Hey fellow users of the Fediverse, instance admins and platform developers. Iā€™d like to see better means of handling adult content on the Fediverse. Iā€™d like to spread a bit of awareness and request your opinions and comments.

Summary: A more nuanced concept is a necessary step towards creating a more inclusive and empowering space for adolescents while also catering to adult content. I suggest extending the platforms with additional tools for instance admins, content-labels and user roles. Further taking into account the way the Fediverse is designed, different jurisdictions and shifting the responsibility to the correct people. The concept of content-labels can also aid moderation in general.

The motivation:

We are currently disadvantaging adolescents and making life hard for instance admins. My main points:

  1. Our platforms shouldnā€™t only cater to adults. I donā€™t want to delve down into providing a kids-safe space, because thatā€™s different use-case and a complex task. But thereā€™s quite some space in-between. Young people also need places on the internet where they can connect, try themselves and slowly grow and approach the adult world. I think we should be inclusive and empower the age-group - lets say of 14-17 yo people. Currently we donā€™t care. And Iā€™d like that to change. Itā€™d also help people who are parents, teachers and youth organizations.

  2. But the platform should also cater to adults. Iā€™d like to be able to discuss adult topics. Since everything is mixed togetherā€¦ For example if I were to share my experience on adult stuff, itā€™d make me uncomfortable if I knew kids are probably reading that. That restricts me in what I can do here.

  3. Requirements by legislation: Numerous states and countries are exploring age verification requirements for the internet. Or itā€™s already mandatory but canā€™t be achieved with our current design.

  4. Big platforms and porn sites have means to circumvent that. Money and lawyers. Itā€™s considerably more difficult for our admins. Iā€™m pretty sure theyā€™d prosecute me at some point if Iā€™d try to do the same. I donā€™t see how I could legally run my own instance at all without overly restricting it with the current tools I have available.

Some laws and proposals

Why the Fediverse?

The Fediverse strives to be a nice space. A better place than just a copy of the established platforms including their issues. We should and can do better. We generally care for people and want to be inclusive. We should include adolecents and empower/support them, too.

Iā€™d argue itā€™s easy to do. The Fediverse provides some unique advantages. And currently the alternative is to lock down an instance, overblock and rigorously defederate. Which isnā€™t great.

How?

There are a few design parameters:

  1. We donā€™t want to restrict other usersā€™ use-cases in the process.
  2. The Fediverse connects people across very different jurisdictions. There is no one-size-fits-all solution.
  3. We canā€™t tackle an impossibly big task. But that shouldnā€™t keep up from doing anything. My suggestion is to not go for a perfect solution and fail in the process. But to implement something that is considerably better than the current situation. It doesnā€™t need to be perfect and water-tight to be a big step in the right direction and be of some good benefit for all users.

With that in mind, my proposal is to extend the platforms to provide additional tools to the individual instance admins.

Due to (1) not restricting users, the default instance setting should be to allow all content. The status quo is unchanged, we only offer optional means to the instance admins to tie down the place if they deem appropriate. And this is a federated platform. We can have instances that cater to adults and some that also cater to young people in parallel. This would extend the Fediverse, not make it smaller.

Because of (2) the different jurisdictions, the responsibility has to be with the individual instance admins. They have to comply with their legislation, they know what is allowed and they probably also know what kind of users they like to target with their instance. So we just give a configurable solution to them without assuming or enforcing too much.

Age-verification is hard. Practically impossible. The responsibility for that has to be delegated and handled on an instance level. We should stick to attaching roles to users and have the individual instance deal with it, come up with a way how people attain these roles. Some suggestions: Pull the role ā€œadultā€ from OAuth/LDAP. Give the role to all logged-in users. Have admins and moderators assign the roles.

The current solution for example implemented by LemmyNSFW is to preface the website with a popup ā€œAre you 18?.. Yes/Noā€. Iā€™d argue this is a joke and entirely ineffective. We can skip a workaround like that, as it doesnā€™t comply with what is mandated in lots of countries. Weā€™re exactly as well off with or without that popup in my country. And itā€™s redundant. We already have NSFW on the level of individual posts. And we can do better anyways. (Also: ā€œNSFWā€ and ā€œadult contentā€ arenā€™t the same thing.)

I think the current situation with LemmyNSFW, which is blocked by most big instances, showcases the current tools donā€™t work properly. The situation as is leads to defederation.

Filtering and block-listing only works if people put in the effort and tag all the content. Itā€™s probably wishful thinking that this becomes the standard and happens to a level that is satisfactory. We probably also need allow-listing to compensate for that. Allow-list certain instances and communities that are known to only contain appropriate content. And also differentiate between communities that do a good job and are reliably providing content labels. Allow-listing would switch the filtering around and allow authorized (adult) users to bypass the list. There is an option to extend upon this at a later point to approach something like a safe space in certain scenarios. Whether this is for kids or adults who like safe-spaces.

Technical implementation:

  • Attach roles to user accounts so they can later be matched to content labels. (ActivityPub actors)
  • Attach labeling to individual messages. (ActivityPub objects)

This isnā€™t necessarily a 1:1 relation. A simple ā€œ18+ā€ category and a matching flag for the user account would be better than nothing. But legislation varies on whatā€™s appropriate. Ultimately Iā€™d like to see more nuanced content categories and have the instance match which user group can access which content. A set of labels for content would also be useful for other moderation purposes. Currently weā€™re just able to delete content or leave it there. But the same concept can also flag ā€œfake-newsā€ and ā€œconspiracy theoriesā€ or ā€œtrollingā€ and make the user decide if they want to have that displayed to them. Currently this is up to the moderators, and theyā€™re just given 2 choices.

