 I wrote up a blog post in an "intelligence brief" style for Meedan (where I work) talking about the current situation around verification of journalists and trusted institutions on federated social media. (Please read the whole thing before replying to me here, thanks. I will try to respond to replies but might not have time because this week is shaping up to be my busiest in a long time.) 39 comments
@darius this is why I chose a geographical server as opposed to an interest one. It’s nice to be in an online space that can conceivably go offline too @mkramer lol I finally understand what the triangle part means! (I know others on the server but not where they live so never made the connection)
[DATA EXPUNGED]
@darius good write up! Verified links seem like a useful part of the solution but an official work instance seems stronger. If the point of verification is to confirm that you’re an agent of your employer (eg a journo working for NYT) then it seems fine for that identity to be controlled by that employer? If you’re a freelancer, then some kind of limited / temporary right to asset that affiliation would seem useful? Both of these patterns have operated for long time in email.  @darius 100%. It creates verification AND gives other instances the choice to either support or deny that instance on their server. @darius at core is the idea that we have multiple identities, which seems useful. But perhaps a useful ability would be to assert that 2 identities are the same person, verified bidirectionally, so either party could sever it if something went awry. A UI that provided a pooled stream of all messages across several identities might also help, but is less of a protocol concern. @darius @sminnee haven't tried that myself, but I've seen someone say they connected two accounts on separate instances that way, and that got mutually verified. That seems logical since for some parts of the fediverse, outside of Mastodon, you need a different account. So would a chainlink of such verification be possible? @darius I hope brands do it though! A turnkey tiny server for just your brand account living on your brands domain name. Would that make sense? @ja2ke Yes 100%! Best part is if social.target.com hosts accounts for all their verticals, I can block em all in one go for my users @darius Why not have the employer support rel=me on an employee’s page at the employer website that links back to the employee’s mastodon instance? That would show the employee page link as verified, as long as they worked at that employer. This could also support freelancers who work for multiple employers. @darius So maybe media organizations either have individual journalists’ pages with HTML `rel="me"` links that the latter can link to, or a single “verified” page with the same. Staff or journalists can then link to that from their profile, and if either side wants to de-affiliate with the other they remove the attribute or the link entirely. @mjgardner yup, that is definitely the idea and one of multiple parallel solutions I'd like to see put in place!  @darius ah, OK. I'd somehow gotten it into my head that one or the other of those was some sort of blanket organization that most journalists belonged to, like a SAG for journalists. @darius This is something I've been thinking about. It seems that some way to have elevated access across servers would be useful? For example, my home is Server X, but I have an affiliation with Server Y and can browse its local posts/have some sort of indicator of affiliation. Please take this with the disclaimer that I've been at this for all of 48 hours and could well have a fundamental misunderstanding of key concepts. :) @james Yup! Affiliation-based protocols that work across servers are the way to go. The rel=me that I mention in the article is one reasonable current solution, and there are a few others I'd also like to see adopted and will be speaking to their designers @darius : I saw the follow-up preemptive note before I saw the original post. This makes much more sense with the article for context. 😆 Reading now.  Yes, and a company sponsored #Fediverse server instance might also be akin to a vertical silo too, in the sense that many employers want to own the copyright of anything published with tools or infra belonging to them. There's no need to do this at all though. Launch your own, say for example, #Soapbox or #Mitra server as a single instance or apply CC-BY -SA (or ND) licenses to your articles. ⛵ .  @darius I think the “personal email” versus “work email” thing is kind of the crux of the matter, though. Right now all of the journalism instances look too much like “personal email addresses where my fursona is journalism” and it would be nice to see at least *some* “work email addresses” show up in the Fediverse, especially for journalists expecting to use the Fediverse *for* work. Nobody expects the NYT to ask for a quote for tomorrow’s newspaper from cooljournodude12761@hotmail.com  @darius @wilkie I am unclear if you intended to leave things open-ended or not. It seems like you’re implying a world where, say, my local paper has a staff profile page for each journalist, which that journalist can use to fulfill the link verification interface. This way the paper wouldn’t have to have a their own fedi instance on their own domain and a journalist might be able to keep their same account on whatever instance if they move jobs to a different paper. Does that seem right? @benhamill @wilkie there are also proposals for robots.txt style solutions where a network admin could bulk verify any number of social media affiliations with their org  @darius Publishers should allow their contributors to add rel="me" links to their profiles, or at least to the metadata of their profiles. In the spirit of PoC Or GTFO, a proof of concept: https://github.com/mckinnon/simple-mastodon-verification/blob/main/README.md @darius Good piece 👌🏽 These are exciting challenges. I think something more or less like Backchannel (https://www.inkandswitch.com/backchannel/) might work in theory although, of course, it doesn’t seem like it has been tested at scale yet.
[DATA EXPUNGED]
@darius I'll be reading this in a few, but I had to chime in after your name popped up. It's been forever since the Turbine days/daze. |
Gregory's Server
One thing I'll preemptively put here is that often people say "Isn't the solution for a newspaper to run, say, social.nytimes.com and the journalists have accounts on there?"
That works for some subset of verification but consider:
- freelance journalists who need an *affiliation* verified but are not employees
- what happens when your employer owns your entire social media presence (you'd want to separate identities similar to how you in theory don't use work email for personal stuff)