((I’m not an expert, I’ve been reading up on things as much as I can. If there’s an error, I’ll happily correct it!))


TLDR:

  • Nearly all of us distrust Meta and have the same broader goals
  • We need to pick the best move to go against powerful companies like Meta
  • Defederation may not be the right move, and it might even help Meta move forward (and more easily perform EEE)
  • There are other options that we can spend our energy on
  • It doesn’t matter for Lemmy (yet), this is more a conversation for Mastodon, Firefish and Kbin

We’ve been getting a LOT of posts on this, but the misconceptions make it harder for us to decide what to do. If we’re going to try and protect the Fediverse against large, well funded companies like Meta, figuring out the right action is important. We need to actually look at the options, consider the realistic outcomes, and plan around that.

I’m willing to bet around 95% of users on Lemmy and Mastodon CHOSE to be here because we understand the threat Meta/Facebook poses, and we want to do something about it. That’s not in question here.

So in that sense, please be kind to the other user you are replying to. The vast majority of us share the same goal here. When we disagree, we disagree on the best path forward and not the goal. Wanting to stay federated DOES NOT mean the user wants to help Meta or thinks that Meta is here for our benefit.


Misconception: Defederation will hinder Meta’s EEE

It might, but not necessarily, and it might even help the EEE. Here’s a link to some history of EEE, what it means, and some examples: https://en.wikipedia.org/wiki/Embrace,_extend,_and_extinguish. I’d recommend at least skimming it because it’s interesting (and because this isn’t the only fight)

Assuming Meta is doing an EEE move, they’re in the embrace stage. That’s not about us embracing them, it’s about them embracing the protocol, which they can do whether we stay federated or not.

Defederation can tell newcomers that the defederated instance is an island, and they’re better off joining the place where they can talk to their friends and see the content they want. We saw this early during the Reddit exodus with Beehaw, where many users hopped instances away from Beehaw.

Meta can more easily embrace if more people actively use their platform. They can more easily extend if we’re not around to explain why extending is a poisonous action. Being federated can allow us to encourage users to ditch Meta’s platform and join an open one (ex. Mastodon, Firefish, etc.)


Misconception: Defederation is the only move

Defederation is the first option that comes to mind. It sounds simple, it is loud and newsworthy, and it can be done with the click of a mouse. But if it is a bad action, then what are the good actions?

  1. Don’t let them have a monopoly over the use of ActivityPub. Grow the other platforms: The extend stage only works when the platform gets a near monopoly over use of the standard. That brings up the first action. If there are enough users, services and resources on things like Mastodon/Lemmy, then Meta (or any other company) can’t just extend the spec without causing their users to ditch Threads to stay connected to the content they want to see.
    • Reach out to organizations in your area or line of work. Help them join Mastodon or other relevant Fediverse platforms. I’m sure the for-profit companies put money into this process, so brainstorm and reach out
    • Add your Fediverse accounts to the bio of your other accounts, and share posts from the Fediverse elsewhere

As long as there is a healthy community away from Meta (ex. what we have right now), then they can’t extend & extinguish.

  1. Protect the Standards and share why it is important
  • Share posts from experts about strict adherence to standards, support regulatory and legal advocacy (interoperability requirements etc.), and educate other users about the risks.

(I didn’t want to say more here because I’m not an expert, I’m happy to edit more points in)


Misconception: We should still defederate because of Privacy Risks

Not necessarily (and likely not at all?)

Meta is notorious for gathering data and then abusing that data, so this is an issue to consider. However, the way that activitypub works, the outgoing data is publicly available. Defederating with Meta doesn’t prevent that, and federating doesn’t give them any more data than they could get otherwise.


Misconception: Lemmy instances need to decide

This is a big point: It doesn’t really matter for Lemmy right now, one way or another.

It’s more of an issue when data starts coming IN to Lemmy from Mastodon and Meta’s Threads (or out from Lemmy to Threads). See below

Edit to add: For now it might even be good to defederate from Lemmy as a symbolic gesture. My instance is defederated, and I don’t plan on trying to change that. Ultimately it doesn’t change much


Legitimate risks from Federation with Meta, and more effective ways to counter them

  • Algorithmic Amplification: Meta’s history of using algorithms that prioritize engagement can amplify harmful or divisive content. These algorithms are not public like it is with Mastodon and other FOSS platforms.

  • Misinformation and Content Moderation: All Fediverse platforms will have to work on content moderation and misinformation. Platforms like Meta, focussed on profit and advertising, will likely moderate in a way that protects their income. Those moderation decisions will be federated around.

