 Bridge to Bluesky Apparently, Ryan Barrett @snarfed.org, an engineer/developer, is about to connect a bridge between Mastodon (Fediverse) and Bluesky. Announcement here: https://snarfed.org/2024-02-12_52106 Of note the bridge is OPT-OUT. That is, your content will be automatically bridged to Bluesky, UNLESS you OPT-OUT. So how do you opt-out? You have to DM Ryan Barnett at @snarfed, email him (somehow), file a GitHub issue, or put #nobridge in your profile bio. 126 comments
In addition to broad content rights issues, there may also be GDPR issues. GDPR has very explicit rules about opt-in vs. opt-out when consent is required. @mastodonmigration @vruz @snarfed.org @snarfed The developer of this is US-based and is not making money off of it, so it doesn't apply lol. This is doing absolutely nothing different than what federation already does. Federation vacuums up your data and sends it to another server. That is how Mastodon has always worked. This is no different.  @sam @mastodonmigration @snarfed.org @snarfed I'm not sure what "lol" means in this context, but it seems that you are saying somebody believes that living in and operating from the US is reason enough for that person not to give a fuck about other people's rights.  @vruz @sam @mastodonmigration @snarfed.org @snarfed I guess they believe GDPR is written like “consent is important yo, unless the guy is based in the US and doesn't directly makes money out of it, in that case he can do whatever”. @Arcaik @vruz @mastodonmigration @snarfed.org @snarfed GDPR isn't applicable to anything on the Fediverse because if Mastodon was actually taken to court for GDPR the entire Fediverse would be shut down. The Fediverse is built upon taking your data and sending it off to as many servers as possible without your consent or knowledge. That is how it works. And it is a HUGE untested legal gray area. @Arcaik @vruz @mastodonmigration @snarfed.org @snarfed If you wanna push super fucking hard on GDPR, then go ahead and fucking do it, but it'll impact ALL of us in very real and very negative ways if you do. Until then, 'consent' is meaningless because there is absolutely fucking nothing fundamentally different between what this dev is doing and what Mastodon is doing. @sam @Arcaik @mastodonmigration @snarfed.org @snarfed Many things seem to be meaningless in the US, including what I ssid before. @vruz @Arcaik @mastodonmigration @snarfed.org @snarfed What I am saying is that if you applied 'consent' consistently, Mastodon would turn into an unusable mess. Other Fediverse servers use your data in tons of ways that, legally, are done without any of your consent. @sam @Arcaik @mastodonmigration @snarfed.org @snarfed I'm not sure you understand how trust works. @sam @mastodonmigration @vruz @snarfed.org @snarfed being based in the US doesn't mean you don't need to consider gdpr if data you use is in the UK. https://ico.org.uk/for-organisations/data-protection-and-the-eu/data-protection-and-the-eu-in-detail/the-uk-gdpr/international-data-transfers/  @vruz @mastodonmigration @snarfed.org @snarfed How is this different to people on other instances following you and v.v.? They don't agree to your T&Cs and v.v. My worry is if you can't just mute/block in the normal way. @stuart @vruz @snarfed.org @snarfed When you agree to your instance's Privacy Policy (https://mastodon.social/privacy-policy) you generally grant them that right: "Your public content may be downloaded by other servers in the network. Your public and followers-only posts are delivered to the servers where your followers reside, and direct messages are delivered to the servers of the recipients, in so far as those followers or recipients reside on a different server than this."  @mastodonmigration @stuart @vruz @snarfed.org @snarfed I'm confused ... how does that make the bridge different? Wouldn't the bridge simply count as "other servers in the network"? If so, and I'm not missing something, the issue here isn't bsky but that it's such a well known entity that it raises alarms about what are intrinsic privacy/safety issues built into ActivityPub ... ? AFAICT, the bridge operates exclusively through follows not indexing etc. @maegul @mastodonmigration @stuart @vruz @snarfed.org @snarfed It's not different. It's one of the servers in the network. It's just connecting two protocols. @sam @mastodonmigration @stuart @vruz @snarfed.org @snarfed Yea ... with pretty similar social mechanisms too (ie, both are twitter clones) @sam @maegul @mastodonmigration @stuart @vruz @snarfed.org @snarfed > "It's one of the servers in the network." No, it is not. Bluesky is not part of the ActivityPub network, any more than are Twitter or Facebook. https://cathode.church/fedi-scraper-counter.html I could actually kinda-sorta-maybe get behind a bridge like this, IF IT WAS OPT IN. This is not opt in. It does not even respect flags that say hoovering up a Mastodon person's or instance's data