Governance guide

From Wiki Campus Cyber
This page is a translated version of the page Guide de gouvernance and the translation is 100% complete.
Other languages:

The governance guide is a product of the "Shared Resources" working group. The aim is to provide a framework for reflection and the main principles followed by the Campus Cyber in setting up the governance of a cyber community.

This doctrine may change over time.

Governance principles

Role of governance

Campus Cyber recommends that governance focus on monitoring impact objectives. The project team must retain a high degree of autonomy in its technical and functional decisions, and in the management of its priorities.

If necessary, the governance committee can recommend technical guidelines or ask for a technical committee to be set up to ensure ongoing monitoring of the project team's choices.

Generally speaking, governance should focus on the following elements:

  • Define its decision-making and review procedures
  • Define the strategic orientations of the resource
  • Validate the definition of a contribution and its follow-up
  • Validate license evolutions
  • Define conflict management and exclusion procedures
  • Define and revise impact objectives
  • Monitor the market value of the resource

Governance involves an annual review of the common objectives, scope, impact targets and changes to the business model and reciprocity.

Governance composition

Campus Cyber advocates a light governance structure, adapted to the timeframe and role of the community. Governance should not exceed nine permanent members. By way of example, the Cyber Campus proposes the following three typologies, distributed as follows:

  • Beneficiaries - 20% to 30% of seats
  • Licensees - 20% to 30% of seats
  • Contributors - 20% to 30% of seats

Each community will define the typologies best suited to its activity. Nevertheless, the typologies will remain exclusive, and each player must propose its own typology, which must be validated by the members of the governance committee.

The Cyber Campus requires the addition to its governance of a type of actor who is neutral in relation to the common good. This member, known as an "ethical member", is a member of Campus Cyber who has no direct involvement with the commons, but is a member of the deontology commission (see conflict management below). In exceptional cases, this ethical member may be a member of the Campus Cyber team.

The "ethical member" must have one seat. His/her vote has the same weight as that of the other members of the Board of Directors. The "ethical member" is subject to the same rules as the other governance members.

Conditions for accessing and maintaining governance

The entities that participated in the coordination of the WG at the origin of the creation of a common have a priority place in governance, to guarantee continuity and transmission from the WG to the common.

In the same way, it is advisable to offer access to governance primarily to active members of the WG, while guaranteeing the proportions cited in the "Composition of governance" chapter. Governance must reflect the diversity of the colleges involved.

Access to governance can be by nomination or election within the colleges. Mandatory criteria for access to governance :

  • Being a Campus Cyber's Member

Each member of the governance team must respect the following principles:

  • Be assiduous
  • Comply with the Campus Cyber chart
  • Respect the terms of use (CGU)

Failure to comply with these principles may result in exclusion from governance. The same applies to leaving the Campus Cyber.

Term of office

To guarantee a healthy renewal, while ensuring the continuity of the Common's work, the term of office must not exceed 3 years, renewable once.

The renewal of mandates must be partial (by 1/3 or 1/2). This means that, from the first term, some seats will be shortened to allow the renewal model to be implemented.

Decision-making methods

Each governance can choose its own decision-making method. However, the Cyber Campus allows several decision-making methods to be used, depending on the criticality of the arbitration.

  • Absolute majority:' Voters must represent half plus 1 vote for a decision to be validated.
  • Qualified majority: Voters must represent at least 2/3 of the votes for a decision to be validated.
  • Vote by value: Voters must give their opinion on 5 levels (Reject, Clarify, Neutral, Proceed, Validate). Opinions may be accompanied by questions or comments. All opinions are combined to produce a score. The sum of the scores must represent 2/3 of the points to validate the proposal.
  • Consent Process:' Decision-making follows a process that involves validating a decision if no member of the group has objected to it. Decision-making is a participatory process, which means that the decision will be validated when no further reasonable objections are raised.

Conflict management

Managing common ground requires a clear, cost-effective conflict management process.

Conflict management is based on two essential functions. The "ethics member" is responsible for acting as rapporteur and liaising with the ethics commission.

The mediation function is carried out by the Commission de déontologie.

