[abstract=apub]re: Decentralization/Bluesky/Fedi Rambling[/abstract]
@[url=https://cubhub.social/users/Rusty]Rusty Skunk[/url]
I agree with you on all these points. My point is not that everything should be encrypted all the time, but that marketing the Fediverse as a pro-privacy social network could lead people to believe that it is more private than it actually is. It's not a place for secrets, sharing sensitive content or organising revolutions.
Privacy and security have many levels, and if people are not educated about this, they will believe it's a zero-sum game, as you said. Thinking it's more private than other tools, as I used to, can put people in danger, such as activists and journalists.
I was very disappointed to realise that the tools I was using were not actually protecting my data or giving me the freedom to move whenever I wanted. Many software programs don't even do the basics properly, such as deletion and data export.
When I encountered deletion issues, tit depended on the software. In Friendica, I have seen posts that were deleted on Mastodon. The same applies to Pixelfed and Mastodon. I've heard that Diaspora is even worse. Not only posts, but even deleted profiles are not always deleted from remote servers. This is a serious issue because, for example, if you're an activist and you suddenly need to disappear, you delete your profile and have no way of knowing whether all the servers have received and processed the data deletion request.
In my view, that is dangerous. I definitely can't say that the Fediverse protects your privacy when bugs like that exist. I can't explain in which cases it happens. I've tested it many times and it looks 'random', sometimes it deletes, sometimes no, but either way, something is not working and people believe that they are in control of their data.
Another thing is that one can only speak about the software they use. It's very hard to use the word 'Fediverse' in this context because Mastodon's controls are different to those of Diaspora or Hubzilla. Even if we say that the protocol gives us lots of control, we don't know how different software implements the protocol. If we say that ActivityPub is safe, people will assume that any software using it is also safe.
For me, the problem is people's [b]unrealistic privacy expectations[/b] when they don't understand the technology - I was one of them.
There are lots of people in the Fediverse who still claim that there is no AI in the Fediverse, so your data is protected and not used to train LLMs. But most user profiles are public and can be scraped, and admins could also do so if they had the ambition and skills. This is not the business model like in Meta platforms, but it is a real possibility.
If data protection authorities (DPA) were to pay attention to the Fediverse one day, it could easily be demonised, which would scare people away. I hope that, by the time it starts receiving attention from DPAs and Big Tech, the necessary privacy controls will already have been implemented.
veroandi_br
npub1up…28edp
2025-10-03 11:19:08 UTC
in reply to nevent1q…cpmx
Author Public Key
npub1up2d525svmmwr0nhh02ymu0662g09xqwkv72nmcwatzfsrknyaus628edpSeen on
wss://relay.momostr.pinkPublished at
2025-10-03 11:19:08 UTCEvent JSON
{
"id": "cfa2e1132c81ee4afd47d19aaae97435eed07c88989e6128d853ce34c79d282e",
"pubkey": "e054da2a9066f6e1be77bbd44df1fad290f2980eb33ca9ef0eeac4980ed32779",
"created_at": 1759490348,
"kind": 1,
"tags": [
[
"p",
"a32ef24bb7a1ef3752e84e42c4a6701c1c1158af93001efea85695818d521d14"
],
[
"proxy",
"https://connexia.hibiol.eu/display/a74b3684-8568-dfb1-2c7d-55c308001773",
"web"
],
[
"e",
"ea4728d2fbadfb7e227bedc96db43fcf6009d052a21fd347cfddf29f449290c0",
"",
"reply",
"a32ef24bb7a1ef3752e84e42c4a6701c1c1158af93001efea85695818d521d14"
],
[
"e",
"cacc5d81e339693e7b13ffca01cd60fc7ae3d8431b23681ce726a16f8fad1d53",
"",
"root",
"a32ef24bb7a1ef3752e84e42c4a6701c1c1158af93001efea85695818d521d14"
],
[
"p",
"e054da2a9066f6e1be77bbd44df1fad290f2980eb33ca9ef0eeac4980ed32779"
],
[
"content-warning",
"re: Decentralization/Bluesky/Fedi Rambling"
],
[
"proxy",
"https://connexia.hibiol.eu/objects/a74b3684-8568-dfb1-2c7d-55c308001773",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://connexia.hibiol.eu/objects/a74b3684-8568-dfb1-2c7d-55c308001773",
"pink.momostr"
],
[
"-"
]
],
"content": "[abstract=apub]re: Decentralization/Bluesky/Fedi Rambling[/abstract]\r\n@[url=https://cubhub.social/users/Rusty]Rusty Skunk[/url] \r\n\r\nI agree with you on all these points. My point is not that everything should be encrypted all the time, but that marketing the Fediverse as a pro-privacy social network could lead people to believe that it is more private than it actually is. It's not a place for secrets, sharing sensitive content or organising revolutions.\r\n\r\nPrivacy and security have many levels, and if people are not educated about this, they will believe it's a zero-sum game, as you said. Thinking it's more private than other tools, as I used to, can put people in danger, such as activists and journalists.\r\n\r\nI was very disappointed to realise that the tools I was using were not actually protecting my data or giving me the freedom to move whenever I wanted. Many software programs don't even do the basics properly, such as deletion and data export.\r\n\r\nWhen I encountered deletion issues, tit depended on the software. In Friendica, I have seen posts that were deleted on Mastodon. The same applies to Pixelfed and Mastodon. I've heard that Diaspora is even worse. Not only posts, but even deleted profiles are not always deleted from remote servers. This is a serious issue because, for example, if you're an activist and you suddenly need to disappear, you delete your profile and have no way of knowing whether all the servers have received and processed the data deletion request.\r\n\r\nIn my view, that is dangerous. I definitely can't say that the Fediverse protects your privacy when bugs like that exist. I can't explain in which cases it happens. I've tested it many times and it looks 'random', sometimes it deletes, sometimes no, but either way, something is not working and people believe that they are in control of their data.\r\n\r\nAnother thing is that one can only speak about the software they use. It's very hard to use the word 'Fediverse' in this context because Mastodon's controls are different to those of Diaspora or Hubzilla. Even if we say that the protocol gives us lots of control, we don't know how different software implements the protocol. If we say that ActivityPub is safe, people will assume that any software using it is also safe.\r\n\r\nFor me, the problem is people's [b]unrealistic privacy expectations[/b] when they don't understand the technology - I was one of them.\r\n\r\nThere are lots of people in the Fediverse who still claim that there is no AI in the Fediverse, so your data is protected and not used to train LLMs. But most user profiles are public and can be scraped, and admins could also do so if they had the ambition and skills. This is not the business model like in Meta platforms, but it is a real possibility.\r\n\r\nIf data protection authorities (DPA) were to pay attention to the Fediverse one day, it could easily be demonised, which would scare people away. I hope that, by the time it starts receiving attention from DPAs and Big Tech, the necessary privacy controls will already have been implemented.",
"sig": "fadefdf6af16dc2f07ea9e40a7e0694f0aca0bbeeb60f6c435b01ecebea84642d180192a09181ef98a4268dcd6a703dbf97d1108d0889436d951eac6fc2958bc"
}