Should the Fediverse welcome its new surveillance-capitalism overlords? Opinions differ! (REMIX IN PROGRESS)

Originally published June 22, significantly revised July 7, remixed in December 2023 after Threads’ launch. See the update log at the bottom for a revision history.

Exciting times in the fediverse

“It’s been a wild week or so watching people who I thought hated centralized social networks because of the harm they do giddily celebrating the entry into the fediverse of a vast, surveillance-centric social media conglomerate credibly accused of enabling targeted persecution and mass murder.”

– Erin Kissane,

Damon Outlaw, on calckey.social (now firefish.social)

Despite the increasingly strong Black Mastodon community, and the positive impact of the #BlackJoy and #BlackFriday hashtags, The Whiteness of Mastodon remains a huge problem as well. As I was writing the first draft of this article, I saw posts from at least four Black people I follow describing racist interactions they had just had, and they’re far from the only ones. As mekka okereke says, it should be almost impossible for a new, non-technical user to onboard onto the Fediverse and accidentally join a server where they will receive racist death threats – and that is very much not the case today.

As Rochko and cis white male admins of large Mastodon instances who haven’t prioritized dealing with this and other issues cozy up to Meta, it’ll create spaces for others in anti-Meta part of the fediverse – and their relative lack of power in comparison to Meta will open up space in the pro-Meta region. Mastodon forks, apps and other fediverse platforms continue to innovate, but mainline Mastodon has had challenges keeping pace – and important community contributions still haven’t integrated into the mainline code.  And Mastodon’s dominance has made it a challenge for forks and other Twitter-like implementations to get traction. That’s already starting to change, and Meta’s arrival will accelerate thse changes

A few of the other issues where progress is badly needed:  

  • Moderation on many instances is no better than Facebook. Mastodon’s moderation tools leave out important funcationality that’s standard on forums and (sorry) Facebook groups – and many other fediverse implementations have even fewer tools for moderators than Mastodon (although that’s changing). And the lack of progress is striking!  Mastodon and today’s fediverse are unsafe by design and unsafe by default discusses the issues in a lot more detail.
  • The ActivityPub protocol hasn’t made any significant progress either over the last five years. The pace has been picking up a little in the SWICG charged with moving it forward over the last few months, with email discussions and efforts to gradually clean up the backlog of issues, but there’s been no discernible progress yet on huge open issues like trust and safety and consent which were ignored in the original protocol specification.
  • There’s very little privacy on the fediverse today.  But it doesn’t have to be that way!14

No matter how you feel about Meta, their arrival highlights the need to deal with those problems … and even more importantly, will almost certainly upend the power structures that have hindered progress.

So while it’s likely to be a chaotic time in the fediverse … in chaos there is opportunity!  

Stay tuned for upcoming posts talking about a positive path forward.  And in the meantime, if you’re in the fediverse, please check with your instance admin about their position on Meta, and ask them to kick off conversations about whether or not to sign the Anti-Meta Fedi Pact.

Terminology note: LGBTQIA2S+

I’m using LGBTQIA2S+ as a shorthand for lesbian, gay, gender non-conforming, genderqueer, bi, trans, queer, intersex, asexual, agender,  two-sprit, and others who are not straight, cis, and heteronormative.  Julia Serrano’s trans, gender, sexuality, and activism glossary has definitions for most of terms, although resources like OACAS Library Guides’ Two-spirit identities page to into a lot more detail. Serrano also discusses the tensions between ever-growing and always incomplete acronyms and more abstract terms like “gender and sexual minorities”.

Ontario Human Rights Commission’s page on Gender identity and gender expression is a good short reference on the distinctions between gender identity, gender expression, sexual orientation, and sex.

Notes

1 For example:

  • Meta could introduce their own proprietary extensions to the protocol, just as Facebook and Google did with the XMPP decentralized messaging protocol (a setback XMPP never really recovered from). Ploum’s How to Kill a Decentralised Network (such as the Fediverse) discusses the XMPP situation in more detail.
  • Meta could use the threat of dropping ActivtyPub support to pressure the standards group to adopt Meta’s suggested “improvements.”
  • For that matter, nothing prevents Meta from turning around and saying “oh and we support AT Protocol and Bluesky as well,” just as Flipboard already supports Bluesky as well as Mastodon.

ActivityPub supporters optimistically suggest that none of those things will happen this time, at least not for a while, and even if and when they do it won’t hurt ActivityPub much.