Commission of Ethics

The ethics commission is made up of members from each college. Each college must identify at least two volunteers to join the group of deontologists. The members of the group of deontologists are the ethical members of the governance bodies.

The role of the ethics commission is to review the ethics charter, monitor its application and advise the governance bodies of the cyber commons.

In the event of a conflict management referral, five members of the deontology commission will be mandated to arbitrate the case. None of the members of the commission shall have any connection with the parties involved or with the community concerned by the conflict.

The commission can meet and hear the various parties as often as necessary to resolve the conflict. The commission must reach a decision within a maximum of two months of the referral, with the first conflict presentation meeting serving as the launch of the system.

The commission is required to produce an annual activity report containing a history of decisions and changes to the chart.

Referral process

The referral process to the deontology commission must go through the common governance to be ratified.

Any stakeholder with an interest in the common may request that a dispute be placed on the governance agenda for arbitration.

During governance deliberations, it may be decided to initiate a conflict management process. The conflict management process may be initiated because a perceived prejudice cannot be resolved through governance.

From then on, the ethics member becomes rapporteur for the ethics commission. The ethics member must convene a five-member ethics commission.

The ethical member must compile the conflict follow-up file, which must contain at least :

  • Explanation of the context
  • Description of the perceived damage
  • Requests and positions of the various parties
  • Request for resolution timeframe

The conflict follow-up file should include a summary of the deliberations and decisions of the ethics commission. Once the conflict has been resolved, the ethics commission will need to feed a conflict handling repository with a history of previous decisions.

As a first step, the parties undertake, in good faith, to comply with the defined resolution process before resorting to any other resolution body.

If the internal mediation carried out by the ethics commission does not lead to a satisfactory resolution for all parties, it is possible to be accompanied by an external mediator. The deontology commission is free to decide whether to finance the support provided by the joint body, or to have the mediation carried out by the parties involved in the conflict.

== License and T&Cs The purpose of this section is to define the license used by the common to manage exploitation and commercialization.

The aim is to have a set of licenses that encourages the propagation of the commons to train, develop knowledge and reinforce the competitive advantages of the ecosystem, while guaranteeing the evolution and durability of the commons itself. Commercial exploitation must be authorized and encouraged for all those who wish to do so, while recognizing contributions that help the commons to evolve, enabling the establishment of a form of reciprocity.

The license must specify the terms and conditions governing constraints on access to the common and the related marketing rules.

This license differentiates between creative and economic participation. In this context, the notion of contribution recognizes only creative participation.

Involvement in the governance of the commons is not considered a contribution.

Each community must define its own reciprocity model, linking commercial benefits (see Table of benefits) to recognized contributions.

Definition of contributions

A contribution refers to all modifications, corrections, translations, adaptations and/or new functionalities integrated into the resource and recognized by governance.

A contribution can take the form of software development, datasets, documentation, feeds, and so on. A contribution must bring value to the common good. A contribution is considered effective once it has been delivered and validated by the team in charge of managing the commons.

Launch of contributions

Governance can define compensation and reciprocity for each member's investment in the upstream phases of making the resource available.

Recognition of contributions

In order to make the recognition of contributions as flexible as possible for the governance of the commons, we propose to follow a model based on realized contributions.

At the start of each financial year, contributors produce a statement of projected contributions in the form of a Statement of Projected Contributions (EPC / SPC).

At the end of each financial year, contributors produce a statement of their achievements in the form of a Recapitulative Statement of Contributions (RSC / SoC).

Contributions are subject to economic evaluation.

These two statements must be provided at least one month before the annual governance meeting called to decide on the pool's budget for the year just ended and for the year to come. In this way, the teams in charge of managing the pool will be able to issue an opinion on the achievement of contributions, provide a history of annual contributions and provide a forecast of contributions.

Other models can be tested where appropriate, and incorporated into possible future modalities.

Reciprocity models

Allocations are made following validation of contributions for the previous reference period. The reference period is the Campus Cyber financial year.

Each common must guarantee its own operation and evolution.

