I want to enable comments on my blog again, but (I'm current possibly overthinking things in that) I'm worrying if I need a privacy policy, or how I should think about things like GDPR, and should users be able to delete their comments?
-
It's difficult to find good answers to these questions, I'm not sure what to search for and I don't trust LLMs for this kind of thing either
-
Seth Michael Larsonreplied to Simon Willison last edited by
@simon if I were adding comments to my site I would probably use webmentions. Encourages people to comment on social and you still get to decide which comments get surfaced.
-
Jan Lehnardt :couchdb:replied to Simon Willison last edited by
@simon honestly: would not sign up to host other people’s content/identity on my blog.
-
Simon Willisonreplied to Seth Michael Larson last edited by
@sethmlarson I'm actually thinking I'll do GitHub auth and require accounts to have existed for more than six months there (unless I allow-list someone), I turned off comments last time because of spam
-
@simon What about spam? How are you going to balance between preventing spam and not discriminating against disabled users with captchas?
-
Simon Willisonreplied to Jan Lehnardt :couchdb: last edited by
@janl yeah, I get that there's a risk here - but I'm losing faith in the thing where conversations happen elsewhere, I want to post things like "what X do you recommend?" and host the results in one place
If it's no longer possible for an individual to run a comments section that would /suck/
-
@matt I was planning on doing sign-in-with-github and require accounts there to be at least six months old so when I ban someone it at least costs them something (plus I can allow-list individuals with newer accounts on a case-by-case basis)
-
@simon, I don't know answer to your question, though I'm curious what outcomes you desire with user comments on your blog. For some kinds of feedback, email seems a way for small corrections and clarifications. If more two way/multiway discussion, then that seems forum like rather than blog.
-
Joseph Szymborski :qcca:replied to Simon Willison last edited by
@simon I'm not a lawyer (or in the EU), but would ActivityPub comments maybe solve your problem? You wouldn't be "processing user data" as it were, so that might side step things and shift liability to you Mastodon instance.
On Mastodon-powered Blog Comments
This blog has a comment section and it's powered by ActivityPub pixies. I share some thoughts about the pros and cons.
(jszym.com)
-
Simon Willisonreplied to Joseph Szymborski :qcca: last edited by
@jszym I host my own personal Mastodon instance already so say that won't save me any worry!
-
@Spoofer3 I mainly want to be able to crowdsource answers to interesting questions in a place where I can set the rules and ensure the content stays available long term