2 Hope springs eternal! It reminds me of the time a friend of mine stepped in as interim CEO of a startup whose quests to get funding were repeatedly stymied when VCs asked why they’d be successful when a dozen companies had previously failed with a similar strategy. Lacking a better answer, he told me “I’d look them right in the eye and confidently say ‘because we’re going to be lucky.’” I actually do agree that Meta’s not particularly trying to extinguish the fediverse, and instead is employing an “Embrace, Extend, and Exploit” strategy, but still, it’s not like that’s exactly comforting.

3 In fact if you think about it, there are lots of scenarios that could lead a majority of instances defederating. Reddit’s ongoing footgun, with a big ad-funded tech company screwing over its most active users, app developers, and volunteer moderators could lead to the fediverse equivalents of all of the above (as well as instance admins and pundit) to think twice about the wisdom of working with Meta. Canadians might see Meta’s blacking out news as contrary to the spirit of the fediverse; Californians might see Meta’s threat to black out news coverage as bullying. Another whisteblower could attract media coverage about some new appalling way Facebook, Instagram, WhatsApp, or Meta exploited their users. Of course the likelihood and impact hard to predict, but any of these things are distinctly possible.

4 Bluesky is another decentralized social network, originally funded by former Twitter CEO Jack Dorsey, which developed its own protocol (AT Protocol) instead of starting with ActivityPub.

Annalee Newitz’ Bluesky is just another Twitter clone and that isn’t a good thing and Michał “rysiek” Woźniak’s BlueSky is cosplaying decentralization discuss Bluesky in more detail.  Tim Chambers’ Project92 and the Fediverse similarly highlights the risk of Meta adopting Bluesky.  Meta knows that ActivityPub loyalists see Bluesky as a rival, so I’m sure they’re subtly (or maybe-not-so) hinting that if the fediverse spurns them, they’ll cozy up to Bluesky. Of course even if the fediverse welcomes them with open arms, they’ll cozy up to Bluesky the second that it’s useful from their perspective, so I’m not sure why people think this talking point is so effective … but it’s clearly a talking point.

5 Hahahaha.

Apple and Google have close to 90% of the email client market, Microsoft and Yahoo another 7% … and while it’s still possible to run your own email server if you’ve got the time to learn about DKIM, SPF, DMARC and other anti-spam technies, even following best practices it’s become increasingly difficult to get Gmail to actually accept mail from individual servers without marking it as spam.  This is the best example he could come up with as a triumph of openness? As Ian Betteridge says in Meta and Mastodon – What’s really on people’s minds?,   “the email analogy is terrible, and we should all stop using it.”  

Gruber’s response to Betteridge’s post contains this gem:

If you don’t want Meta (or Google, or whoever) to see your posts, then no matter which instance you’re on, and which other servers your instance chooses to federate with, you need to make your account private…. If your account isn’t private, you’re posting to the open web.

He clearly has no idea what he’s talking about here.  For one thing, Mastodon doesn’t have private accounts.  Like other social networks, though, it does have the ability to resrict individual posts – “followers-only”, specific people, or visible on your instance – in which case they’re not public.  Why does anybody listen to him? But he’s got 47,000 followers on Mastodon, and his posts frequently show up on Mastodon’s algorithmic “explore” tab which means people are boosting them, so … 🤷🏻‍♂️.  

Sean Tilley’s John Gruber Doesn’t Know What He’s Talking About deconstructs Gruber’s post in more detail.  For the record, I had written that Gruber “clearly has no idea what he’s talking about here” before seeing Sean’s headline … we reached the same conclusion independently!

Update, July 21: in a discussion about the likelihood of Threads-based ads infecting the fediverse once they federate, Tim Chambers points out that there are already sponsored posts here, such as this one  from … Gruber!  You can’t make this stuff up.  

[Is it just me or is “Gruber, a very loud advocate of federating with Meta is already doing ads here, so we don’t have to worry about ads from Meta” not as strong an argument as Tim seems to think it is?]

5.1 Chambers similarly left some of the most important concerns of many people advocating blocking Meta out of the original version of his June 23 Project92 and the Fediverse – A Smarter Battle Plan to Protect the Open Social Web – and then, even after multiple discussions with people supporting blocking, devoted just once sentence to the concerns in his June 25 post, and didn’t even mention these concerns in his June 30, July 3 , and July 5 posts, instead decrying the “almost religious overtones” of the debate and calling for “empathy, humility, and community.”