Example of reciprocity matching

Contribution scale Counterpart Scale Examples of reciprocity
< 5 000€ Counterparty 1 Thank you / Badge
< 10 000€ Contrepartie 2 Discount / RFA on sales
< 50 000€ Party 3 Discount / RFA on sales / Free of charge
> 50 000€ Party 4 Reduction / RFA on sales / Free / Commun spokesperson

A possible complementary approach to recognizing contributions would be to create a "badge" to show an entity's participation in the production or use of a commons.

Licence model



Examples of Business Models

The business models presented below are neither exhaustive nor exclusive. Nevertheless, these models form part of the common licenses and conditions of use.

Business models may evolve upon proposal by the production or operations team and validation by governance.

The business models presented below are sources of inspiration drawn from practices observed in the open source world.

Dual-license approach: The dual-license mechanism consists of offering software under both a free license and distinct proprietary conditions. The proprietary version can then be sold to finance the ongoing development of the free version.

Professional Services Sales Approach: Revenues are derived from the sale of services, such as training, technical support or consulting, rather than from the sale of the software itself.

Approaches Selling certificates and trademark use: The business model is based on a network of commercial partners who are certified and authorized to use the name and logo. In exchange, they pay back a share of their revenues, which finances the development of the core software (e.g. Moodle).

Approaches Selling software as a service Software as a Service: Corresponds to the sale of subscriptions to customers for remote access.

Partnership approaches with funding bodies: Business models are based on partnerships with other companies.

Approaches Voluntary donations: Establishment of a system of user donations and identification of recognized benefactors.

Participatory production approaches: Participatory production is proposed through open calls for contributions. The realization of a task of variable complexity and modularity, in which the group must participate by contributing work, financial resources, knowledge and/or experience, always implies mutual benefit.

Advertising-financed approaches: In order to bring new products to market, many companies have shifted their business model to advertising-financed software.

Approaches Selling optional proprietary extensions: Some companies sell optional extensions, modules, plugins or add-ons. This approach is a variant of the freemium business model. Paid and/or proprietary extensions can be designed to enable customers to derive greater benefit from their data, infrastructure or platform, e.g., make it run more efficiently, manage it better, secure it better. Some companies reinvest part of their financial profits in open source infrastructure.

Approaches Selling essential proprietary components of a software product: A variant of the above approach is to keep restrictive essential data and content of a software product while releasing the source code. Users must purchase the content in order to obtain a complete, functional solution. Restrictive licenses may also apply to the content, preventing redistribution or resale of the complete software.

Approaches Selling proprietary update systems: Another variant of the above business model, used in particular for data-intensive software or software whose architecture is centered on data management, is to keep each version of the software under an open source license, but refrain from publishing update scripts from version n to version n+1.

Users can still deploy and run the open source software. However, upgrading to a higher version requires the user to:

  • either subscribe to a closed service or acquire an update system under a proprietary license ;
  • export all data, install the new version, then re-import the data into the new version;
  • or study the source code of both versions and recreate the required scripts yourself.

Redistribution approaches under proprietary license: If a software product uses only software licensed under a permissive software license, another company can redistribute the resulting software produced under a proprietary license and sell it without the source code or software freedoms. For example, Apple Inc. is a fervent user of this approach, exploiting source code and software from open source projects.

Source code offuscation approaches: Source code offuscation is an approach to enabling commercialization under an open source license while protecting crucial business secrets, intellectual property and technical know-how.

Delayed open source release approaches: Some companies only supply the latest available version of their software to paying customers. A vendor forks a non-copyleft software project and adds closed components before selling the resulting software. This business model is called "version delay".

Information source:


Beneficiaries: refers to the end users of the resource.

Common: means the combination of rules, governance and resource.

Agreement: means this license agreement, any subsequent versions and appendices, documentation, as they exist at the time of acceptance of the Agreement by the Licensee.

Contributor: means a natural or legal person who has made at least one contribution.

Contribution: refers to all modifications, corrections, translations, adaptations and/or new functionalities integrated into the resource and recognized by governance.

Operator: refers to the licensee responsible for maintaining and integrating changes to the resource.

Licensee: refers to the contractual user(s) of the resource.

Parties: refers to all beneficiaries, licensees and contributors.