Anyone who follows Techdirt knows we’re very interested in the progress of Bluesky, the decentralized social network that embraces our concept of protocols over platforms. Bluesky recently ended its invite-only beta and opened its doors to the public, so it seems like a great time for a check-in, and who better to check in with than Bluesky CEO Jay Graber? Jay joins us on this week’s episode for a discussion about Bluesky’s progress and what the future holds.
Somehow I missed this (and I’m surprised it didn’t get much attention) but last month was the 25th anniversary of the Digital Millennium Copyright Act (DMCA) being signed into law. I only spotted it because The Register just had an article looking back at 25 years of the DMCA.
Given how central to various internet debates the DMCA was for the first decade of the 2000s, it’s kind of amazing how little attention it has received over the past few years, as more and more attention has shifted away from the DMCA and towards other aspects of internet policy, from Section 230 of the CDA to new attempts to regulate the internet like KOSA or the Earn It Act.
But, the DMCA is still a really important law, and its history is important as well. While many people know that the DMCA was passed to get the US in compliance with the 1996 World Intellectual Property Act, the reality is more nefarious and problematic. Bruce Lehman, the Assistant Secretary of Commerce and USPTO boss under President Bill Clinton, effectively created the concept of the DMCA in the early 90s, and was unable to get Congress to pass it.
As he (somewhat gleefully) admitted at a conference 10 years ago (on the 15th anniversary), he deliberately then went to Geneva to engineer the WIPO Copyright Treaty to force the US Congress to endorse his DMCA concept. This sort of policy laundering through international treaties has become important, especially on the copyright front, even as it raises serious questions about sovereignty.
In the early 2000s, the internet freedom crowd universally hated the idea of the DMCA and called for it to be revoked. However, as time has gone by, it’s become clear that while the DMCA is mostly problematic, there are a few elements that have been helpful to the internet (hint: they’re the parts that the legacy copyright industry is still trying desperately to change).
The DMCA had two major components that people talk about: 1201 and 512. There were other parts of the law, but they were kind of meaningless unless you’re interested in vessel hull designs and stuff.
512 is the part that probably is most well known and gets talked about most often. It’s the part with the “safe harbors” that say that if you host user generated content and have a registered DMCA agent with the Copyright Office, if a copyright holder finds an infringing work on your platform, they can send a takedown notice to get it taken down, and if you then take it down (the uploader can counternotice), then you can’t be held liable for the alleged infringement.
This setup has a few pros, but many cons. On the plus side, it made it safe for websites to allow people to post all kinds of content without (much) fear of a copyright lawsuit. To some extent, it helped make it possible for social media and other user-generated content sites to exist. On the minus side, though, it basically became a tool for mass censorship. Because it was basically the only law around that was structured in a way that put tremendous pressure on websites to remove content upon merely a notice, the DMCA takedown process has been regularly abused to remove (or attempt to remove) all kinds of non-infringing content.
I still think that the DMCA’s notice-and-takedown provisions create a huge 1st Amendment problem, in that they put tremendous government pressure on websites to remove content based entirely on the say-so of whoever wants the content removed, and not based on an official adjudication by a court as to whether or not something is actually infringing. In practice that has meant a ton of overblocking.
For what it’s worth, the boundaries of 512’s safe harbors were also somewhat unclear, which has resulted in a bunch of litigation about just how much it actually protects, including the famous case filed by Viacom against YouTube, which YouTube eventually won (though, hilariously, at one point Viacom was forced to admit that about 100 of the videos it was suing over, it had uploaded itself). That case helped to establish that the 512 safe harbors really did protect sites like YouTube.
Of course, in the years since, the copyright industry has continued to sue, and they continue to act like the DMCA actually requires universal licensing, even though it literally does not.
It still seems that it would have been much clearer, smarter, better, and more in-line with the 1st Amendment, if we didn’t have a separate DMCA safe harbor (which requires sites to meet certain conditions, and abide by takedown demands to retain the safe harbor), and just included copyright law under Section 230 of the Communications Decency Act. Section 230 currently exempts intellectual property law, which is why the copyright claims fall under the DMCA safe harbors, rather than 230’s broad immunity. But if copyright claims were covered by 230, it would be much clearer that websites are protected.
So, to a large extent, 512 has been problematic, in that it has enabled the vast suppression of protected speech, and has also resulted in a ton of lawsuits over its boundaries. But, for the most part, the lawsuits have been decided in ways that protect the internet and speech. And, getting rid of 512 would probably make things much worse (unless Section 230 was changed to cover copyright, which seems unlikely to happen). On top of that, most proposed changes to 512 would inevitably make it much, much worse.