Looking at vantablack’s tl;dr summary of reasons for the Anti-Meta Fedi Pact I included above – all of which I’ve heard from lots of other people as well – Chambers original three-point summary missed the mark on two out of three:

  • Chambers doesn’t mention Facebook, Instagram, and Meta’s long track record of evil behavior, instead simply treating them as a potential risk just like any other bad actor on the fediverse (just on a larger scale) that he suggests can can be managed and moderated by technical tools (that he sees as generally working well enough today)
  • vantablack focuses on protecting marginalized communities – as opposed to Chambers third point focusing on defending the ActivityPub standard against embrace-and-extend attacks

[And yes I know it’s weird to have decimal points in footnote numbers.  Ghost (the software I’m currently using for the Nexus of Privacy newsletter) only has footnote number withing Markdown cards as far as I know, and I hate Markdown, so it’s a real pain to constantly adjust them.  Sorry about that.]

5.2 For example:

Update, December 22: On the SWICG standards mailing list, fediverse influencer Promodrou objected to the suggestion that Meta might be pursing EEE as “not acceptable. You’re insulting our member from Meta; you’re also insulting the integrity of everyone else working on the ActivityPub standards, here and elsewhere.”  But of course that’s nonsense – in a reply, Ben Goldstein helpfully included the link to Wikipedia’s page on playing the victim. EEE isn’t an insult, it’s a pithy description of well-known strategy for corporations to try to exploit open standards. Whether or not it’s what Meta’s intentionally trying to do here (I don’t think so, but many others disagree), it’s not insulting the integrity of anybody working on the standards to say that they should discuss what (if anything) to do to respond to the concerns and risk.  

6 One example: Rochko has famously refused to integrate community-contributed support for “local-only posts”, which can provide protection against harassment and dogpiles (as wall as improving privacy). But it’s not just Rochko; admins of virtually all of the larger instances have chosen not to run Mastodon forks (variants) like Glitch-soc and Hometown that provide more safety for their users by implementing local-only posts. Meta will try very hard to make it worthwhile for them to compromise user safety (or just trick them into doing it), and past behavior is the best predictor of future behavior.

7  For more critiques of ActivityPub, including from another author of the spec, see the ActivityPub section of Mastodon: a partial history.  ActivityPub’s weaknesses make it especially vulnerable to an “embrace and extend” attack where Meta introduces proprietary solutions that are genuine improvements over the standard.  

Of course, these design flaws can be worked around to some extent.  In addition, ActivityPub could evolve to better address harassment; Erin Shephard’  A better moderation system is possible for the social web  and Lemmer-Webber’s OcapPub: Towards networks of consent describe potential paths forward.  But, most ActivityPub supporters haven’t prioritized this.

8 It’s very reminiscent of the dynamics where white people say “there’s no excuse for anybody being on Twitter and supporting its racist management!” without recognizing that Twitter’s management has always been racist and (as Richie Brave said in Black Twitter’s Mass Exodus: The Community Will Find Another Way) Twitter has always been a hostile place.  Dr. Meredith Clark’s  Elon Musk’s purchase is not Black Twitter’s problem on The Grio is also very relevant.

9 A good example of the vortex of toxicity around Meta: in mid-June,  conflicting reports of a meeting between Meta and instance admins (and others?) with a non-disclosure agreement (NDA) threw gasoline on the flames, leading to defederations and allegations of backstabbing, bullying, and “lynch mobs”.  [A quick racial justice education aside: if you’re not a Black person, and you use this term to refer to a white person getting hassled, it’s racist.] Rumors swirling around deleted tweets resulted in people like Dan Supernault of Pixelfed who apparently didn’t sign the NDA or attend the meeting getting attacked. mastodon.art anounced they were defedereating Universeodon, whose instance admin Byron had history of problematic behavior even before he reached out to Meta. mstdn.social’s admin Stux got so frustrated with mastodon.art’s admin Welsh Pixie for what he saw as mischaracterizing the situation that he defederated mstdn.social from mastodon.art with no notice – severing connections between people on the two instances.  Even though he refederated the next day, the connections don’t magically reappear, he continued to block all communications from people on his instance with mastodon.art’s instance admin – by which point I saw more than one person saying that it was their cue to move on from mstdn.social.  That’s only the tip of the iceberg of course, but you get the idea.  

