Demo of @iftas CCS (content classification service) is now online from #fediforum
-
Konstantin Macherreplied to Rebecca Sieber last edited by
@resieguen
The ChatControl proposal and the critique is primarily about scanning private communication, breaking end-to-end-encryption. The voluntary scanning of Facebook includes Facebook Messenger. In this context it's important to distinguish between private communications and public facing content.
@ilumium @thisismissem -
Rebecca Sieberreplied to Konstantin Macher last edited by
@pneutig Of course, you could just claim that there is no private communication in the Fediverse, because posts for mentioned people only are actually public. But then you are applying double standards. @ilumium @thisismissem
-
Emelia πΈπ»replied to Konstantin Macher last edited by
Yeah, whereas on the fediverse there is currently no private communications, there is no e2ee, so your server (and potentially others) are always involved in that communication.
The creation of IFTAS CCS was driven by our Moderator Needs Assessment where help detecting & dealing with CSAM was our highest ranked issue:
-
Konstantin Macherreplied to Rebecca Sieber last edited by
@resieguen @ilumium @thisismissem OK I think I get your point now. It's about whether IFTAS CCS also applies to DMs? I thought it is meant for public facing content (not DMs).
-
Emelia πΈπ»replied to Rebecca Sieber last edited by
You're really not though. Proactive scanning for CSAM, not mandated by law, is just the same as proactive scanning for spam & phishing, hate speech or other forms of abuse
We have already seen attacks against fediverse servers where someone uploads CSAM & then reports that content being on your server to your host & to law enforcement.
-
Rebecca Sieberreplied to Konstantin Macher last edited by
@pneutig Yes, according to the demo it also applies to DMs @ilumium @thisismissem
-
Emelia πΈπ»replied to Konstantin Macher last edited by
We do process mentioned-only and followers-only posts created from your server, since Mastodon's webhooks make no distinction between them, they're all just posts.
If Mastodon had actual DMs separate from regular posts, then it'd be at server operator's' discretion whether we see and process that content.
Even in mentioned-only posts, the media content is still publicly available, it's just you need to know the URL to access it.
-
Emelia πΈπ»replied to Rebecca Sieber last edited by
Remember: mastodon does NOT have DMs, there is no security or privacy here, if you want to privately say something, you should probably be using E2EE
-
Emelia πΈπ»replied to Emelia πΈπ» last edited by [email protected]
e.g., here's an image link to an image I just uploaded via a "mentioned only" post: https://media.hachyderm.io/media_attachments/files/113/176/002/159/282/391/original/0e8b71ef1268f890.jpg
Here's the same image on the server that received it: https://mastodon-dev.fra1.cdn.digitaloceanspaces.com/mastodon-dev/cache/media_attachments/files/113/176/002/996/549/342/original/dc1ebce99f4e5718.jpg
-
Emelia πΈπ»replied to Emelia πΈπ» last edited by
There is no expectation of privacy here, there are no controls that limit accessing the media. Mastodon's UI even says this: