us to our next question. What do you do if a community code of conduct is being weaponized?
Well, there are several restorative steps to take. Some steps I’d recommend include:
- Regular review of the code of conduct and response team practices. This allows for outdated or confusing language or practices to be updated, and the opportunity to incorporate new best practices.
- Transparent processes. While the nature of incident response requires confidentiality, communities can absolutely be transparent about common steps taken. This can come in the form of making training publicly available, answering questions, or holding discussions about the code of conduct and response team.
- Ethical escalation measures. Especially for a volunteer response team, having appropriate points of contact to handle the most difficult or controversial incidents is a necessity. And, in the case where reports involve community leaders, it makes sense to bring in a neutral mediator.
- Ensure a well-staffed response team. Responding to incident reports is tough work, but a diverse response team with enough time and training can more effectively respond to community challenges.
In essence, the goal is to revive healthy, community-based practices. If your final decision maker is resistant, well, that certainly makes it more complicated. However, my experience in an open source community has led me to believe in the scrappiness and resilience of community members, especially once they gather and move in the same direction together.
Side note
As Head of Programs and Contributor Experience at Automattic, I worked closely with contributors to guide and launch programs. In six years, I saw the events program through the pandemic, encouraged experimentation and modernization of events, launched Learn WordPress and the Contributor Mentor Program, and mentored diversity initiatives, among other rewarding activities.
And to be extra transparent, anything related to the WordPress Code of Conduct and Incident Response Team is likely to attract my attention. During my time with WordPress and Automattic, I oversaw incident response and mediation work in the WordPress community. I advocated for a project-wide Code of Conduct, authored the first drafts of the Incident Response Team Training, created the Incident Response Team, and onboarded and trained its first team members. I was fortunate to have substantive community input and support at every step, and yes, I even enjoyed spirited conversations with those who disagreed with the work itself. In case you can’t tell, I am proud of my work here.