Then there’s Section 1201. That’s the anti-circumvention part of the DMCA, and seems to be almost entirely evil. This is the DRM part of the law, that basically said doing anything related to getting around “technical protection measures,” was itself copyright infringement, even if the reason you were getting around the “TPM” had nothing whatsoever to do with copyright infringement.
This has resulted in all sorts of nonsense, and serves no real purpose other than to enable companies to abuse the law to enable lock-in and remove consumer rights. The weak triennial review process, by which the Librarian of Congress agrees to exempts certain technologies from 1201 has gotten better over time, but has not fixed the fundamental problems of 1201, which is inherently a law that says you can’t modify products you actually own.
I still think that on the whole, the DMCA has been mostly negative, but the safe harbors have at least served to make at least parts of the internet good, enabling many of the online services we all enjoy today to exist (even if the lawsuits killed a few companies along the way). I also think that any attempt to open it up today would almost certainly result in something way, way, way worse.
However, I do wish that as more and more lawmakers (not just in the US, but around the world), keep moving towards DMCA-like approaches to other kinds of content, that they would actually take a look at just how disastrous the notice-and-takedown provisions of the DMCA have been for protected speech, and how widely abused they are to take down valuable, protected speech.
We’ve got a another cross-post episode for you this week, on a subject near and dear to our hearts: protocols over platforms, and restoring decentralization online. Mike recently joined Danny O’Brien on the DWeb Decoded podcast to talk all about these topics, as well as tell a little story about Danny’s role in the founding of Techdirt, and you can listen to the whole conversation here on this week’s episode.
A few weeks ago I wrote about an interview that Substack CEO Chris Best did about his company’s new offering, Substack Notes, and his unwillingness to answer questions about specific content moderation hypotheticals. As I said at the time, the worst part was Best’s unwillingness to just own up to what he was saying were the site’s content moderation plans, which was that they would be quite open to hosting the speech of almost anyone, no matter how terrible. That’s a decision that you can make (in the US at least), but if you’re going to do that, you have to be willing to own the decision that you’re making and be clear about it, which Best was unwilling to do.
I compared it the “Nazi bar” problem that has been widely discussed on social media in the past, where if you own a bar, and don’t kick the Nazis out up front, you get the reputation as a “Nazi bar” that is difficult to get rid of.
It was interesting to see the response to this piece. Some people got mad, claiming it was unfair to call Best a Nazi, even though I was not doing that. As in the story of the Nazi bar, no one is claiming that the bar owner is a Nazi, just that the public reputation of his bar would be that it’s a Nazi bar. That was the larger point. Your reputation is what you allow, and if you’re taking a stance that you don’t want to get involved at all, and you want to allow such things, that’s the reputation that’s going to stick.
I wasn’t calling Best a Nazi or a Nazi sympathizer. I was saying that if he can’t answer a straightforward question like the one that Nilay Patel asked him, Nazis are going to interpret that as he’s welcoming them in, and they will act accordingly. So too will people who don’t want to be seen hanging out at the Nazi bar. The vaunted “marketplace of ideas” includes the ability for a large group of people to say “we don’t want to be associated with that at all…” and to find somewhere else to go.
And this brings us to Bluesky. I’ve written a bunch about Bluesky going back to Jack Dorsey’s initial announcement which cited my paper among others as part of the inspiration for betting on protocols.
As Bluesky has gained a lot of attention over the past week or so, there have been a lot of questions raised about its content moderation plans. A lot of people, in particular, seem confused by its plans for composable moderation, which we spoke about a few weeks ago. I’ve even had a few people suggest to me that Bluesky’s plans represented a similar kind of “Nazi bar” problem as Best’s interview did, in particular because their initial reference implementation shows “hate speech” as a toggle.
I’ve also seen some people claim (falsely) that Bluesky would refuse to remove Nazis based on this. I think there is some confusion here, and it’s important to go deeper on how this might work. I have no direct insight into Bluesky’s plans. And they will likely make big mistakes, because everyone in this space makes mistakes. It’s impossible not to. And, who knows, perhaps they will run into their own Nazi bar problem, but I think there are some differences that are worth exploring here. And those differences suggest that Bluesky is better positioned not to be the Nazi bar.
The first is that, as I noted in the original piece about Best, there’s a big difference between a centralized service and its moderation choices, and a decentralized protocol. Bluesky is a bit confusing to some as it’s trying to do both things. Its larger goal is to build, promote, and support the open AT Protocol as an open social media protocol for a decentralized social media system with portable identification. Bluesky itself is a reference app for the protocol, showing how things can be done — and, as such it has to do content moderation tasks to avoid Bluesky itself running into the Nazi bar problem. And, at least so far, it seems to be doing that.
