The Badge and the Body

3 June 2026 · Tom Cranstoun · 6 min read

This is the sixth post in the standards-governance series. The earlier ones followed who owns a standard, who funds it, who is allowed to sell the rule, and where no governance exists at all. This one is about a single word and the power hidden inside it. When a product, a site or a model is called "compliant," someone has decided what compliance means and someone has decided that this case meets it. Keep both decisions in the same hands and the word stops carrying information.

The definition and the pass

The principle is short. The definition of what passing means must not sit in the same hands as the business of selling the pass. A body that profits when you pass has every reason to widen the gate, and none to hold it. The signal survives only when the rule is set by one party and the assessment is offered by another who cannot quietly move the rule to suit a sale.

The word that got away

The Open Source Initiative learned the first half of this the hard way. When it tried to protect the term "open source," it found the words could not be registered as a trademark at all - they were too descriptive, and the project had been too successful at making them ordinary language. Nobody could police the phrase, because nobody could own it. What the Initiative did next is the instructive part. It wrote a definition anyone could read, and it created a separate certification mark - "OSI Approved" - to signal that a licence conformed to that definition. The body held the mark and the definition; it did not sell the software. Conformance was a claim you could check against a public text, not a product you bought from the certifier.

The episode folds in more than one lesson. A generic name cannot be defended, which is why a standard needs a distinct, coined mark rather than a common word. And the mark has to certify conformance to a definition the body holds in the open, or it certifies nothing.

When the mark works

The pattern that holds up is the consortium mark. The logos on a router, a memory stick or a pair of headphones - Wi-Fi, USB, Bluetooth - are held by neutral bodies. A maker tests a product against a public specification, and on passing earns the right to display the mark. It works because the body that owns the badge does not sell the thing being badged. Its only asset is the meaning of the mark, so its only incentive is to keep that meaning honest.

When the mark rots

The failure pattern is the certification mill. Where a body both writes the test and sells the certificate, and is paid by the applicant to pass, the badge drifts from "passed" to "paid." Buyers of cheap quality-management certificates have seen this for years: the mark on the wall says less about the work than about the invoice. Trademark law even names the way a mark dies from neglect. Naked licensing - letting others use your mark without enforcing the standard behind it - forfeits the mark altogether. A badge that is not policed is not a badge. So the body cannot merely hold the definition; it has to defend it, or the signal decays whether anyone is cheating or not.

Where MX puts each part

This is the division MX is built around, and it is the answer to the question that keeps coming up in conversations with agencies and adopters: is the scoring open or is it something you buy? The definition of what MX compliance means is held by The Gathering, in the open, so anyone can read what passing requires without paying for the privilege. REGINALD attests a site against that definition as a commercial service. The body holds the rule; the company sells the assessment; neither can become the other.

Two design choices keep the split from collapsing. The names - MX, REGINALD, COG - are coined and distinctive, so unlike "open source" they can be held and policed by the neutral body rather than slipping into generic use. And the audit is a market, not a monopoly: REGINALD is one attestor, and the accreditation network lets others attest against the same public definition, so the assessment itself does not become the single gate the last post warned about. The rule has one home; the pass has many doors.

Why a private engine is still honest

It is worth being plain about what is proprietary here, because the objection writes itself otherwise. REGINALD's audit engine is closed. That is acceptable for one reason only: the definition it measures against is open and lives somewhere else. A buyer can read the rule, run their own check against it, or ask a different accredited attestor - REGINALD's score is an attestation against a public standard, not a verdict from a private one. Close both the engine and the definition and "attested by REGINALD" would mean "passed a test only we can see," which is a vendor's badge wearing a standard's clothes. The openness of the definition is precisely what earns the proprietary engine the right to exist.

The test

Add one more question to the buyer's test this series has been building. When something claims to be compliant, who wrote the definition of compliant, can you read it without paying, and is the body that defined it the same one selling you the pass? If the rule and the pass share a pocket, the badge is decoration.

Whose Standard Is It Anyway? - the buyer's test and the ways a standard gets captured
A Rule You Sell Is Not a Standard - why the body that profits cannot be the body that rules
The Spec Was Never the Fragile Part - trust in the signature, and why no single gate should hold it
The Gathering - the open body that holds the MX definition and mark

Tom Cranstoun is the founder of the Machine Experience (MX) community and author of the MX book series. He consults on MX strategy through Digital Domain Technologies Ltd.