Creating a public participation profile based on pseudonymity must be done carefully if there are reasons to avoid a real-world identity from being revealed.
Determine Risks & Benefits
Pseudonymous contributors must carefully weigh the risks and rewards of participation.
Risk Assessment Factors
- Community Quality: Will the community respect privacy boundaries?
- Association Risk: Could this information link to legal identity?
- Uniqueness Risk: How distinctive is this skill or experience?
- Correlation Risk: Could multiple disclosures be combined to identify me?
- Temporal Risk: Does this reveal a timeline that could be connected to me?
- Network Risk: Does this expose connections to known associates?
Benefit Assessment Factors
- Value Alignment: How important is this project to personal values?
- Trust Transferability: Can trust built here transfer to other contexts?
Assess Impact vs Disclosure
A risk-reward calculus can now combine benefits into an impact potential and use that to assess what information to include in a public participation profile, following the principle of proportional disclosure: higher-value projects justify higher (but still minimal) disclosure.
- Impact Potential: How significant is the potential contribution?
- Trust Threshold: What’s the minimum disclosure needed for the desired role?
Balance Disclosure Across Project Types
Different types of projects might have different disclosure needs.
Documentation Projects
- Minimal disclosure needed: Basic pseudonymous identity and writing skills
- Focus on: Quality of writing and accuracy of content
- Trust signals: Clarity, completeness, and accuracy of contributions
Application Development
- Moderate disclosure needed: Technical skills and collaboration abilities
- Focus on: Code quality, testing practices, design approach
- Trust signals: Pull request quality, test coverage, code reviews
Security-Critical Projects
- Significant trust required: Security expertise and ethical commitment
- Focus on: Security knowledge, threat modeling ability, ethics
- Trust signals: Security-focused contributions, vulnerability handling
Governance Participation
- Highest trust requirements: Long-term commitment and values alignment
- Focus on: Project values, decision-making approach, conflict resolution
- Trust signals: Consistent demonstration of project values, contribution history