The team at Bluesky seems to recognize this. Unlike Best, they’re not refusing to answer the question, they’re talking openly about the challenges here, but so far have been willing to remove truly disruptive participants, as CEO Jay Graber notes here:
But, they definitely also recognize that content moderation at scale is impossible to do well, and believe that they need a different approach. And, again, the team at Bluesky recognizes at least some of the challenges facing them:
But, this is where things get potentially more interesting. Under a traditional centralized social media setup, there is one single decision maker who has to make the calls. And then you’re in a sort of benevolent dictator setup (or at least you hope so, as the malicious dictator threat becomes real).
And this is where we go on a little tangent about content moderation: again, it’s not just difficult. It’s not just “hard” to do. It’s impossible to do well. The people who are moderated, with rare exceptions, will disagree with your moderation decisions. And, while many people think that there are a whole bunch of obvious cases and just a few that are a little fuzzy, the reality (this is part of the scale part) is that there are a ton of borderline cases that all come down to very subjective calls over what does or does not violate a policy.
To some extent, going straight to the “Nazi” example is unfair, because there’s a huge spectrum between the user who is a hateful bigot, deliberately trying to cause trouble, and the good helpful user who is trying to do well. There’s a very wide range in the middle and where people draw their own lines will differ massively. Some of them may include inadvertent or ignorant assholery. Some of it may just include trolling. Or sometimes there are jokes that some people find funny, and others find threatening. Sometimes people are just scared and lash out out of fear or confusion. Some people feel cornered, and get defensive when they should be looking inward.
Humans are fucking messy.
And this is where the protocol approach with composable moderation becomes a lot more interesting. On the most extreme calls, the ones where there are legal requirements, such as child sexual abuse material and copyright infringement, for example, those can be removed at the protocol level. But as you start moving up into the more murky areas, where many of the calls are subjective (not so much: “is this person a Nazi” but more along the lines of “is this person deliberately trolling, or just uninformed…”) the composable moderation system begins to let (1) the end users make their own rules and (2) enable any number of 3rd parties to build tools to work with those rules.
Some people may (for perfectly good reasons, bad reasons, or no reasons at all) just not have any tolerance for any kind of ignorance. Others may be more open to it, perhaps hoping to guide ignorance to knowledge. Just as an example, outside of the “hateful” space, we’ve talked before about things like “eating disorder” communities. One of the notable things there was that when those communities were on more mainstream services, people who had gotten over an eating disorder would often go back to those communities and provide help and support to those who needed it. When those communities were booted from the mainstream services, that actually became much more difficult, and the communities became angrier and more insulated, and there was less ability for people to help those in need.
That is, there will still need to be some decision making at the protocol level (this is something that people who insist on “totally censorship proof” systems seem to miss: if you do this, eventually the government is going to shut you down for hosting CSAM), but the more of the decision making that can be pushed to a different level and the more control put in the hands of the user, the better.
This allows for more competition for better moderation, first of all, but also allows for the variance in preferences, which is what you see in the simple version that Bluesky implemented. The biggest decisions can be made at the protocol level, but above that, let there be competitive approaches and more user control. It’s unclear exactly where Bluesky the service will come down in the end, but the early indications from what’s been said so far are that the service level “Bluesky” will be more aggressive in moderating, while the protocol level “AT Protocol” will be more open.
And… that’s probably how it should be. Even the worst people should be able to use a telephone or email. But, enabling competition at the service level AND at the moderation level, creates more of the vaunted “marketplace of ideas” where (unlike what some people think the marketplace of ideas is about), if you’re regularly a disruptive, disingenuous, or malicious asshole, you are much more likely to get less (or possibly no) attention from the popular moderation services and algorithms. Those are the consequences of your own actions. But you don’t get banned from the protocol.
To some extent, we’ve already seen this play out (in a slightly different form) with Mastodon. Truly awful sites like Gab, and ridiculously pathetic sites like Truth Social, both use the underlying ActivityPub and open source Mastodon code, but they have been defederated from the rest of the fediverse. They still get to use the underlying technology, but they don’t get to use it to be obnoxiously disruptive to the main userbase who wants nothing to do with them.
With AT Protocol, and the concept of composable moderation, this can get taken even further. Rather than just having to choose your server, and be at the whims of that server admin’s moderation choices (or the pressure from other instances which keeps many instances in check and aligned), the AT Protocol setup allows for a more granular and fluid system, where there can be a lot more user empowerment, without having to resort to banning certain users from using the technology entirely.