Details aside, one of the key takeaways here is the lack of maturity of the software: after six years why wasn’t there an option of defederating in a way that allows connections to be reestablished when the situation changes and refederation is possible?  If you look in inga-lovinde ‘s Improve defederation UX March 2021 feature request on Github, it’s pretty clear that it’s not the first time stuff like this happened.   Dan Fixes Coin-Ops has an interesting perspective on retro.social describes how this looked from the perspective of a (former) mstdn.social user.

But the details are important too, especially given how things played out and Byron’s comments that he felt so much more affinity with Meta engineers than he did with people on the fediverse.   mastodon.art’s Defederating from Universeodon and Universeodon’s now-deleted “Meta – Progress and Controversy” (still available on archive.org) give two different views of what happened in June.

Byron claimed that he had received “death threats” because of the .art blog post, and also claied that .art’s admin had claimed they were justified. In a June 26 post, stux said “It’s time people stand up against the bullies from the .art staff.”  Others however saw it differently. In a June 27 post, ngmx’s admin noted that Byron and Stux’ behavior “raises all sorts of red flags, as they try to avoid taking responsibility for their own actions, and try to frame .art as the aggressor instead,” and helpfully included a link to Wikipedia’s page on DARVO.

Byron blocked me on June 28 after I pointed out that his mischaracterization of a critical comment as “abuse” was “a classic self-pitying excuse for not trying to understand others’ point of view“.  Well, okay I also pointed out that he was being unfair to his kids by highlighting their positive experiences on Meta while ignoring the horror stories so many people of color and LGBTQ+ people have about their less-positive experiences there, and told him he should apologize to his kids, so I totally get why he blocked me … but he then proceeded to tell people it was because I had called him a Nazi for not agreeing with him.  Uh, no, that’s not what I said.

Over the next few weeks, Byron kept  showing up in people’s mentions accusing .art of abuse and ignoring requests to stop.  In an excellent thread with cutie.city’s admin Nuz, Byron couldn’t or wouldn’t produce receipts showing an relationship between .art and the accounts that made those “death threats.” Oliphant’s July 20 post Defederating Universeodon, characterizing Byron’s behavior as harassment, was swiftly followed by Byron’s farewell post Thank you Universeodon and the Fediverse!  

In a now-deleted tweet, Free Ze Peach (yes really, you think I could make up that perfect an account name?) described the situation as  “the high school mean girl cancel mob vibe at Mastodon, they are relentless bullies, sadists in disguise.” Some people on the fediverse no doubt felt that way as well.  Others wishing Byron well were presumably just being polite; if you were one of them, it’s worth looking at Nuz’ perspectives here, which also include links to a few other posts.  Nuz’ white dude story time is also worth reading.  

Welsh Pixie’s The Toxic Manosphere of Fedi has detailed receipts and analysis of the misogyny, DARVO, gaslighting, and abuser tactics.  As she says:

“The fediverse – a network of social media platforms without one big tech company or a board room of white guys in suits or a dickhead egotistical billionaire controlling everything – by its very nature challenges the status quo. White guys who are used to being in control, who are used to waving their privilege dicks around and everyone else getting the fuck out of the way while they indulge in their incessant and continuous mutual ego-stroking, are running into people who don’t give a shit about them or their supposed Place In Society, but now instead of having to ‘like it or lump it’, we’re able to do something; we’re able to opt out and continue our lives without them in the conversation.”

10 Posts on Mastodon were officially known as toots up until last November, and still frequently get referred to that way.  And how could I pass up the opportunity to refer to “Trumpet’s toot”?

11 Note that several of the polls included options like “just see results” or “SpiderNeal/Comments”; the numbers I’m presenting here exclude those responses.  And no, I don’t know who SpiderNeal is either.

12  Unfortunately Mastodon doesn’t provide any way to take your posts with you when you move to a different instance, but Tokyo Outsider’s work on the Mastodon Content Mover and Firefish’s support for post migration mean that there are more options now than there were six months ago. Alex Heath has reported that Threads will allow users to import their account info and posts from Mastodon.  On the one hand it would be pretty funny if the implemented this before Mastodon; on the other hand, it’s a good example of how an “embrace and extend” can exploit weaknesses in fediverse software to provide a better proprietary experience for their users.  Osma Ahvenlampi points out that groups are another fediverse weakness ripe for Meta to target.  Facebook has a very flexible group mechanism; by contrast, Reddit alternatives Kbin and Lemmy are promising, but have a long way to go; Mastodon’s implementation is still in the works.