  • Commercialization and User Exploitation: Meta’s for-profit nature means it’s incentivized to maximize user engagement, at the expense of our well-being.

  • Additional Data on how the free fediverse interacts with their platform (this one is harder to make a counter for)

Counters:

  • Promote user control over their feeds, and develop USEFUL but safe and open algorithms for the feeds
  • Flag content and users from risky platforms, with a little warning icon and explanation (ex. ‘Content is from a for-profit platform, and it may ___’)
  • Implement features so that users can opt in or opt out from seeing content from risky platforms. In particular on explore/discover/public feeds, so it doesn’t affect content the user is following.
  • Develop strict community guidelines that can get Meta (and other companies) sent into the ‘blocked by default’ bins mentioned above. (edit: There’s a good point here that if Meta’a Threads is full of hatred or poor moderation, then blocking them is the right move)

Final point: Evaluate things critically. Don’t even just take my word for it. I doubt Meta or other groups care enough about Lemmy yet to spread disinformation here, and every post I’ve seen promoting defederation feels like a good faith attempt for something they believe in. But it’s still worth thinking about what we’re supporting.

Sometimes what feels like a good move might not help, and could even make things worse.

  • kopper [they/them]
    link
    fedilink
    English
    31
    edit-2
    1 year ago

    just want to clarify something:

    However, the way that activitypub works, the outgoing data is publicly available. Defederating with Meta doesn’t prevent that,

    there is a technical solution to this in the form of authorized fetch: https://hub.sunny.garden/2023/06/28/what-does-authorized_fetch-actually-do/

    mastodon implements it, pleroma/akkoma probably implements it, pixelfed implements it, firefish and iceshrimp implement it (sharkey has a PR implementing it opened just today), gotosocial not only implements it but enforces it, with no ability to turn it off

    notably, none of the threadiverse software implement it, and no software other than the aforementioned gotosocial enable it by default.

    • Carighan Maconar
      link
      English
      13
      edit-2
      1 year ago

      Yeah but the point was probably more that the data is intentionally public. It shouldn’t matter whether Meta gets it through federation or opening the web page and reading it. It’s public information, just publicized automatically.

      • kopper [they/them]
        link
        fedilink
        English
        6
        edit-2
        1 year ago

        you can disable the webpage and unauthorized API if you so choose. mastodon and pleroma/akkoma provide these settings. gotosocial hides all posts with an unlisted visibility from public pages.

        authorized fetch only provides protection for activitypub, it’s just a single component of a layered stack of protection you can enable depending on your exact threat model.

        the privacy threat model of Lemmy is significantly different from a microblog, which is the current target of threads.

        (also have none of you heard of consent?)

        cc @[email protected] this reply also applies to your reply

        • FaceDeer
          link
          fedilink
          11 year ago

          If you’re going to disable the web page and prevent API usage, why are you even running a Federated server to begin with? It seems to be missing the whole point of the protocol to be trying to use it as a private forum or instant messenger, there are other projects far better suited to that sort of thing.

          (also have none of you heard of consent?)

          Have you not heard of public speech? When you stand on a street corner and shout your opinions to the world you can’t expect everyone wandering past to seek out your explicit consent before they can hear you. Posting on a public forum means you are deliberately putting your words out where vast numbers of random people can see them. Yes, even Meta.

          If you don’t want that to be the case then this is probably not the right protocol to be using in the first place.

    • FaceDeer
      link
      fedilink
      111 year ago

      Meta could be running a completely ordinary Mastodon or Lemmy server and monitoring data through that. Or they’re using the API of some ordinary server. Or they’re simply scraping the web directly.

      I can understand using stuff like Authorized Fetch to control bandwidth, but this obsession with hiding data that has been explicitly posted on a public forum is frankly kind of weird.

    • OtterOP
      link
      fedilink
      English
      61 year ago

      Interesting thank you

      I also saw something about Pixelfed adding stuff to help (just a few hours ago?)

    • @[email protected]
      link
      fedilink
      English
      31 year ago

      Lemmy 0.19 supports authorized fetch when retrieving remote objects. Enforcing it for fetches from Lemmy would also not be hard. It doesn’t make much sense though as long as we don’t have private communities.

      • kopper [they/them]
        link
        fedilink
        English
        11 year ago

        ah, gotcha. this instance is still on 0.18 so that’s why my tests didn’t work out. I’ll edit that part out