For the specific categories we can have a look at existing legislation. Some examples might include: ā€œnudityā€, ā€œpornographyā€, ā€œgamblingā€, ā€œextremismā€, ā€œdrugsā€, ā€œself-harmā€, ā€œhateā€, ā€œgoreā€, ā€œmalware/phishingā€. Iā€™d like to refrain from vague categories such as ā€œoffensive languageā€. That just leads to further complications when applying it. Categories should be somewhat uncontroversial, comprehensible to the average moderator and cross some threshold appropriate to this task.

These categories need to be a well-defined set to be useful. And the admins need a tool to map them to user roles (age groups). Iā€™d go ahead and also allow the users to filter out categories on top, in case they donā€™t like hate, trolling and such, they can choose to filter it out. And moderators also get another tool in addition to the ban hammer for more nuanced content moderation.

  • Instance settings should include: Show all content, (Blur/spoiler content,) Restrict content for non-logged-in users. Hide content entirely from the instance. And the user-group <-> content-flag mappings.

  • Add the handling of user-groups and the mapping to content-labels to the admin interface.

  • Add the content-labels to the UI so the users can flag their content.

  • Add the content-labels to the moderation tools

  • Implement allow-listing of instances and communities in a separate task/milestone.

  • We should anticipate age-verification getting mandatory in more and more places. Other software projects might pick up on it or need to implement it, too. This solution should tie into that. Make it extensible. Iā€™d like to pull user groups from SSO, OAuth, OIDC, LDAP or whatever provides user roles and is supported as an authentication/authorization backend.

Caveats:

  • Itā€™s a voluntary effort. People might not participate enough to make it useful. If most content doesnā€™t include the appropriate labels, block-listing might prove ineffective. That remains to be seen. Maybe we need to implement allow-listing first.
  • There will be some dispute, categories are a simplification and people have different judgment on exact boundaries. I think this proposal tries to compensate for some of this and tries not to oversimplify things. Also I believe most of society roughly agrees on enough of the underlying ethics.
  • Filtering content isnā€™t great and can be abused. But it is a necessary tool if we want something like this.

šŸ…­šŸ„ This text is licensed ā€œNo Rights Reservedā€, CC0 1.0: This work has been marked as dedicated to the public domain.

  • h3ndrik@feddit.deOP
    11Ā·
    8 months ago

    Wouldnā€™t you find exactly the same stuff on porn websites ?

    Yes. And i think itā€™s bad practice. We should strive to be better than the average porn site.

    How would you do otherwise with preserving user privacy

    I think there are two issues at play:

    1. Itā€™s a complex task. Usually that leads to people saying ā€œwe can never achieve 100%ā€ and ā€œit doesnā€™t fit every purposeā€ and then nothing gets done. Iā€™d argue this gets us like 40% the way and thatā€™s better than nothing. And itā€™d get me all the way and probably a few other people, too.

    2. I think verification should be delegated to the instances. There isnā€™t a single solution. In some jurisdictions it might be enough that people claim to be 18. Those admins can choose a really simple solution. Other admins might not care or cater to minors, they can not activate the filters. A compromise might be requiring signup. Thatā€™d hide content from kids who arenā€™t logged in and just browsing the web. And already far better than just displaying it to them. What Iā€™d like to do is have users request access and handle that manually. Alike some Discord servers or other software does. I know a few people Iā€™d like to invite and their age. So itā€™d be no problem to unlock their accounts. I think itā€™s the same for other communities. And usually ā€œeyeballing itā€ also works to some degree. It might be a valid approach for some admins. I know from experience you can often tell if your opponent in a computer game or the person youā€™re arguing with is a 13 year old kid, or 35. Itā€™s not perfect but surely does a decent job with the extremes.

    Iā€™d like to abstain from privacy-breaching methods that are in use by big tech companies like Google etc. Requiring phone numbers on signup or showing your ID into the camera is too much. And itā€™s bad. I donā€™t want to tell the admins how to handle verification. If theyā€™re required to, or would like to see the IDs and their users are comfortable with itā€¦ Iā€™ve included extensibility to the requirements. So they can. Maybe weā€™re provided with a solution in the near future. My German ID card can already vouch for my age without revealing my identity. Itā€™s a zero knowledge proof and the proper technical solution to age-verification. I can also envision some ā€œWeb of Trustā€ providing this. Something like PGP or CAcert does.

    I think there are some valid ideas and some technical solutions are already out there and available. The issue is just nobody uses them. And neither do we.

    Also, how do you avoid falling in the reddit trap where every discussion vaguely about sexuality end-up being 18+

    That is a good question. These categories need to be concise. And the people ticking the boxed need to comprehend the meaning and consequence. I think moderators will do. With the users, Iā€™m not sure. I donā€™t think I had that issue on Reddit. A year ago when I still was there, Iā€™ve occasinally replied to people on relationship_advice and some more explicit subreddits. I didnā€™t see any problems. But Iā€™ve not been a heavy user. Maybe I didnā€™t pay attention. Iā€™ll listen if this is deemed a likely scenario or proves to happen in practice.