I’ve been an open source champion for a long time. I believe in transparency. I believe in public process. I believe that bringing more people into the room and making the process visible produces better outcomes.
And I’ve watched communities I love burn through their best contributors because they couldn’t figure out when not to do everything in public.
This is the thing we don’t talk about enough.
There’s a common belief in open source that radical transparency is an unconditional good. Everything logged. Everything archived. Every decision made on a public list where anyone can read it, respond to it, and screenshot it for later use. The argument is intuitive: sunlight is the best disinfectant. Transparency protects against power consolidation and secrecy. Leadership is a performance art.
I’ve said that last one myself. I still believe it.
But I’ve also seen what happens when transparency becomes an ideology rather than a tool. When communities treat any private conversation as inherently suspect. When good contributors get publicly savaged for decisions that were more complicated than the hot-takes acknowledged, and then quietly stop contributing. When conflicts that needed careful, private handling got aired in front of a live audience and never actually resolved. When every governance discussion became a performance of who was most righteous, rather than an honest attempt to work something out.
Radical transparency doesn’t always produce radical honesty. Sometimes it produces theater.
Here’s what I mean. Sit in enough governance calls, read enough mailing list threads. You start to notice: the real deliberation has already happened somewhere else. What you’re watching is the 90% solution, brought forward for discussion and socialization. Because people don’t air genuine uncertainty in front of an audience of hundreds. They don’t say “I’m not sure this is right” in a space where that gets archived and weaponized later. So they wait until they’re confident, or until they’ve built enough private consensus to feel safe. Then they show up to the public forum having already decided.
This is what transparency absolutism produces: it doesn’t eliminate private deliberation, it just denies what is happening and makes it invisible. The actual decision-making retreats into DMs, off-list email, hallway conversations at conferences not everyone can afford to attend. If we want governance that’s genuinely accountable, we need to be honest about which conversations require privacy to function — and then design those spaces intentionally.
There is a human cost to the public forum which we consistently undercount.
I have watched thoughtful, skilled, generous contributors leave communities after being publicly piled on for a governance decision that had more context than the audience was given. I’ve watched people self-censor for years. Too many people never raise a concern, never flag a problem because they have seen what happened to someone who did. The communities that proclaim most loudly their commitment to openness are sometimes the most hostile to honest dissent, because every disagreement becomes a public performance.
This hits hardest for people already navigating the most social friction to be in the room. Psychological safety, the ability to take an interpersonal risk without fear of punishment, isn’t a soft concept. Isn’t evenly distributed. And, it’s a prerequisite for honest participation. You can’t build it in a fully public forum.
So what private spaces are actually legitimate? I’m not arguing for back rooms and opacity. I’m arguing for intentional design. Here’s how I think about it.
Code of conduct and conflict resolution. This one is non-negotiable. When someone files a harassment or CoC complaint, that process has to be confidential. This confidentiality is not to protect bad actors, but to protect reporters. The same legal and privacy obligations that govern HR processes exist for a reason, and they apply with even more force in volunteer communities where people have no institutional protection. Public trials produce performance and permanent record, not resolution. The community should know a process exists, how it works, and what outcomes are possible — without transparency into individual cases.
Leadership deliberation before public proposals. There’s a meaningful difference between a decision being made privately and a proposal being developed privately before it comes to the community for real input. Leaders need to be able to think out loud, explore bad ideas without them becoming permanent positions, and build enough shared understanding to make a coherent proposal. If every half-formed thought must be aired immediately, the thinking that happens in public gets shallow and performative; the real thinking moves somewhere less visible. The guardrail: deliberation may be private, but decisions must be public and subject to genuine input. The community must have a real opportunity to change the outcome.
Sensitive personnel and employment matters. This is the category open source communities handle most badly, because we weren’t designed for it. When a maintainer’s behavior creates a problem and the full context involves their employer, their personal circumstances, or information shared in confidence, there is no good public path. The community gets asked to make a decision without the information it needs. Or the relevant parties get asked to expose things that shouldn’t be public. Or the problem festers because no one wants to touch it. Mature governance requires a small, trusted group or ombudsperson function which can hold this information and make decisions with full context.
Mentorship and next-generation leadership. This is the most politically sensitive, because it touches the nerve of insider access. But I’ll argue for it anyway. When community leaders are deciding who to invest significant time in — who gets mentored, who gets nominated, who gets an introduction to a key person — those conversations benefit from a private space where honest assessments can be made. The alternative is that sponsorship happens entirely on informal vibes (the hallway track), or it becomes performatively positive because everything is public. Neither actually serves the goal of building a diverse, capable next generation of leadership. The accountability check here is outcomes: does the group being invested in reflect the community’s diversity goals? Is the process documented well enough to evaluate over time?
Psychological support offers. Lots of community members handle situations of psychological stress up to burn out. Individuals feel overwhelmed by the expectations and the pressure to deliver a product like quality without having even nominal corporate support structures. This situation is common but is often internalized as individual failure or worse, leads to isolation and compounding negative experiences. Normalizing project level conversations of this stress and developing community practices for support and coping is important. However, individual needs must be handled privately as this kind of problem can still stigmatize and may have second order impact on families, careers and even health insurance.
Across all of these, I see three things that separate legitimate private spaces from back-room cabals.
Transparency of process, not content. The community should know the space exists, what its scope is, who is in it, and how decisions made there feed back into public accountability. Secrecy about the existence of a space is very different from confidentiality about its contents.
Defined scope. Private spaces need explicit charters: this group handles X, not Y. This deliberation is private until a proposal is ready, then the outcome is public. Spaces without defined scope expand until they’ve consumed everything.
Diverse, accountable membership. The people in the room should reflect the community’s diversity goals, and they should be accountable to the community — through term limits, rotation, recall mechanisms. A private space staffed by the same five people indefinitely is a cabal. A private space with rotating membership and clear accountability is a committee.
Transparency is a tool. It’s in service of deeper values: accountability, fairness, the ability for every contributor to participate on equal terms. When transparency undermines those values — when it produces performative governance, drives out vulnerable contributors, and forces sensitive matters into the worst possible public forums — we’ve confused the tool for the goal.
The communities I’ve seen govern themselves well are honest about this. They didn’t pretend everything could or should happen in public. They designed their private spaces carefully, named them, gave them appropriate scope, built in accountability, and brought outcomes back into the light.
The goal was never a community where nothing is private. The goal was a community where what’s private is private for good reasons — and everyone knows what those reasons are.
That’s worth building.
Postscript: I’m currently studying in the Political Science department at Trinity College Dublin, applying social data analysis to questions about technological sovereignty and trust. One of the things that’s become clearer to me through that work is that open source communities aren’t some novel invention — they’re governance structures, with all the same failure modes and design challenges that political theorists have been writing about for centuries. The tension between transparency and deliberation isn’t unique to discussions on GitHub.
James Madison argued against public deliberation at the Constitutional Convention specifically because it hardened positions and prevented agreement — the framers of the US Constitution held their deliberations in secret for exactly the reasons I’m describing here. Jürgen Habermas, whose work on the public sphere is often invoked to defend radical transparency, actually argued that publicity is a necessary feature of outcomes and legitimacy, not of every stage of deliberation.
A Brookings piece published recently makes the same argument in a governmental context and is worth reading alongside this one. We in open source tend to think we’re solving new problems. Often we’re rediscovering old ones. That’s not a criticism — it means there’s centuries of prior art worth reading.
Sarah Novotny has worked in open source community governance for two decades, including Kubernetes, OpenTelemetry, NGINX, and MySQL. She currently lives in Dublin and is studying political science at Trinity College.