This will never satisfy some people, who will continue to insist that the only way to stop a “bad” person is to ban them from basically any opportunity to use communications infrastructure. However, I disagree for multiple reasons. First, as noted above, outside of the worst of the worst, deciding who is “good” and who is “bad” is way more complicated and fraught and subjective than people like to note, and where and how you draw those lines will differ for almost everyone. And people who are quick to draw those lines should realize that… some other day, someone who dislikes you might be drawing those lines too. And, as the eating disorder case study demonstrated, there’s a lot more complexity and nuance than many people believe.
That’s why a decentralized solution is so much better than a centralized one. With a decentralized system you don’t have to be worrying about yourself getting cut out either. Everyone gets to set their own rules and their own conditions and their own preferences. And, if you’re correct that the truly awful people are truly awful, then it’s likely that most moderation tools and most servers will treat them as such, and you can rely on that, rather than having them cut off at the underlying protocol level.
It’s also interesting to also see how the decentralized social media protocol nostr is handling this as well. While it appears that some of the initial thinking behind it was the idea that nothing should ever be taken down, it appears that many are recognizing how impossible that is, and they’re now having really thoughtful discussions on “bottom up content moderation” specifically to avoid the “Nazi bar” problem.
Eventually in the process, thoughtful people recognize that a community needs some level of norms and rules. The question is how are those created, how are they implemented, and how are they enforced and by whom. A decentralized system allows for much greater control by end users to have the systems and communities that more closely match their own preferences, rather than requiring the centralized authority handle everything, and be able to live up to everyone’s expectations.
As such, you may end up with results like Mastodon/ActivityPub, where “Nazi bar” areas still form, but they are wholly separated from other users. Or you may end up with a result where the worst users are still there, shouting into the wind with no one bothering to listen, because no one wants to hear them. Or, possibly, it will be something else entirely as people experiment with new approaches enabled by a composable moderation system.
I’ll add one other note on that, because there are times when I’ve discussed this that people highlight that there are other forms of harassment or other kinds of risks beyond direct harassment. And just blocking a user does not stop them from harassing or encouraging or directing harassment against another. This is absolutely true. But, this kind of setup does also allow for better tooling for potentially monitoring such a thing without having to be exposed to it directly. This could take the form of Block Party’s “lockout folder” where you can have a trusted third party review the harassing messages you’ve been receiving rather than having to go through it yourself, or, conceivably. other monitoring and warning services could pop up, that could track people who are doing awful things, try to keep them from succeeding, and alert the proper people if things require escalation.
In short, decentralizing things, and allowing many different approaches, and open systems and tooling doesn’t solve all problems, but it presents some creative ways to handle the Nazi Bar problem that seem likely to be a lot more effective than living in denial and staring blankly into the Zoom screen as a reporter asks you a fairly basic question about how you’ll handle racist assholes on your platform.
Over the last couple of weeks there have been a number of interesting developments regarding protocol-based, decentralized social media, and each time I plot out an article about it, something else pops up to add to the story, including Thursday evening as I finally started writing this and news broke that Meta (parent company of Facebook and Instagram) is at least in the early stages of creating an ActivityPub-compatible social media protocol and app, that it considers to be something of a Twitter competitor.
Meta, the parent firm of Facebook and Instagram, is hashing out a plan to build a standalone text-based content app that will support ActivityPub, the decentralised social networking protocol powering Twitter rival Mastodon and other federated apps, people familiar with the matter told Moneycontrol.
The app will be Instagram-branded and will allow users to register/login to the app through their Instagram credentials, they said. Moneycontrol has seen a copy of an internal product brief that elaborates on the functioning and various product features of the app.
“We’re exploring a standalone decentralized social network for sharing text updates,” the company told Platformer exclusively in an email. “We believe there’s an opportunity for a separate space where creators and public figures can share timely updates about their interests.”
I’m at least a little amused, because I’ve had multiple conversations with Meta/Facebook execs over the years regarding my “Protocols, Not Platforms” paper, explaining to them why it would make sense for the company to explore the space, and was told repeatedly why they didn’t think it would ever make sense for a company like Meta.
How times change.
Back in December, we predicted this sort of thing, asking when ActivityPub might have its “Gmail moment” and discussing how Google single-handedly changed email when it entered the market with Gmail on April 1, 2004.