is OK with that person or that instance. @winterknell @sam @mastodonmigration @stuart @vruz @snarfed.org @snarfed I don’t know. If it can connect or be bridged then is it not “the network”? Not sure that there’s anything special about ActivityPub. To the point that it seems dangerous to emphasise a formal/nominative distinction rather than a functional one. Ie, the issue should be more about what the protocol does rather than its name. If mechanics are effectively the same then bsky is really just a big instance no? @maegul @sam @mastodonmigration @stuart @vruz @snarfed.org @snarfed Ask MySpace about Facebook's bridge. My objection is not addressed to the protocols, but to the ethics. Public posts on Mastodon and on Bluesky are easily scraped. That does not mean that any arsehole can just go ahead and bot-scrape it and pass it on. As a Masto instance, indieweb.social is welcome to receive whatever is not blocked from them, but not to pass it on wholesale beyond the edge of the Fediverse. @winterknell @sam @mastodonmigration @stuart @vruz @snarfed.org @snarfed I don't know about that bridge. But my point is that "scraping" and then "passing on beyond the fediverse" aren't necessarily clear or helpful criteria. If fediverse="uses ActivityPub" then that allows for a lot of stuff including what is effectively "scraping" (eg, kbin is effectively a search engine for masto content AFAIU). Staying "within fediverse" can be pretty arbitrary then. @maegul @sam @mastodonmigration @stuart @vruz @snarfed.org @snarfed That Bluesky doesn't use ActivityPub is a pretty clear indication that it's "beyond the Fediverse". The fact that I can't block Bluesky but can, and now have blocked, both indieweb and snarfed, is a pretty clear indication of the boundary. That the guy thinks forcing "opt out" on people is acceptable is the clearest indication of all. I'm not opposed to reach, but I'm opposed to this guy's approach.  @mastodonmigration @snarfed.org @snarfed I use both Mastodon & Bluesky & I know Jack definitely wants BlueSky & all its tentacles touch as content farms as much as Zuck does. Otherwise, are they different places with different interactions and cultures that actually complement each other? Yes. Except at least one you are paying the piper. I think I’d prefer a client that merely read both in one timeline. So watch for BlueSky APIs to shut down next, despite any lip service to federation. @Chancerubbage @mastodonmigration @snarfed.org @snarfed > I think I’d prefer a client that merely read both in one timeline. I keep thinking this ... that in this whole decentralisation project ... the value of making aggregating/powerful clients seems entirely untapped. @maegul @mastodonmigration @snarfed.org @snarfed Oh, people are working towards aggregation apps, it is just that that is one of the last things some platforms would want to support. Unless you let them scrape user data, inject ads. It was a trend and practice 20 years ago too. As was the internet before that. Open. Walled gardens wasn’t a business model always, simply providing seeds seemed enough. @mastodonmigration @snarfed.org @Gargron @dansup Seems like there's gotta be better ways to opt/out into things dynamically like this or fediverse.info etc. Maybe we could standardize on a header like X-fediverse-tags or X-fedi-opts and users could define a string in their profile for these dynamic use cases, rather than wasting bio space? That would allow fetching data via HEAD and could be added to various JSON actor APIs either as a item or in the headers. @mastodonmigration @keoni @snarfed.org @snarfed like a major reason why many of us are here is because we wanted to escape places like Bluesky (tech platforms created by tech bros). Why would anyone in their right mind think it's okay to just push our data over to some other platform without our consent? Okay sure this is like the robots.txt. But even that should be opt in not opt out. No scraping unless robots.txt even exists.  @mastodonmigration @snarfed.org @snarfed Exactly.  @mastodonmigration How many instances would this affect? @keoni @snarfed.org@snarfed.org @snarfed @mastodonmigration @snarfed.org @snarfed Yeah, automatically being opted in is a big red flag for me.  @MarrockV @mastodonmigration @snarfed.org @snarfed If it were a setting to opt out on the server my account is on - with obvious notices from my server’s admin well ahead of time, I’d be fine with it being opt out. But a third-party server? One I only joke about because other people are sharing the news? That ain’t the way to do it. Opting me in to a service I have no link to, whose agreements I have never agreed to. 👎🏻  @MarrockV @mastodonmigration @snarfed.org @snarfed as a software dev opt-in is not a valid strategy unfortunately. People just don't opt-in to reach enough mass for even testing basic stuff so that's why opt-out is so pervasive today (unless it's literally illegal)  I imagine our instance admins @ordnung would have something to say about this sort of bridging of our content elsewhere ☝️ Our instance's Terms of Service have a strict policy about data uses by others, and I'm pretty sure this violates those on its face...  @jhwgh1968 @mastodonmigration @ordnung must concede because he  Thanks for the heads up! Blocking the shit out of this on my bio and PeerTube instance. Opt-out instead of opt-in just isn't cool. People are never gonna wisen up to the billionaire grift eh? 👢👅 @mastodonmigration@mastodon.online in my opinion, this should have been strictly opt-in in the first place. we shouldn't have to explicitly opt-out. @mastodonmigration Uh... opt-in would be far better than opt-out, as scores of people have already said on your blog post.  @mastodonmigration @snarfed.org @snarfed I'm defederating any domains connected to this user. Here are the domains to block: snarfed.org Thank you for the warning about this, Mastodon Migration 🙏 @FediThing As an end user, I’ve learned how to block domains. Is brid.gy the same as web.brid.gy? I can find users on that instance so I can block but not without the leading “web” (subdomain). Appreciate any info you or others might be able to provide. Thanks for the heads up on this. Brid.gy is made by the author of this bluesky bridge, they are using brid.gy for the bridge. End user blocks of domains don't really help, they just hide stuff from you. You need to ask your server admin to defederate the domain. When a server admin blocks a domain, it also automatically blocks all subdomains.  @mastodonmigration @jeffowski @snarfed.org @snarfed also can someone at @Mastodon please work on the "report evasion" issue ( https://github.com/mastodon/mastodon/issues/23249#issuecomment-1629662706 ) and allow for blocklist feed support ( https://github.com/mastodon/mastodon/issues/28605#issuecomment-1940417953 ) for once? Cuz that'll fix a lot of problems... And no, the latter one is not a duplicate if issue #116! @mastodonmigration @snarfed.org @snarfed Honestly, even disregarding supposed legal concerns, I wouldn't want my Mastodon content to be bridged to Bluesky BECAUSE my content is already posted on Bluesky. I try my best to post content between all the social platforms I use (Threads, Mastodon, BlueSky and X/Twitter) so a bridging service like this would technically mean my posts appear twice two whomever is using the bridging service/tool.  @mastodonmigration @snarfed.org @snarfed why in the world would it not be opt-in?!? @BlackAzizAnansi @mastodonmigration @snarfed.org @snarfed Please send us a self addressed envelope if you would like to opt out of us knowing your address @mastodonmigration @snarfed.org @snarfed  @mastodonmigration @lisamelton @snarfed We already know that Bluesky’s approach to moderation is user-managed through filters. How will the bridge handle moderation reports of bad actors on Bluesky? @mastodonmigration @lisamelton @snarfed In general, I’m open to other services federating with the Fediverse, when they implement ActivityPub and choose to play nicely with the network. Threads has given every indication that they want to play nicely and be good citizens of the Fediverse. Bluesky has not, and they have made a conscious decision not to use ActivityPub, so I can’t imagine a bridge like this to be a Good Thing for either side. @mastodonmigration @snarfed.org @snarfed He can be emailed at mailto:public@ryanb.org. But this should be opt-in anyway. @mastodonmigration @snarfed.org @snarfed This could have been great, but now everyone is going to block it due to it being opt out. What a weird choice @mastodonmigration @snarfed.org @snarfed Bonus Take: When I wrote my little article suggesting bridges between different fediverses, I thought it was implicit that it be opt-in. Any bridge between technologies also bridges social norms and legal regimes. Any technology that fails to recognize this is doomed to fail.  @mastodonmigration For someone technically stupid, like *I*, wtf do I do to stop this shit for myself?  @jcrabapple I dm' Ryan and did that. All fixed. I'm leaving the hashtag on my profile since I understand none of this  @mastodonmigration @snarfed.org @snarfed And folks are suppose to trust that any entity will obey a 'hash tag' in a bio? Trust in much of the tech world is pretty thin now-a-days. --- Better Idea  @thegibson will h.t be defederating/blocking this server-wide? Edit: the thread got lost :(. I was referring to the bsky/fedoverse bridge thing.  @mastodonmigration Wow... does bro not realize how many of us could already be crossposting there...? I think it's jumping the shark and there's gonna be a lot of adding-to-modlists on the BlueSky side and defederation/pushback from the Masto side @mastodonmigration @snarfed.org @snarfed Appropriately named project. Saw Dorsey at that sporting event looking consumed with ennui, staring at the field from a sky box.  @mastodonmigration @snarfed.org @snarfed great, until they just decide to ignore the opt-out, like robots.txt @mastodonmigration @snarfed.org @snarfed Thanks for posting this. Who the fuck said it was ok to create a bridge. Isn't Bluesky owned by yet another billionaire tool? @mastodonmigration @snarfed.org @snarfed @mastodonmigration @snarfed @snarfed.org is there anything that some privileged ass white Bay Area techbro will not try to ruin  @mastodonmigration @snarfed.org @snarfed Maybe a stupid question but why the concern? Blue sky is not problematic.  @LALegault @mastodonmigration @snarfed.org @snarfed I don't think it's a stupid question but maybe this is just a stupid answer - maybe it depends on your definition of problematic it's not Facebook / Zuck or Twitter / Elon or Post / Andreeson but it's still (an arguably malign billionaire) Jack and whoever, and I also would like to see someone explain the rest of the answer @LALegault @mastodonmigration @snarfed.org @snarfed First, it's not problematic **for you**. Please don't speak for everybody else in the world. Second, *any* kind of "opt-out" forced service is problematic from the get-go. No exceptions.  @mastodonmigration @snarfed.org @snarfed Jack the Hack threw me off of Twitter for trying to warn the incoming Biden/Harris administration not to pardon Orange Mussolini. It's amusing to me he'd wind up federating with my server in his attempt to thrive post-Twitter, lol. @mastodonmigration @snarfed.org @snarfed Hello, if you would like to Opt Out of this privacy invasion, please contact us with all the personal address info we would not know otherwise. @mastodonmigration @snarfed.org @snarfed For those wondering what GDPR is… https://en.m.wikipedia.org/wiki/General_Data_Protection_Regulation  @mastodonmigration @snarfed.org@snarfed.org @snarfed It sounds like managing these ActivityPub-to-Whatever bridges is going to quickly become an administrative nightmare... With a cat-and-mouse game between Fediverse instance administrators and negligent/malicious bridge owners. @dulcedemon @mastodonmigration @snarfed.org @snarfed I know that I haven't seen all of the messages about this, but I haven't seen *one* reply from him in reply to someone that was not in favor of this. @mastodonmigration @mastodonmigration @tchambers @snarfed I dont think it is automatic, someone from the other networks needs to try to follow you  @mastodonmigration @snarfed.org @snarfed one for @aras to review? @mastodonmigration @snarfed.org @snarfed i wonder what Germany so called ,,Datenschutzverordnung" has to say to this :sd_thinking:  @mastodonmigration @snarfed.org @snarfed Adding bsky.app to your blocked domains list might also be a good idea. @mastodonmigration @snarfed.org @snarfed Disgusting. I personally think this is a privacy violation. Sending an email or putting a hashtag is no guarantee. I'm an absolute non threads and non bluesky supporter so even if you gave me a billion, I still wouldn't be. Time to block things, I guess.   @mastodonmigration Or you can just block/suspend bsky.brid.gy it looks like? That's absolutely what I am doing, quick and easy. @mastodonmigration @snarfed just checking, @trumpet are there plans to block this on server level?    @mastodonmigration @snarfed.org @snarfed So how do you go about following a Bluesky account from the Fediverse, when the time comes? [at]account[at]bsky.brid.gy? And then it'll be two-way, right? They'll see my follow, and if I boost or favourite their posts, or reply, they'll see that too (and be able to reply back)? @mastodonmigration @snarfed.org @snarfed I don't see the point of Bluesky but when I post something on Mastodon, I want as many people as possible to see it. So sure, whatever.   @mastodonmigration @snarfed.org @snarfed Ryan's email address is public@ryanb.org I'm sharing this information publicly, but if he wants to opt out of having his email blasted across the internet, he can contact me by email. (Somehow.) @christianp Sorry if you're already aware, but this may be relevant to you as an instance admin. @mastodonmigration @snarfed.org @snarfed me caguen en la revenida concha de tu recontraputísima madre programador desgraciao, que nadie quiere estar en esa mierda de Bluesky, que noh dehe!! @mastodonmigration @snarfed.org @snarfed Entitled, unaware, unthinking, brutal, and the worst kind of complicit commodification of actual living beings . I hope you never *have to understand* why this is intrusive and aggressive. Make it opt-in, with extra consent sauce, or don't even test it.  @mastodonmigration @snarfed.org @snarfed Thanks. Done (#nobridge in profile). @mastodonmigration And I think the github-issue way is a nice one, documents that as well 😇 |
Gregory's Server
@mastodonmigration @snarfed.org @snarfed
That may not be completely legal if they vacuum in data from people who explicitly do not consent to it.
Imposing that entitled requirement doesn't make the legal problem go away.