Thanks for the tipoff on having to turn off the VPN, it's not at all intentional -- and it's not a good look for a site with privacy in its name! I'll try to figure out what's going on, it's pretty vanilla Ghost / nginx hosted on a Digital Ocean droplet so not immediately obvious.

And yeah, it'll be interesting to see how well the messaging you for approval works out in practice. As you could say it could look like phishing; and even if it's fine when just one app is doing it, it'll be annoying if there are hundreds. Also, there's a Mastodon setting to silently ignore DMs (and I think other platforms have similar options as well). And for Bridgy Fed, it would be great to have a mechanism that works symmetrically between the fediverse and Bluesky ... but Bluesky doesn't have DMs. Tricky!

I should probably mention something about being a good ally in that section, that's a good suggestion. That's not the main message I'm trying to convey though, I really do mean it as a warning to cis guys to be careful. These firestorms are tiresome for everybody, ould we please just not? Also btw sometimes particularly unpleasant for whoever sets them off. But maybe there's a better way to word it.

Thanks, glad you think they're reasonable. I don't see it as using ActivitiyPub implying consent; it's more that ActivityPub doesn't provide any mechanisms to enforce consent. So mechanisms like domain blocking, "authorized fetch", and local-only posts are all built on top of ActivityPub. I agree that many people want something different than ActivityPub currently provides, it'll be interesting to see how much the protocol evolves, how far people can go with the approach of building on top of the protocol, or whether there's shift over time to a different protocol which has more to say about safety, security, privacy, and consent.

Thanks for the feedback -- and thanks for reading them despite the bristling. I couldn't come up with a better way to put them ... I know they'll cause some people to tune out, but oh well, what can you do.

I don't think these solutions are inherently unscalable, it's more that there hasn't ever been a lot of effort put into figuring out how to make things scalable so we don't have any great suggestions yet. I wrote about this some in The free fediverses should focus on consent (including consent-based federation), privacy, and safety (the article is focused on instances that don't federate with Threads, but much of it including this section is true more generally):

There aren't yet a lot of good tools to make consent-based federation convenient scalable, but that's starting to change. Instance catalogs like The Bad Space and Fediseer, and emerging projects like the FIRES recommendation system. FSEP's design for an"approve followers" tool, could also easily be adapted for approving federation requests. ActivityPub spec co-author Erin Shepherd's suggestion of "letters of introduction", or something along the lines of the IndieWeb Vouch protocol, could also work well at the federation level. Db0's Can we improve the Fediverse Allow-List Model? and the the "fedifams" and caracoles I discuss in The free fediverses should support concentric federations of instances could help with scalability and making it easier for new instances to plug into a consent-based network.

(The post itself has links for most of these.)


If you're a developer working on a fediverse app or service and want to get it right – or just don't want to be the center of the next firestorm – here are a few suggestions.

Preemption is bonkers from a privacy perspective, and also flies in the face of the basic principle that the states are "the laboratories of democracy." But from a corporate perspective preemption is wonderful ... it keeps pesky pro-privacy states like California and Washington from ever raising the bar above whatever can get through Congress! So historically privacy advocates and organizations have always opposed preemptive federal legislation. But that wall cracked in 2022, where EPIC Privacy joined pro-industry privacy orgs like Future of Privacy Forum to support a preemptive bill (although EFF and ACLU continued to oppose the preemptive aspects).

The argument for supporting a preemptive bill (not that I agree with it, I'm just relaying it) is that the federal bill is stronger than state privacy bills (California unsurprisingly disagreed), and many states won't pass any privacy bill. Industry hates preemption, industry hates the idea of a private right of action where people can sue companies, most Republicans and corporate Democrats will do what industry wants, so the only way to pass a bill is to include at most one of those. So the only way to get that level of privacy protection for everybody is for people in California, Maine, Illinois, etc, to give up some of their existing protection, and for people in Washington etc to give up the chance of passing stronger consumer privacy laws in the future. California of course didn't like that (neither did other states but California has a lot of votes in Congress), and Cantwell's staffers also told us in Washington that she was opposed to any preemptive bill, so things deadlocked in 2022.

With this bill, I'm not sure why Cantwell's position has changed -- we're trying to set up a meeting with her, if we find out I'll let you know. I'm also not sure whether the changes in this bill are enough to get California on board. So, we shall see.


cross-posted from:

Big news in DC: a new bipartisan, bicameral proposal for a "compromise" federal privacy bill, the American Privacy Rights Act (APRA). At this point, take it all with a grain of salt; in 2022, the initial draft of the bill was promising, but it got weakened substantially by the subcommittee and then weakened further by the committee. I haven't read the discussion draft yet so don't have any strong opinions on it.