And in the last couple of weeks there have been a bunch of really interesting moves from companies with long internet histories. It started last week when news aggregator Flipboard announced not just a tepid ActivityPub integration, but that it was going to fully embrace it. Flipboard founder Mike McCue stopped by my office the day before to talk about the company’s plans, and this isn’t just a random side-project. McCue recognizes that betting on protocols is the way to bring back the promise of the early internet, and taking us away from being solely reliant on internet giants. While early on, the company has already launched its own instance for Flipboard users to sign up (if they’re not already on another instance), and deeply integrated Mastodon into the app in ways that feel completely organic and natural (to the point that I, as a lapsed Flipboard user, have begun exploring the app again).
Days later, the ever popular site for hosting long-form writing, Medium (which was founded by Twitter and Blogger co-founder Ev Williams) announced that it, too, had launched its own Mastodon instance at me.dm for members of its $5/month premium subscription.
And, just around the time that the Meta news became public, Mozilla (which had previously announced such plans) turned on its own instance, mozilla.social.
All of these are important moves, and all of them happening within a two week period suggests that momentum is building towards recognizing how important a protocol-based world is, over a centralized-siloed world.
Also, having these larger companies embrace the space will do a bunch of important things to drive a protocol-driven world forward. For starters, they will hopefully help with the onboarding process — one of the major things that new users complain about in trying to get set up with Mastodon. The dreaded “but what server should I use?” question seems to stump many — but with more recognized and trusted brands entering the space, that question becomes less of an issue.
With these companies entering the fediverse, we’re also likely to see much greater improvement in other areas as well, including new efforts to improve features and UI. We’ve already seen a bunch of mobile and web app developers creating more beautiful front ends for Mastodon, but I’m expecting a lot more of that as well.
I also expect that this will filter down into the core code and protocol. With more companies working to join the fediverse, it creates something of a virtuous cycle that should benefit the wider space. It also should allow for much greater experimentation with new ideas and features (and that might lead to busting some old myths that resulted in poor initial design choices).
There are also lots of important features — especially tools for admins — that really haven’t received nearly enough attention and development, and having these bigger companies, who understand the space and the need, will hopefully spur more development.
Of course, as noted, as I started to plan out this article, I was mostly focused on the companies like Flipboard, Medium, and Mozilla and their efforts. All three have been extremely respectful in how they’ve been exploring and entering the fediverse. All three seemed to focus on participating and listening as they figured out their plans, and doing so in a way that fits with the fediverse, rather than trying to bend it to their will (and even so, they did upset some people).
Meta, somewhat obviously, is a bit of a different beast. And certainly some on Mastodon and other ActivityPub platforms are worried. I’d argue, however, that Meta embracing ActivityPub is a phenomenal thing. First: it’s validation. It shows that Meta recognizes that something is happening. Second, everything I noted above about spurring needed improvements also applies here and Meta could provide a lot of help. Third, even as there are some who want to keep Mastodon smaller, if it’s really going to thrive, it needs to continue to grow and be introduced to more people. The nice thing about the fediverse is that you can craft it to meet your own needs, so if you really want to keep it small, there are ways for you to do that yourself, and create a smaller community.
But the biggest reason why I think it’s so important that Meta is now even willing to explore the fediverse, is because it shows (as my paper suggested) that the largest most siloed companies can absolutely benefit from moving away from that model and towards a more open, distributed, protocol-based world. The old Twitter had suggested that could be the case when it embraced protocols and set up the independent Bluesky project, which Jack Dorsey and Parag Agrawal intended to eventually replace Twitter’s infrastructure. But seeing Meta explore it as well is obviously even bigger. And, honestly, I’d be shocked if Google weren’t similarly playing around with something.
Of course, this is Meta we’re talking about. There’s just as much likelihood that P92 never amounts to anything. There’s also the possibility that Meta tries the old “embrace, extend, extinguish” playbook of Microsoft. However, one of the nice things about ActivityPub is that it should be somewhat resistant to such efforts. And, as such, it also creates its own incentives to keep companies like Meta in check. Because if it starts acting “evil,” then the fact that it’s easy to move elsewhere (without losing contact with everyone) acts as a natural pressure valve, creating incentives to keep even the most evil companies in check.
And, speaking of Bluesky, last week, it also opened the (invite-only, currently) doors to the beta version of its app. While I’m excited about ActivityPub and Mastodon, I’m also excited about Bluesky. As I’ve discussed, the folks working on it are incredibly thoughtful in how they’ve been approaching this, and I think that the underlying AT protocol they’ve created actually solves many of the protocol-level limitations found in ActivityPub that have frustrated some folks in the fediverse. I believe that the Bluesky team explored ActvityPub and recognized its limitations, and that was the reason it chose to work on AT Protocol instead.
