#OFFDEM

February 1st-2nd 2020 #BXL

An intersectional festival about collective practices & free technologies production.

Happy 20 years to @fosdem!

We're going to offload some devrooms and bring together hackers and activists.

#Tor #ActivityPub #JeuVidea #3TS #GNUragistes

https://ps.zoethical.org/c/cooperation/offdem

📺 Décolonisations
Three part documentary on Arte TV (in 🇫🇷 or 🇩🇪 with subtitles 🇬🇧 🇵🇱 🇪🇸 🇮🇹 )

arte.tv/fr/videos/RC-018323/de

@c24h29clo4 True. Very sloppy research. Maybe they also never read the "about/more" pages of the instances.

cauliflower morgan queenchandrelle 

cauliflower morgan queenchandrelle 

cauliflower morgan queenchandrelle 

Are they allowed to do this? According to the research paper they can do so because posts are public. Additionally the privacy policies of the instances don't explicitly disallow it (tip for instance admins). They also respected robots.txt (tip for instance admins) and they note that many intances' privacy policy is copy pasta of MS (tip for..). They also say that because they do not store and release personally identifiable data it complies with the EU GDPR.

However, they seem to assume the research subjects know their data is open for scraping by being public. This is not the same as *informed consent* which is required under GDPR.

Considering the outcry, it is clear informed consent was not given.

Even more problematic though is the data set they released. It consists of 6M public posts + metadata. While they hashed the author of each public post (What hashing algo though.. did someone already check that?) they left the link to the original post which contains the author. Here is an example of such link: post.lurk.org/@rra/10347508927

So this is clearly bad practice and a huge ethics and GDPR violation. In fact the data set has already been taken down. dataverse.harvard.edu/dataset.

@er1n and others prepared a letter of complaint on these grounds, see social.mecanis.me/@er1n/103472

The letter:
docs.google.com/document/d/15j

2/3

About the scrape (sunbeam.city/@puffinus_puffinu).

There is very little you can do about something like that happening to your toots. This is what 'public' posting means: your messages will get read by someone you don't agree with, in contexts that are different than originally intended, using means you dislike.

It is currently trivially easy to scrape the entire fediverse like the researchers did. So it will happen again.

If you are worried about your messages: first of all, don't put on-line what you don't want a random stranger to read. Your audience is always bigger than you imagine.

Second make more use of 'unlisted' and 'followers only' posting modes. The scrape made use of public timelines (http://<instance>/api/v1/timelines/public?local=true) and using these two visibility modes guards against that. This is easily circumvented by a follower bot though. Which is one of the reasons why some folks choose to manually approve their followers.

This stuff is pretty difficult to figure out and I do not at all wish to suggest it is your own fault if your data got scraped. It isn't. (Question is, did we as do enough to inform new users about the meaning and utility of these settings?)

So how about the researchers?

1/?

@liaizon yeah the module needs to be installed separate so what you see is a tiny fraction of the actual network

@eilis @netzzz @mathr @320x200 glad to hear it works! Still confused as to why it suddenly works again..

@netzzz @eilis @mathr @320x200

Sorry to hear about this!

For the other person who had this it just started working again at some point, so I don't know exactly what is causing this.

What browser are you on?

What do you see when you open the browser console (ctrl+shift+k on firefox) and reload the page?

Do you also get this issue with any of the mobile apps?

Downloaded 300MB backup of my media uploads to mastodon just so I could grep the 3MB text file in the archive for the boiler cheat code I posted last year and suspect I might be needing again soon (boiler controller is displaying strange messages, but no beeps yet, and heating is still operational...).

@eilis hey, sorry to hear. Did you try a hard refresh (ctrl+shift+r) of the browser? @jules you had something similar no? What worked for you in the end?

@sifr oh I have some notes I wanted to develop into a brief text. Should do that!

Show more

𝓻𝓻𝓪's choices:

post.lurk.org

Hometown is adapted from Mastodon, a decentralized social network with no ads, no corporate surveillance, and ethical design.