- cross-posted to:
- thenexusofprivacy
- cross-posted to:
- thenexusofprivacy
If you’re a developer working on a fediverse app or service and want to get it right – or just don’t want to be the center of the next firestorm – here are a few suggestions.
If you’re a developer working on a fediverse app or service and want to get it right – or just don’t want to be the center of the next firestorm – here are a few suggestions.
They all seem reasonable suggestions:
I’m conflicted over the fact that using ActivitiyPub necessarily implies consent for other people to collect the data you send through it. It seems that many people using ActivitiyPub connected services want something different than ActivitiyPub or different default settings on many ActivityPub services.
That’s similar to the “you’re being inconsistent” thing that the article says not to say, kind of.
Consent isn’t really built into ActivityPub and it’s inherently the opposite of how I understand it to work (copying your content all over the place regardless of your desires).
But their argument is kind of reasonable.
Who cares?
We can change ActivityPub, but we couldn’t change Twitter. People were tolerating worse just for the sake of having a community before they moved to the fediverse. They had no say before and they’re asking for better from it now that they can have their voices heard at all.
ActivityPub is a means of sharing information in a way that the information can easily be collected and reshared. By using it, you should expect that people will collect and reshare information you send via the ActivityPub protocol.
The article addresses this directly in the section on things to not say, though:
That addressing is insufficient because it begs the question of consent being withheld. But the consent is implicitly given by the sending of information via the protocol, otherwise a service like Mastodon can’t exist. The question of asking for consent after it is given is the part that I’m conflicted about.
Read the article, I didn’t write it.
“Implicit consent” is another one they call out directly.
I did. I’m sharing my thoughts about it. Some of those thoughts are that it seems to make assumptions that don’t hold.
I don’t inherently agree with the article’s ask, but you’ve literally only proven its point by stating, verbatim, one of their “please stop making us retread these tired arguments over and over” points.
OP links to a Mastodon thread from a user who breaks down the technical limitations of ActivityPub and proposes how the situation can be improved. Maybe read that.
Also, if you think that these are reasonable suggestions, then perhaps ignoring them directly isn’t the best way to engage with this article?
I’m not here to score points. I’m expressing my thoughts and reservations about the article. I’m not even taking much of a position on what developers should do. It’s more of an exploration of the landscape.
Unfortunately, skipping past a legitimate point doesn’t address the point which remains unresolved. It’s a nice rhetorical trick though. I’d rather discuss the point. (Even though others have had discussions, that doesn’t help me understand and learn.) There’s no urgency for me to reach a conclusion, so a bit of rehashing of “tired” perspectives isn’t offensive to me.
Reasonable doesn’t always mean appropriate or best for the situation. It doesn’t always lead to good or better outcomes. Shutting down and dismissing legitimate concerns is not a good way to build a consensus and and will often lead to adverse outcomes. It is ironic that this person’s approach is making the same mistakes they are trying to warn against.
There’s a clear conflict that literally can’t be ignored. It must be considered by all participants, else those participants will be unexpectedly unsatisfied with the outcomes.
Thanks, glad you think they’re reasonable. I don’t see it as using ActivitiyPub implying consent; it’s more that ActivityPub doesn’t provide any mechanisms to enforce consent. So mechanisms like domain blocking, “authorized fetch”, and local-only posts are all built on top of ActivityPub. I agree that many people want something different than ActivityPub currently provides, it’ll be interesting to see how much the protocol evolves, how far people can go with the approach of building on top of the protocol, or whether there’s shift over time to a different protocol which has more to say about safety, security, privacy, and consent.