@kissane Yes, agreed. This whole meta-topic probably requires a blog post.

... that blog post might very well be already written. I haven't made time to digest the whole thing, but I think https://privacy.thenexus.today/unsafe-by-design-and-unsafe-by-default/ touches on some of this.

(... I think the nut of the issue is "Protocol is behavior. If we want to be able to distinguish acceptable and unacceptable scraping, that has to be representable in the protocol; chasing every novel client and asking "Are you scraping me without my consent?" will not scale when "A node is allowed to scrape a subset of your node to clone topics and posts" is core to Mastodon's design).