I do wonder, however, if Bluesky is going to end up deciding that it somehow needs to embrace ActivityPub in some form or another as well, especially as it has been building a larger and more entrenched userbase (which may continue to grow as more companies move in). I’m still optimistic about Bluesky, because I think the approach is even better than ActivityPub, but in the end, having a critical mass of users is the most important thing.
All that said, this much activity in the last few weeks shows that protocol-based social media is having a moment. I’m not saying that it’s the moment that inevitably leads to a bigger shift in how we view the internet, because it could still all come crashing down. But, something’s happening, and it’s pretty exciting.
And it brings me back to a question I asked a few months ago: why would anyone spend time embracing/using another centralized social media service after this? This is your opportunity to contribute to a better future internet. For all the complaining about “big tech” and the lack of competition, here’s the chance to make a difference, to embrace an internet that is more about the users than the companies, where power and control are moved to the ends of the network (the users) rather than the owners of the walled gardens.
There’s a real opportunity now to help make that better future. I recognize that there’s a decent contingent of cynical people out there who keep telling me it will never work, and we’re all locked into this world of big awful companies. And, who knows, perhaps things will go that way. But, why give in to that when there’s at least a real chance for something better? Something that more approximates the end-to-end internet we were promised?
Something is happening right now, and its success or failure is dependent on what people do next. So why would we not join in and try and build something better? Join a fediverse instance, encourage others to join, or even create your own. Participate in the myriad discussions about how to make things better for everyone. Generate ideas of how the technology can be put to use for good, and then put those ideas into action.
So, it’s been quite a year for legacy, centralized social media — and all without any really big change to the laws that govern it (yet — the EU’s are coming into force shortly, but possibly too late to matter). Meta seems to be collapsing into its own gravity. Twitter has been taken over by the equivalent of a stoned ChatGPT (very confident, but very wrong) and seems to be rapidly driving the company off a cliff. Turns out maybe we didn’t need antitrust reform: we just needed two obscenely rich tech CEOs to be totally out of touch with humanity.
Of course, into the void, competitors are appearing. There were a few small ones that were already around that have sought to jump into the limelight, including things like Hive and Tribel. And then there have been some other upstarts that are rushing to try to be the “new Twitter” like Post, T2 and Spoutable.
But, really, after all this, I cannot fathom how anyone can possibly get all that excited about joining yet another centralized social media site. Perhaps I’m biased (note: I am biased) because it was my frustration with the problems of these big, centralized social media services that made me write my Protocols, Not Platforms paper a few years ago. But, after all of that, the big question that kept coming up about it was “sure, but how would you get anyone to actually use it.”
For years I had argued that the best bet was for one of the big companies to embrace this model and move away from a centralized model to a decentralized protocol setup. Because, it’s one thing to build a decentralized social media protocol (lots of people have tried). But it’s another thing altogether to get people to use it (lots of people have failed). So, it was exciting when Jack Dorsey announced that Twitter was looking to do exactly that. The Bluesky project has continued to move forward, despite all this mess, though it seems like quite the longshot that Twitter will ever adopt it. I’m still excited about the possibilities for it though.
But, really, what’s been fascinating over the past two months has been the rapid resurgence of the fediverse/ActivityPub, with most people focused on Mastodon, one useful and more widely adopted open source software to create a federated social network.
For years, whenever people talked to me about the protocols, not platforms approach to things, and asked about ActivityPub, I frequently downplayed it and brushed it off as less serious. My vision wasn’t about federation (where you basically have a large number of “mini” centralized players who can all talk to each other), but something that was truly decentralized, where you controlled your own data, and could choose who can connect to it.
However, with millions of new active users rushing into Mastodon, I’m forced to reevaluate that. I think I may have become too focused on what I saw of as the limits of a federated setup (putting yourself into someone else’s fiefdom), without recognizing that if it started to take off (as it has), it would become easier and easier for people to set up their own instances, allowing those who are concerned about setting up in someone else’s garden the freedom to set up their own plot of land.
And then, the more I thought about it, the more I realized that it was likely bigger players would enter the market as well. I’ve started wondering about when Mastodon/ActivityPub might have its “Gmail moment.” Some people may not remember, but Google entering the webmail space on on April 1, 2004 completely upended the concept of email. It was so different and so much more useful, that many people legitimately thought it was a classic April Fool’s joke. Prior to that, you either had clunky email from your ISP or you used a slow and complicated webmail provider that would charge you if you used more than 10Mb of storage. And then Gmail showed up with a clean interface, that focused on tags (rather than folders) and drag and drop and (*gasp*) 1 gig of storage. And the entire email space changed overnight.
