Eight tips about consent for fediverse developers
https://privacy.thenexus.today/consent-for-fediverse-developers/
There's a difference in opinion in the #fediverse on whether it's important to get consent to use somebody's public posts for a purpose they didn't originally intend it for. Some think this is just fine, or that it's enough to assume consent and give people the ability to "opt out" and withdraw consent. Others think that these uses should require informed, affirmative, "opt in" consent.
The good news is that this means there's a huge opportunity for fediverse developers here. From a strategy perspective, focusing on opt-in can be a powerful way to add unique value to an underserved audience.
Less positively, though, that's not how everybody approaches it. So there's a long history of developers writing or proposing fediverse search engines, scrapers, bridges and other services that use people's public posts without opt-in consent ... and suddenly being in the middle of a firestorm of criticism and feedback.
So if you're a developer working on a fediverse app or service and want to get it right – or just don't want to be the center of the next firestorm – here are a few suggestions.<li>Consent matters, even for public posts</li><li>Get broad feedback before launching – and listen to it</li><li>Honor existing opt-in and opt-out mechanisms</li><li>Include an additional opt-in mechanism for your service if it's not just a search engine or profile discovery (or something very close to them)</li><li>Make sure to communicate that you're taking an opt-in approach and honoring existing mechanisms</li><li>DON'T say the things that developers who ignore consent typically say</li><li>Be extra careful if you're a cis guy</li><li>Look at opt-in as an opportunity for a potential competitive advantage</li>
[@fediversenews](https://venera.social/profile/fediversenews) [@fedidevs](https://venera.social/profile/fedidevs)
The Nexus of Privacy /
npub1a3…4ddka
2024-04-16 03:07:53
Author Public Key
npub1a3yqwn22umas5z6e5sseesxtkqxp2x4alac97se7e3env7k4q9lqp4ddkaPublished at
2024-04-16 03:07:53Event JSON
{
"id": "0740f78a3a57d2893c5f181a0f484135ba5db79b5f3b26357d096fa473120c53",
"pubkey": "ec48074d4ae6fb0a0b59a4219cc0cbb00c151abdff705f433ecc73367ad5017e",
"created_at": 1713236873,
"kind": 1,
"tags": [
[
"t",
"fediverse"
],
[
"p",
"6d9bd6c24f7f0010611d68b03ce9db4269ee438f3c74a3e2d70e968739caef04"
],
[
"p",
"0097a0fe2b0a3cc57a7a5229e22f08226b8df4d22c6a3cc357d581aa1db39086"
],
[
"proxy",
"https://infosec.exchange/users/thenexusofprivacy/statuses/112278691717684434",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://infosec.exchange/users/thenexusofprivacy/statuses/112278691717684434",
"pink.momostr"
]
],
"content": "Eight tips about consent for fediverse developers\n\nhttps://privacy.thenexus.today/consent-for-fediverse-developers/\n\nThere's a difference in opinion in the #fediverse on whether it's important to get consent to use somebody's public posts for a purpose they didn't originally intend it for. Some think this is just fine, or that it's enough to assume consent and give people the ability to \"opt out\" and withdraw consent. Others think that these uses should require informed, affirmative, \"opt in\" consent.\n\nThe good news is that this means there's a huge opportunity for fediverse developers here. From a strategy perspective, focusing on opt-in can be a powerful way to add unique value to an underserved audience.\n\nLess positively, though, that's not how everybody approaches it. So there's a long history of developers writing or proposing fediverse search engines, scrapers, bridges and other services that use people's public posts without opt-in consent ... and suddenly being in the middle of a firestorm of criticism and feedback.\n\nSo if you're a developer working on a fediverse app or service and want to get it right – or just don't want to be the center of the next firestorm – here are a few suggestions.\u003cli\u003eConsent matters, even for public posts\u003c/li\u003e\u003cli\u003eGet broad feedback before launching – and listen to it\u003c/li\u003e\u003cli\u003eHonor existing opt-in and opt-out mechanisms\u003c/li\u003e\u003cli\u003eInclude an additional opt-in mechanism for your service if it's not just a search engine or profile discovery (or something very close to them)\u003c/li\u003e\u003cli\u003eMake sure to communicate that you're taking an opt-in approach and honoring existing mechanisms\u003c/li\u003e\u003cli\u003eDON'T say the things that developers who ignore consent typically say\u003c/li\u003e\u003cli\u003eBe extra careful if you're a cis guy\u003c/li\u003e\u003cli\u003eLook at opt-in as an opportunity for a potential competitive advantage\u003c/li\u003e\n\n[@fediversenews](https://venera.social/profile/fediversenews) [@fedidevs](https://venera.social/profile/fedidevs)",
"sig": "f389c73ea7cc33789726ffb763076e3273a264b303b47055572678619ca12fe275ed52da956c20a15ec4cea1de0a73d20cfe6147a70ca3062ee17b26889b8653"
}