There's another wave of discourse about The Bad Space on the microblogging side of the fediverse, so here's my article from a couple of months ago.

If you're familiar with Fediseer, there's some discussion of similarities and differences in Compare and contrast: Fediseer, FIRES, and The Bad Space

And, it gives cops another excuse to overpolice Black and brown neighborhoods.


A really interesting look at the recent spam wave.

A very good idea! took this approach, it'd be intersting to check in with them to see what they learned.

Steps towards a safer fediverse (

The good news is that there are some straightforward opportunities for significant short-term safety improvements. If fediverse funders, developers, businesses, and "influencers" start prioritizing investing in safety, the fediverse can turn what's currently a big weakness into a huge strategic advantage.


  • It's about people, not just the software and the protocol

  • It's also about the software

  • And it's about the protocol, too

  • Threat modeling and privacy by design can play a big role here

  • Design from the margins – and fund it!


KOSA's supporters are claiming that the latest version addresses concerns from the LGBTQ community, and a few LGBTQ organizations (including GLAAD and HRC) have endorsed this version, but don't be fooled: the dozens of LGBTQ and human rights organizations who have been opposing KOSA were not consulted about these changes and so while there are improvements, it's still far from sufficient. This article's EFF's take on the amended version. TL;DR summary:

  • LGBTQ+ Youth will be at risk of having content, educational material, and their own online identities erased.
  • Young people searching for sexual health and reproductive rights information will find their search results stymied.

We are asking everyone reading this to oppose this latest version, and to demand that their representatives oppose it—even if you have already done so.


EFF's take on the amended version of KOSA. TL;DR summary:

We are asking everyone reading this to oppose this latest version, and to demand that their representatives oppose it—even if you have already done so.


This is the just-released unclassified version of the Privacy and Civil Liberties Oversight Board's December 2020 classified report on the National Security Agency’s (NSA’s) use of XKEYSCORE, an intelligence analysis tool.


cross-posted from:

There are some straightforward opportunities for short-term safety improvements, but this is only the start of what's needed to change the dynamic more completely.

This is a draft, so feedback welcome!


A deep dive into the Data Protection Review Court by Alfred Ng and John Sakellariadis, including some great perspectives from Max Schrems of

They don't, at least not from your instance.

I can't speak for others but yes, I want a fediverse that doesn't have white supremacists and fascists.


cross-posted from:

Transitive defederation -- defederating from instances that federate with Threads as well as defederating from Threads -- isn't likely to be an all-or-nothing thing in the free fediverses. Tradeoffs are different for different people and instances. This is one of the strengths of the fediverse, so however much transitive defederation there winds up being, I see it as overall as a positive thing -- although also messy and complicated.

The recommendation here is for instances to consider #TransitiveDefederation: discuss, and decide what to do. I've also got some thoughts on how to have the discussion -- and the strategic aspects.

(Part 7 of Strategies for the free fediverses )

Yes, I'd say Lemmy communities are cross-instance communities - people can join communities on a different instance than their account.

You do realize that instances federating with Threads will share data with Threads, and that Meta's supplemental privacy policy specifically says that they'll use all activity that federates to meta for tracking and ad targeting, right?

So for example, if you're on an instance that federates with Threads, and somebody on Threads is following you, all of your posts -- including your followers-only posts -- will get tracked by Meta. Or if somebody who boosts your post and they've got followers on Threads, your post will be tracked by Meta. Or if you like, boost, or reply to a post that originated on Threads, it gets tracked my Meta. And these are just the most obvious cases. What about if somebody on an instance that's not Threads replies to a Threads post, and you reply to the reply? It depends on the how the various software implements replies -- ActivityPub allows different possibilities here. And there are plenty of other potential data flows to Meta as well.

Of course they're still just at the early stages of federation so it's hard to know just how it'll work out. Individually blocking Threads might well provide a lot of protection. But in general, instances which federate with Meta will almost certainly be tracked significantly more than instances that don't.

Today almost no instances run ads (misskey is as far as I know the only platform that's got support for ads) and Threads is the only one that does tracking. I'm using "free fediverses" the way does -- instances that reject federation with Meta.

On Lemmy? Certainly not. But on other fediverse software, there are followers-only posts, direct messages, local-only posts ... none of it's encrypted, but still it's not public.

view more: next ›


joined 3 months ago