It seems likely to me that something similar likely could happen with Mastodon. Maybe even Google could do it with their own instance. Or possibly someone brand new. Or maybe someone old. Yesterday, Mozilla announced plans to offer a publicly accessible instance. And that seems like a milestone moment. Automattic (who hosts Techdirt), the owners of Tumblr, have said that Tumblr will add support for ActivityPub as well.
Both of those seem like big moves. Not that Mastodon needs giant players to validate it. It’s doing just fine on its own. But one of the big complaints some people have is that they don’t know which instance to sign up with, and the whole sign up process seems confusing. Most people who get past that initial concern and just choose an instance and start playing around figure it all out, but even that mental cost of having to pick in instance likely scares off a bunch of people it shouldn’t. Having a few “mainstream” instances that new users can be directed to seems like it will be really useful.
Also, having some bigger companies developing for ActivityPub can also be useful. Just in the last couple months there has been a fairly astounding set of new Mastodon tools and apps popping up, but, again, having a big “Gmail moment” where things start to expand to another level can only help.
Mastodon obviously isn’t perfect, and it has some very real issues. Content moderation questions don’t go away, obviously, They just become somewhat different (and somewhat the same). But I’ve been surprised at how quickly the fediverse has already been evolving. I’ve certainly run across some trolls and spammers, but often they disappear incredibly quickly. Earlier this week, I even had an instance admin reach out to me to apologize for a troll who had been hassling me, which was a different kind of experience than on any other social media site.
There remain some pretty big questions regarding scaling, but so far, I’ve been pleasantly surprised at how it’s all gone. There are certainly a lot of other questions regarding legal issues for instance operators. I hope that those running instances take those issues seriously, and do basic things like register a DMCA agent. But it’s increasingly seeming like it might even work?
At least on a personal level, Mastodon currently feels like Twitter around the year 2010, when it was… just fun?
Either way, I’m now much more interested in how the federated system could actually fulfill the promise of the protocols, not platforms vision. Whereas before I had feared the many fiefdoms still involved giving up too much control, the ease for individuals or small groups to set up their own instance has me reconsidering that. I can’t find it now, but I saw someone joke something along the lines of the progression Mastodon users go through is something along the lines of 1. Wait, I have to pick an instance? What is that, how do I choose? 2. Oh, I see, this isn’t that complicated. 3. I am so freaking excited to try to run my own instance.
That may be an exaggeration, but many people do quickly realize the cool aspects of federation, which allows for a balance between “I don’t want to have to do everything myself” and “oh, hey, I can do everything myself if I want to.”
That said, I’m still quite interested in other, even more decentralized ideas out there. I’m excited to play with Bluesky when it’s finally available. And over the past few days I’ve been playing around with nostr, a very, very early, and very, very basic (but extraordinarily simple) new distributed social media protocol that is based on clients and relays. Jack Dorsey (who has been pushing Bluesky, obviously) is also super excited about nostr and has said he thinks it’s the realization of my paper. I wouldn’t go that far, but I would say it’s been really fun to play around with, if you don’t mind the fact that it is super, super buggy and probably not very clear for the less technical users. If Mastodon feels like Twitter in 2010, nostr feels like Twitter in the summer of 2006.
All that is to say… there’s a lot of fun and interesting development going on none of which relies on a big centralized, VC backed social media company. While those are rushing in to try to fill the void… I’m kinda wondering why would anyone invest in building up a social graph and content on one of those?
We have a chance, collectively, to avoid the mistakes of the last decade and a half. We have an opportunity to not put ourselves (and our data) onto someone else’s farm. I absolutely loathe terms like “surveillance capitalism” or the phrase “if you’re not paying for it, you’re the product” (because I think both are misleading), but I am perplexed at people who make both of those claims about Facebook and Twitter… and now rush to sign up for some brand new company based on the same sort of model, with the same sorts of risks.
We’re at a fork in the road, and it seems like we should be looking to take the other path. The one that is open, not closed. The one that gives us more freedom, not less. The one that pushes the power out to you, the users, rather than the latest billionaire. The power of the internet was that it was built on protocols, and gave the power to the ends of the network.
For whatever reason, the old castles are crumbling. Let’s not run to new ones. Let’s go back to the more open world that we were promised in the early days of the internet, whether it’s ActivityPub or Bluesky or nostr or something totally different. There’s no reason to hand over all the control to just one company that doesn’t provide an escape path.
