Why open source software isn’t as ethical as you think it is

(And why it is)

The internet depends on open source software. Free and Open Source Software licenses have transformed the way software is made, and how internet businesses are created — so I don’t want to argue against its existence. But it’s imperfect, and recognizing those imperfections is important. I founded two major open source community projects.

Open source communities are exclusionary. According to a recent survey by GitHub, 95% of open source contributors are male. 3% identified as female, and 1% as non-binary. (This is actually double the number from a few years ago.) Meanwhile, 16% identified as being from a minority background.

There are lots of compounding reasons for this: for example, only certain kinds of people can afford to volunteer their time for software projects. The same survey said that 50% of people had witnessed aggressive behavior in open source communities, which is enough to scare people away.

This is particularly harmful because open source contributions are often used to evaluate engineers in the hiring process. If only certain kinds of people are actively contributing, hiring processes that take GitHub profiles and pull requests into consideration will have a built-in bias to those people — leaving whole demographics out of the tech talent pool. Taken in aggregate, this has a profoundly damaging impact on the entire industry.

The capital dynamics are all wrong. When you release open source software, you have this egalitarian idea that you’re making it available to people who can really use it, who can then built on it to make amazing things. Some open source contributors are fundamentally against the idea of profit and capitalism.

While this is a fine position to take, consider who has the most resources to build on top of a project that requires development. With most licenses, you’re issuing a free pass to corporations and other wealthy organizations, while providing no resources to those needy users. OpenSSL, which every major internet company depends on, was until recently receiving just $2,000 a year in donations, with the principal author in financial difficulty.

A more deliberate license might charge corporations and then funnel some of that money back to provide assistance to non-profit organizations, activists, and so on.

What isn’t radical: a person from an underrepresented background building software and giving it away for free to a Fortune 500 company. What is: them getting fucking paid.

For more, read Ashe Dryden’s excellent piece, The Ethics of Unpaid Labor and the OSS Community.

Open source projects are usually code-first. If you’re building software to solve a human problem, you need to talk to those humans. A lot. Not just by asking them direct questions, but by gaining a holistic understanding of their lives. By doing this, you can often arrive at novel solutions that you wouldn’t even have considered if you’d tried to ideate in a vacuum. And by going back to those real humans with your early prototypes, you can figure out if you’re building the right thing very early.

Open source projects rarely do this. A common mistake is to assume that collaboration inside the open source project itself can take the place of these design cycles. This mistakes the development methodology for a design methodology, when they need to be two parallel processes. And the result is often that the software is optimized for people who have the ability to contribute to the community. Yet again, more software for relatively wealthy, straight, white men. You’ll be shocked to hear that open source software has a reputation for poor usability, preventing most projects from ever becoming mainstream.

It would be an easy thing to fix process-wise, although introducing behavior changes to these communities may be harder. Introducing human-centered, prototype-driven design to open source communities, and making it a standard part of the open source methodology, would be a game changer. (If you’re interested in this: get in touch .)

Open source software is good. It makes it easier than ever before to start a project. Shared code between projects for common tasks means that code should be more resilient and safer. For security projects, open source is also a requirement: you need to be able to audit the codebase in order to ensure that software is safe and free from backdoors that surreptitiously let people into your private information.

Everything I’ve talked about here is fixable. More than anything else, open source needs a culture change: people, rather than code, need to be the center of gravity. Creating safer open source communities will allow a wider set of people to participate. So will licenses that allow people from less-affluent backgrounds, or with fewer time resources, to gain from their contributions. And better usability, with real people at the center of the process, will allow more projects to be used by far more people.

Without these things, the definition of “open” is just: you can look at the code. With them, we’re truly allowing access.

This is a personal blog post, but I need to point out: I’m looking for mission-driven startups helping to build a more informed, inclusive and empathetic society. Applications close on October 27th; here’s what we’re looking for.