With the Zuckerberg takeover impending, there's a lot of confusion circulating about the use of user-level and instance-level blocks, and how our online expressions can be secured against Meta. Everyone who objects to their accounts being mined by the Zuckerberg entity for data collection, AI ingestion, monetization, and possible ghost-profile building needs to understand this problem. Here's information to clarify.
Neither a user-level block, or an instance-level block, will protect our posts from Meta data-mining by default on a Mastodon instance. Posts won't be delivered directly, but can be ingested by other means; if, for example, users on Meta-federated instances boost them.
However, both user and instance blocks will totally prevent post delivery in all cases IF your host instance has enabled the functionality called Authorized Fetch.
By default, Authorized Fetch is off on Mastodon instances and most haven't turned it on. If this concern is important to you, you might want to respectfully reach out to your admins and let them know. Remember that they are working hard to provide and sustain online community at no charge. It's likely they won't be very familiar with it and will need time to look into it.
@ophiocephalic@brook I am curious to know if you think there are any times when mining data from social media sites would be acceptable? For example many academics mine data for aspects such as the spread of false information.
In general though I think we need stronger data protection and ethical policies on the use of social media data. But there also has to be (in my view) acceptance of some data mining.
@rodlux
Thanks for your thoughts and for asking of mine. My take is that academics undertaking research on social media networks is a very different use-case than Meta mining data for surveillance and AI ingestion. Either way, however, there is a basic responsibility to acquire consent, which Meta and the other capitalist social networks are clearly failing to exercise.
In the case of research on networks like twitter or the zuckerberg services, there's already so much plunder going on that a few research projects, the dissemination of which may result in societal benefit, is a drop in the ocean and not worth losing sleep over. However, I have to tell you that I would be upset to learn that some academic project was scraping data here in the fedi without any consent process, because here we have a different expectation about consent and (relative) control over our data.
Ultimately, in an ideal context, I would argue that no degree of data mining is acceptable. In the context we're enduring at the moment, taking academics to task about a facebook study is, to quote Coppola, "handing out speeding tickets at the Indy 500"
@ophiocephalic@brook I am far from being a technical person, but that article is very well written and even I understood the principles and the explanations, so respect to the writer.
@ophiocephalic@brook This is difficult to understand, much in part gecause Mastodon has its own vocabulary and language which is hard to grasp. Why should we need a translation & dictionary to read this with any measure of understanding? It seems like this is purposeful to create a level of elitism from other social media platforms. Just my observation.
@wsrphoto
In fact, the post was intended to be as easy to understand as possible. The actual technical issues are quite complicated. No one wants technology to be complex, that's just the way it is
@ophiocephalic Thanks. It's the terminology confuses me, and several times through it gets clearer, but having spent part of my career with USGS as technical data manager, terms we used don't translate to Mastodon and the network of server hosts. My problem to learn.
@wsrphoto
It's understandable. It's a novel paradigm, even within tech.
There are two ways to block another server. Your home server can do it, which means the block is in place for everyone who uses the server. But if that kind of block isn't active, an individual user can also block another server, which only affects their own account. The point of this post is to explain that, for either of those kinds of blocks to work without leaking, the Auth-Fetch function needs to be activated by the server's administrator. Does that help to clarify?
I discuss this on a different thread, but it's important to start with the basis that there isn't just one "Facebook threat".
People are worried about lots of different things:
FB reading my content
FB advertising to me via people I follow
FB stealing my content without attribution
FB funneling targeted hate mobs
FB tracking my activity
FB controlling which content I see
etc.
The Authorized Fetch function is one of the mitigations you mention. Also, please note that the other person you tagged was looking for an easy-to-understand explanation of the problem my post refers to
Right, Authorized Fetch is one of the mitigations. But which of those concerns does it mitigate?
I listed 7 or so, but you added another one (ghost profiles), all using big words. And I think Scott is understandably confused. As are lots of people.
You're calling this the "Zuckerberg takeover", that's just a vague threat, not a "specific thing I don't want to happen".
If you want people to make active decisions shouldn't they know which threats they're mitigating?
@gatesvp@wsrphoto
The nature of the threats are made clear at the beginning of the post. The purpose of the post is to simplify the one specific issue of Authorized Fetch for people without advanced technical knowledge
@Brett_E_Carlock@ophiocephalic@brook Eugen is 100% in favor of federating with Threads, i would like to move to a new instance or maybe set one up on my website but I'm just a pleb, not a real admin so 🤷
@itsmeholland@Brett_E_Carlock
That's true, however it would benefit all instances, including those federating with Meta, to implement Authorized Fetch, so users on those instances could remain and securely block them. I would support Brett's query for that reason. However, if you object to Meta, it is definitely preferable to migrate to a fedipact instance or set one up on your own. Best of luck!
@ophiocephalic@Brett_E_Carlock ohhh ok that's good to know. So if Mastodon.social has authorized fetch enabled then I can personally prevent Meta from fetching my account? 🤔
@ophiocephalic@itsmeholland @Gargron
More than just privacy, it appears to be a great 10/90 solution (10% effort for 90% utility) to block loads of harassment that will target marginalized folks.
There has been tons of work and talk about this by very knowledgeable folks, so it seems like the kind of thing that needs to be in place on the two largest instances at the least.
@Brett_E_Carlock@itsmeholland
In full agreement, except that it should be in place everywhere, because it could have been defaulted to on by now. It would be important just for the fediverse use-case alone, let alone the Meta takeover
@ophiocephalic I’m thinking about moving to a server that does have it enabled. Does anyone reading this have recommendations for somewhere that might be a good fit for me?
@codesmith
Here's the problem. Right now, even many admins are fuzzy on it. This post is an attempt at contributing to circulating popular consciousness about it. It would be great if we could create a big enough clamor to make it a thing that admins are incentivized to address, and even publicize. IOW, if you can't find anything right now, hang in there
Add comment