It seems quite likely that Elon Musk will own Twitter in a few days. One thing that has remained very much up in the air through all of this is how Musk views Bluesky. As you’ll recall, Bluesky was a project kicked off by Jack Dorsey back in late 2019, partially influenced by my paper on why we needed to move more to a world of protocols rather than platforms. While Bluesky was seed funded from Twitter, it is entirely separate from Twitter. However, part of the promise behind Bluesky was that Dorsey made it clear he hoped to one day move Twitter over to using the Bluesky protocol — and one of the biggest challenges for any of the many attempts at building a protocol-based social media system is actually getting users to sign up. A Bluesky/Twitter deal would effectively bring the users along for the ride.
In the text messages revealed as part of the legal fight between Twitter and Elon Musk (as he sought to get out of the deal), it was clear that Dorsey’s support of Musk was, in part, around the idea that a Musk-led private Twitter would be more likely to embrace Bluesky and move over to it. This is not a crazy idea. One of my biggest concerns about all of this was that the existing board of directors at Twitter would never let the company move over to a protocol. The various demands that were being put on Dorsey from the board (before he left) appeared somewhat incompatible with his protocol plans. And, indeed, one of the most regular conversations I’ve had with people about moving Twitter to a protocol like Bluesky is about how it might impact Twitter’s short-term revenue and profitability. I think there are ways that it could work out well, but it would be a big bet, and a risky one, of the nature that Wall St. is loathe to take.
Some of the other text messages also talked about Bluesky, including ones from Axel Springer CEO Mathias Dopfner (though his other texts were a bit nonsensical). But Musk himself has never even mentioned Bluesky. It’s unclear if he’s seriously considering adopting Bluesky, or having anything to do with it.
However, Bluesky has continued to move forward. Earlier this year, soon after Musk announced his initial stake in Twitter, Bluesky revealed its first “experimental” protocol piece. Now the organization has announced the next steps, officially naming its authenticated transfer protocol, and explaining what it will include:
Account portability. A person’s online identity should not be owned by corporations with no accountability to their users. With the AT Protocol, you can move your account from one provider to another without losing any of your data or social graph.
Algorithmic choice. Algorithms dictate what we see and who we can reach. We must have control over our algorithms if we’re going to trust in our online spaces. The AT Protocol includes an open algorithms mode so users have more control over their experience.
Interoperation. The world needs a diverse market of connected services to ensure healthy competition. Interoperation needs to feel like second nature to the Web. The AT Protocol includes a schema-based interoperation framework called Lexicon to help solve coordination challenges.
Performance. A lot of novel protocols throw performance out of the window, resulting in long loading times before you can see your timeline. We don’t see performance as optional, so we’ve made it a priority to build for fast loading at large scales.
That all sounds… good. But it’s all meaningless if there’s not an actual way to use it. So the next part of Bluesky’s announcement is a lot more important. They’re going to build a reference app to show how it all works. Now that’s where things could get interesting:
Coming soon: the Bluesky app
The World-Wide Web wouldn’t have been much fun if it was created without a browser, and the same is true of the AT Protocol. So we’re also building a social app called Bluesky.
The word “Bluesky” evokes a wide-open space of possibility. It was the original name for this project before it took shape, and continues to be the name of our company. We’re calling the application we’re building Bluesky because it will be a portal to the world of possibility on top of the AT Protocol.
We’re looking forward to sharing more about the Bluesky application as it develops.
Again, there will still be big questions in who will actually use this, and whether they can get enough users to make it worthwhile, but the approach still feels much more thorough and well thought out than most other attempts at building a social media protocol. I will continue to watch with interest.
As advocates of decentralization and a protocols-not-platforms approach to the web, there’s a lot about the concept of Web3 that sounds appealing to us at Techdirt — but the details usually leave a lot to be desired. A new project called TBD from Block aims to move beyond all that, and while its invocation of “Web5” understandably invites skepticism, it’s actually a lot more interesting. This week, we’re joined by project lead Mike Brock to discuss how TBD and the concept of Web5 aims to grapple with the true potential of decentralization.
We’ve got some great new discussions for the Techdirt Podcast… coming in a few weeks. But at the moment, amidst a very busy schedule on a variety of fronts, we’re taking a short break to look back on a very old conversation: our 14th episode ever, from 2015, about media companies rolling out proprietary content management systems. Since we recently completed our own migration to WordPress (the popular platform that was also a major component of that seven-year-old discussion) we thought it might be fun to revisit the question. So on this week’s episode, Mike and I open with a bit of a retrospective followed by a replay of the original conversation in full.
