61
The free fediverses should focus on consent (including consent-based federation), privacy, and safety
(privacy.thenexus.today)
this post was submitted on 02 Jan 2024
61 points (73.3% liked)
Fediverse
28499 readers
312 users here now
A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).
If you wanted to get help with moderating your own community then head over to !moderators@lemmy.world!
Rules
- Posts must be on topic.
- Be respectful of others.
- Cite the sources used for graphs and other statistics.
- Follow the general Lemmy.world rules.
Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Privacy is a reverse idea on the Fediverse. I know it's a hot take, but by design the Fediverse is never going to be private and people should stop assuming it is.
When you send out a comment/like/post/whatever, you are literally broadcasting a message to any other instance listening. It essentially just says
and if you want to delete that message it's essentially
While Lemmy and Mastodon respect that, anyone can build any fediverse app and simply choose not to use it. Anyone can build a search engine and can choose to respect the delete or not. Any instance could defederate from them if they don't like that, or they may not care. The point however is that ActivityPub is designed this way, and there really isn't a better way.
If your comment has been sent out to other instances - well then it's there already. You can't delete it without some form of just asking politely that they delete it. They have it already, it could be stored in their DB, duplicated in other DBs, aggregated and sent to AI, searchable, whatever. They have it. There is no concept of "delete" on the fediverse. It's asking nicely for them to delete it.
As you say though it's only shared to any other instance listening. The point of consent-based federation is that you get to choose which instances do and don't get to listen. So if your comment hasn't been sent out out to other instances, they don't have it.
and I would agree with them. Consent based federation would fundamentally change the fediverse and create large tenants overnight. Small instances like mine would be at the mercy of large instances to be federated with them. It relies on people being kind and open, something we have already seen that some instance owners can be, others are not. I would even argue that that isn't even federation anymore, it's just slightly more open walled gardens
Yeah, as I say in the article Mastodon makes other decisions that are also hostile to the idea of consent, so I also agree that they see it as contrary to their mission. In terms of large tenants, though, Mastodon changed the defaults to put sign people on mastodon.social, which as a result now has 27% of the active Mastodon users, so I don't think that's the basis of their objection.
And no, consent-based federation doesn't rely on people being kind and open. To the contrary, it assumes that a lot of people aren't kind, and so the default should be that they can't hassle you without permission. It's certainly true that large instances might choose not to consent to federate with smaller instances (just as they can choose to block smaller instances today), but I don't see how you can say that's not even federation anymore. Open source projects approve PRs and often limit direct checkins to team members but that doesn't mean they're not open source.
I'm not saying that it's not open source, I'm saying that I would argue it's not federation anymore. Open source is irrelevant here, I'm not talking about the code.
I'm saying instances being "Closed to federation by default" and "whitelist only" is not true federation in my book.
I also am saying that instance owners are the ones who all of a sudden get a ton of power, specifically larger instance owners because they can decided arbitrarily not to federate with an instance they don't deem worth federating with. The larger userbase aside, instance owners I believe can become power hungry and greedy and refuse to federate.
For example, even I, a teeny tiny instance owner, felt a pang of annoyance when someone created a duplicate community on their instance. It was fleeting and I told myself that that's what the federation is, and that it's okay, but not everyone will react that way. It's inevitable that larger instances will say things like "Why should I federate with you, we have all of those communities over here"
My open source analogy wasn't great, but the point I was trying to make is that even things we usually think of as open are compatible with consent. Similarly we're used to thinking of federation as unconstrained (well except for Gab) (and everybody else who gets blocked) but that's just the specific flavor of federation that's been practiced on the fediverse so far -federation's compatible with consent, at least in my books.
Power-hungry instance owners can already decide not to federate with other instances, arbitrarily or for any reason -- counter.social's an example. Consent-based federation just changes the default. It's true that this changes the equation a bit; today there's a small amount of effort required not to federate, a consent-based approach flips that and there's a small amount of effort required to federate. At the end of the day, though, power-hungry instance owners are gonna do what power-hungry instance owners are gonna do; threads.net and mastodon.social are going to make their own decisions about federation policies no matter what the free fediverses decide.