12.5 In the original version of this post I framed it as a single “free fediverse”, but there may well be more than one.  For example, in recent Mastodon discussions I’ve suggested that we’re seeing the emergence of an anarchist/leftist fediverse and an anti-racist fediverse; if so, I’d expect both of those regions to reject Meta.

13 Even though today’s ActivityPub implementations make most stuff public, where Meta, Google, and other bad actors could get to it by web scraping, many people (including me) see that as a problem that needs to be addressed – and not a reason for instances to also be bad actors and give them my data without consent.   Threat modeling Meta, the fediverse, and privacy explores this and other privacy issues in somewhat more detail – although as I point out, it’s still only a simple analysis, a more detailed analysis is needed, and that will require funding.

As far as I know, nobody’s done similar threat modelnig for the other direction: harassment, hate speech, and disinfo flowing from Meta, via instances that federate with them, to instances that have blocked Meta but haven’t blocked instances federating with Meta.  Again, detailed analysis is needed, and that too will require funding.  Until these detailed analyses are done, “transitive defederation” (defederating Meta, any instances that federate with Meta directly or indirectly) is the safer approach.

13.5 As Only Brown Mastodon pointed out in October, in a different context, “For a white person on the Fediverse, defederation is punishment; for the rest of us, it is a form of self-defence.”

14 A few examples:

  • bad actors can easily scrape public information, and most information is public – Mastodon doesn’t even provide the equivalent of Twitter’s private profiles (although you can limit visibility of individual posts)
  • the option to keep your posts from search engines doesn’t work
  • direct messages aren’t end-to-end encrypted so instance admins can create them,
  • the security bar is so low that nobody even batted an eye last fall when infosec.exchange (one of the fediverse hubs for the security community) misconfigured the system and left all images exposed to anybody who wanted to see them,
  • Most instance admins don’t turn on “secure fetch”, which provides additional security and privacy guarantees
  • Most instance admins don’t provide people the ability to make “local-only posts”, which provide stronger privacy as well as saftety

Threat modeling Meta, the fediverse, and privacy discusses ways to make progress on many of these privacy issues.

Update log

Ongoing: fixing typos and confusing wording, adding new links, and other minor changes

December 23: starting remix with a new introduction, starting with Kissane’s quote, and moving the contents after the intro.

December 13-22: updated after Zuckerberg’s announcement – including getting rid of the line (in the July version) “In my view it’s still an open question whether they do it at all.” Other than that, though, almost everything else aged well, so I added a few links and updated the analysis based on their apparent rollout strategy. Here’s the last version (from archive.org) before the remix.

August 1: updated footnote #9, after Byron’s departure – it’s now even longer than footnote #5!  But, it’s relevant both as an illustration of the point that Meta’s arrival will cause positive changes in the power structure here, and his perspective that he felt more affinity with Meta engineers than with people in the fediverse.

July 21: updated footnote #5, mocking Gruber.  This footnote’s long enough that at some point I should break it out into a separate post!

July 14: update in response to new reporting that ActivityPub integration is a “long way out”

July 8: include a quick summary in the intro, breaking most of the existing intro into the new Why block Meta section; tweak the strategy section in response to feedback.

July 6-7: major update now that Threads has been released: changes in the introductionn to bring it up to date, additional quotes, reordering, adding new sections on An important perspective, too rarely acknowledged, What will instances do?  Opinions differ!, Speaking of polls …, There are many fediverses — and a lot of people will prefer them to Threads, and significant changes to An interesting dynamic and In chaos there is opportunity!  Also cleaning up the numbering of the footnotes, which are becoming the bane of my existence.

June 27: add quote from IronWynch about Meta’s nazi spam problem, and Esther Payne’s crucial point about consent; move vantablack’s quote about what it’s like to be trans on Facebook up front.

June 26: more work on An interesting dynamic to better capture the mismatch between the two sides … it’s now long enough that it’s a section in its own right. And, added a poll on people moving instances and a brief discussion of on privacy in In chaos there is opportunity!

June 25: rework discussion of “bigger is better” in respones to feedback to highlight that some of the loudest advocates for working with Meta have a track record of not prioritizing user safety; incorporate a few updates from  We’re here, we’re queer, and we’re federated.  

June 23-24: incorporated feedback, added a few more links, clarified some points

June 22: published and sent to newslsetter subscribers.  Here’s the original versionon archive.org.