Designing and Enforcing Codes of Conduct

October 16, 2019
Written by
Kat Marchán
Opinions expressed by Twilio contributors are their own


It's 2019 and the issue by now seems to be mostly settled: Codes of Conduct, as it turns out, are an important tool for any community to promote inclusion and protect their members from harassment that would otherwise distract them or push them away.

But what's the actual experience of designing one, and more importantly, enforcing one?

I was an admin on, a community Slack for LGBTQ+ members of the tech industry, for over two years. It had a couple of thousand members, with several hundred active across scores of channels. It was (and still is!) a vibrant community that brought together fairly wide representation of individuals.

In this article, I'll go over the story of how community management evolved in this particular community. Along the way, I'll share various hard-earned lessons myself and the rest of the admin team there learned about how to effectively manage a diverse community -- and how to use policy to make it inclusive.

In the beginning, one big house party

It all started with a tweet. And just like that, a new Slack was born.

I don't think anyone, much less Laurie, really expected the space to take off the way it did, but before he knew it, he was being bombarded with requests to join. The space grew quickly as news spread in the twittersphere, through Laurie's fairly sizeable following and connections in the SF queer scene.

As with any community, it didn't take long for conflict to start. There was a fundamental misunderstanding between community members: some founding members expected it to be "one big house party" where people were implicitly expected to behave well, but that didn't work out too well. You see, there were people joining who were not like them. They were people of color, or trans people, or bi people, or all sorts of folks that cis, gay, white men were not necessarily used to interacting with.

Within a couple of weeks of its creation, some members drafted a Code of Conduct based on the flurry of discussions around the topic, and what to do about conflict in this new community. Some people left, but others had already left because of what they'd run into. Lesson learned.

Problems with Code of Conduct enforcement

Codes of Conduct are not enough to promote a healthy community. Whether they work is a function of the community itself, the processes that have been put in place, and the specific group of people tasked with handling their rules.

Then the new community ran into the next problem: enforcement.

For a long time, enforcement was treated as a binary: You either behave "well enough", and you get to stay, or you "violate the CoC" or "anger the wrong person", and next thing you know, you're permanently banned -- and permanent bans they were.

Having a binary over bans created an "unofficial" way to manage conflict. Many people felt discouraged from reporting violations or "making a fuss" about them because they didn't want to be responsible for someone getting banned. Those on the other end of the report would often react aggressively and defensively when confronted by staff, because being found "guilty" meant they would lose access to a space they found valuable. There was no policy for bringing someone back into a space, after any length of time.

In reality there was a lot of leeway at the staff level. Many conflicts were resolved by just private messaging someone and having a conversation with them. But any time a conflict became public or enough people made a fuss, the reported person would lash out, and get banned more for their lashing out than their actual behavior.

An experiment: WeAllJS

Ongoing conflicts over community management in's #meta channel eventually reached a point where it became clear us admins needed to try something else. The problem was, the large community we already had wasn't the best place to be experimenting with new ideas.

So I went and started a new one: WeAllJS, a new community Slack for JavaScript developers.

It was premised on a few ideas I wanted to play with, and eventually bring back to

  1. Communities could be made for everyone while still making space for marginalized people.
  2. Codes of Conduct could be very detailed, and communities could be made to follow them.
  3. Emphasizing a healthy enforcement process could resolve conflict without resulting in bans or extra conflict.

WeAllJS had all the bits I wished I could've experimented with in I wrote a new Code of Conduct for it, as well as a custom Slack bot which added the concept of a "private channel listing" where members could request invites into the channel but not see their contents right off the bat. Also important was the fact that from the very beginning, the admin staff was composed of LGBTQ people, people of color, women and non-binary people.

The experiment was fairly successful. I think the best part of it turned out to be the enforcement process itself. You'll notice that the WeAllJS CoC leads with enforcement rules, first of all, but also that those rules include the entire community in its enforcement, and the rules aren't absolute. As it turns out, violations in WeAllJS are commonplace, due to its detailed CoC, but to this day, only a single person has been permanently banned from the space, and that after plenty of warnings and very caring conversations. For an online community with no demographic restrictions on its membership and about 1700 members, over the course of three years, this is an amazing fact, to me.

Following my report on my experiences over in WeAllJS, ended up adopting a similar enforcement process in its Code of Conduct. It also adopted Wheelie, the Slack bot, as well as the WeAllJS channel system!

Conclusion, and next steps

So how can you put all this to use in your own communities and open source projects? Having a code of conduct is a given these days, but what else?

  1. Include clear enforcement procedures either in the CoC itself, or somewhere obviously connected to it.
  2. Customize your code of conduct to be relevant to your community! Don't just grab the Contributor Covenant and call it a day. That borders on irresponsible.
  3. If you want a starting point, consider the WeAllJS CoC, or WeAllBehave for your open source projects.
  4. Consider employing a consultant, preferable a person of color, to look over your CoC and give you more advice about your community.

And that just about wraps this up! I hope this article has proven useful and provided some context over the process and concerns surrounding codes of conduct!

Kat is a Senior Software Engineer at Microsoft, working on NuGet, and the former architect for the NPM CLI. They've also helped found and manage multiple open source communities!

This is the second piece in our Hacktoberfest open source series of tips by maintainers for maintainers. In case you missed it, check out our first installment on Aligning With Intention in Open Source, or or second piece on 10 Lessons Learned From Maintaining An Open Source Community for 4 Years. Stay tuned for a fresh post each Wednesday in October.