I think there’s been a lot of talking past each other on privacy lately because there are so many layers to it.

Google or Dropbox keeping your cloud files from showing up on someone else’s drive or a public share is one layer. Keeping your data from leaking in a data breach is another. Protecting messages in transit from your device to their service. Google and Meta (Facebook, Instagram, and now Threads) are good at those.

But then there’s ensuring that Google or Meta doesn’t misuse it themselves, or sell it to someone who will.

And, well, to put it mildly, they’re not so big on that aspect!

Social networks should make sure things like your location and real identity don’t leak unless you’re sharing them deliberately. Same with making sure your followers-only posts don’t get sent to the general public.

Send someone an email through Gmail, and you know Google’s not going to leak the message contents. But without checking their privacy policy, you don’t know if Google’s going to train an AI model, or extract keywords for targeted advertising, or whether it’s going to sell that extracted information to a data broker.

And regardless of what the service itself does to keep the content from leaking, you can’t prevent the recipient from using it in a way you don’t want them to. Whether it’s a followers-only post, or a private email, or a phone call or a chat log, it’s always possible the person on the other end might record, forward, print, screenshot, or stand on a crate and recite it in the literal town square.

Meta vs. Twitter

I don’t trust Meta not to misuse any data they get. If I say on Facebook that I like cheese, or put a picture of a cheese wheel on Instagram, I fully expect them to correlate my current GPS location with every cheese shop, deli and grocery store in a 10 mile radius and figure out which one will pay the most for an ad. But if I post it friends-only, I do trust them not to show the post to other people on Facebook, and I do trust Zuckerberg to not post a screenshot of it while disparaging my taste in food.

I don’t trust Twitter at all at this point. Not to keep private messages from showing up on my public profile. Not to keep their data off of unsecured S3 buckets. And I don’t trust its owner not to post screenshots of my direct message to someone about cheese recommendations while saying I’m no Gouda and trying to spark a culture war over the choice of cheddar vs. Swiss.

(Side note: Musk is really living down to the BOFH* stereotype.)

When In Doubt, Leave It Out

Of course the most basic layer of privacy:

Not collecting data it doesn’t need to do what you’re asking it to do.

Directions to a nearby bookstore? Please, start from my current location!

Buying a book online? No. I’ll give you my billing and shipping address, but you don’t need to know where I am right now.

Unfortunately, gathering all the, well, metadata is the core of the surveillance capitalism business model.


One of the nice things about most Fediverse platforms is that they don’t try to vacuum up all the extra data about you. At least not by default. It doesn’t stop someone from creating their own read-all-your data fork of Mastodon, or a new app (*ahem* Threads), but the major stock platforms mostly just collect what they need to move your posts around the net.

But of course there’s wide variation in how well the data it does collect is protected, depending on admin knowledge, hosting provider, whether the site admin or software developer can be reached when someone discovers a vulnerability at 3am Sunday morning in their timezone, etc.

That said, an admin getting raided by the FBI for unrelated reasons while troubleshooting your instance’s database (as happened to kolectiva) isn’t a *common* occurrence.

The New Batch

I briefly considered whether I wanted to take a look at Threads. But then I realized I really had no interest in it.

I’m curious about Bluesky because it’s taking a different approach. I tried out nostr because it’s taking a really different approach.

But Threads is basically Instagram minus photos, or non-federating Mastodon (now with more surveillance!), or Twitter with a more…measured corporate master. There’s nothing to grab me unless friends move there.

Other Fediverse platforms are still appealing because they’re in the same problem space but optimizing for different cases. That’s why I’m on BookWyrm for book reviews/discussion, (@KelsonReads@bookwyrm.social), Lemmy for link sharing/discussion (@KelsonV@lemmy.world) and Pixelfed for photos (@KelsonV@pixelfed.social) along with Mastodon (@KelsonV@wandering.shop). That’s why I’ve experimented with Calckey and Akkoma and Takahē, and why I’m leaning towards Gotosocial if I move to a self-hosted instance as my primary. (Update: I’ve done just that, setting up as @kelson@notes.kvibber.com.)

Anyway…I’m going to try to keep to the advice of posting mostly about what I like rather than mostly about what I don’t, and try to keep mentions of Twitter, Threads and so on to a minimum.

Except those “so many social medias!” memes. I’ll keep boosting them as long as they’re still funny!

Originally posted on Mastodon over several days as I thought of things to add. Here’s the thread start.

*BOFH: Bastard Operator From Hell, a cranky sysadmin who disdained the mere “lusers” on his network and felt no remorse over abusing his ability to screw with their accounts however he wanted to, whenever he wanted to. Often presented as the protagonist. 🤦‍♂️

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.