Ozone, Bluesky's stackable moderation system is up and open-sourced. https://bsky.social/about/blog/03-12-2024-stackable-moderationI think it's interesting in obvious ways and risky in some less obvious ones (that have less to do with "O NO BILLIONAIRES" ...
-
Ozone, Bluesky's stackable moderation system is up and open-sourced.
Bluesky’s Stackable Approach to Moderation - Bluesky
Today, we’re open sourcing Ozone, a tool that lets a team of moderators or curators collaboratively review reports, create labels, and inspect content on the atproto network. Later this week, we’re opening up the ability for users to run their own independent moderation services.
Bluesky (bsky.social)
I think it's interesting in obvious ways and risky in some less obvious ones (that have less to do with "O NO BILLIONAIRES" or "O NO LIBERTARIANS" and more to do with placelessness), but we'll see.
I hope good things emerge from/grow on top of this framework.
[I recognize that mentioning this is widely considered to be an invitation to explain capital like I am a tiny baby. You could also not.]
-
Caspar C. Mieraureplied to Erin Kissane on last edited by
@kissane When Bluesky was initially announced it was already mde clear, that Jack sees moderation as a bad, costy thing and tries to shift the load from a platform that earns money to voluntary users doing the work. While the approach is technically interesting, it tries to get rid of responsibility by being able to say that you support nonprofits in doing the formerly underpaid work now. I really think this is one of the mail issues of Bluesky as it shows the main foundation idea.
-
Joe Fabisevich :verified:replied to Caspar C. Mierau on last edited by
@leitmedium @kissane Isn't that exactly how Mastodon's moderation works? The server admin either acts as a moderator and/or deputizes others to do so as well, almost always in a volunteer capacity.
-
Josh Waynereplied to Joe Fabisevich :verified: on last edited by
@mergesort @leitmedium @kissane
That's my exact question too. I still have to dive into Bluesky's full implementation, but it seems like they have an additional layer of an actual trust and safety team, where Mastodon does not.
-
@joshwayne @mergesort @leitmedium Yep, they do.
-
Erlend Sogge Heggenreplied to Erin Kissane on last edited by
@kissane the placefulness of Mastodon and the extended microblogverse is its greatest flaw IMHO.
Instead of using AP servers as post-office relays for our digital letters, we’ve effectively been moved to *live inside* the post offices just to make it easier for the servers to send letters on our behalf.
The discussion groups of the threadiverse however do make sense as places we can *visit* with our independent identities.
I need separation between my place of living and place of discourse.
-
Gabriel Garridoreplied to Erlend Sogge Heggen on last edited by
-
Erlend Sogge Heggenreplied to Gabriel Garrido on last edited by
@ggpsv I’m arguing that #threadiverse platforms like Lemmy, kbin et.al. is where we should go for *place*, which will include Mastodon once it implements Groups.
I don’t have any sense of place on Mastodon, as it is chiefly oriented around people. I can’t easily visit Erin’s mas.to or your social.coop.
But root identity provisioning needs to be extricated from all of the above, in favor of the #nomadicidentity which Bluesky has gotten 80% figured out already and working in practice.
-
Erin Kissanereplied to Erlend Sogge Heggen on last edited by
@erlend I wouldn't say that I'm arguing for the current Mastodon model, exactly. More like I'm trying to take the techno-cultural (sorry) complexes apart so I can try to understand which things are "really there" and which are just emergent phenomena/ v i b e s that sneaked in because of our experiences elsewhere.
-
Tim Chambers - VOTEDreplied to Erin Kissane on last edited by
@kissane I'm still very confused about exactly which actors in what places of the AT collection of services moderates the "base level of non-optional moderation" on the bluesky-specific network.... but that said, do like the ideas of stacking additional opt in third-party moderation on top of that.
Assuming that it doesn't incite the base level of moderation to degrade as they "offload" it to others. And assuming that the UX of reporting issues to multiple parties isn't confusing.
-
Erlend Sogge Heggenreplied to Erin Kissane on last edited by
@kissane didn’t think you were
anyway, excitedly looking forward to your post(s) on this subject! -
Erin Kissanereplied to Tim Chambers - VOTED on last edited by
@tchambers For the Bluesky app, it's the Bluesky moderation team, which is pretty active in the classical/centralized mode.
Bluesky 2023 Moderation Report - Bluesky
We have hired and trained a full-time team of moderators, launched and iterated on several community and individual moderation features, developed and refined policies both public and internal, designed and redesigned product features to reduce abuse, and built several infrastructure components from scratch to support our Trust and Safety work.
Bluesky (bsky.social)
Layers-wise, I think there are two things—the official Bluesky client enforces the use of Bluesky's in-house moderation work (at the level of the labeler) but then the network-wide, truly non-optional stuff—which is very limited in scope—happens at the level of the relay:
-
Erin Kissanereplied to Erin Kissane on last edited by
@tchambers So although there's a lot of concern across fedi about Bluesky "not moderating," they actually do both takedowns and de-indexing for the Bluesky platform itself *and* they're inserting a centralized kill switch for the worst-of-the-worst stuff into the network architecture, which would prevent the whole "we just defederate from CSAM" situation we have here.
It's not difficult to think of a variety of failure modes for this architecture, but I think they're interesting trade-offs!
-
@kissane @tchambers You are correct, but I think there are things to like about the “we just defederate…” model. It demonstrably provides a powerful incentive for the people who control instances not let them turn into Nazi bars.
-
Erin Kissanereplied to Tim Bray on last edited by [email protected]
@timbray @tchambers Agreed.
My main source of frustration about the cross-protocol conversations is that their underlying assumptions about the way AP/fedi and ATP/Bluesky work are kind of freely floating above the observed and stated realities of both protocols. There are lots of reasons for this, but it's getting in the way of crunchier thinking, imo.
edit: meaningful typo fix
-
Tim Chambers - VOTEDreplied to Erin Kissane on last edited by
@kissane Yes, I did know they centralize base moderation is halved by bluesky staff — but not sure at which part of the bluesky / AT ecosystem…can’t be at PDS servers as those swap out, as do the crawler indexers, so where does centralized non-optional moderation occur? Maybe at the app layer?
-
Erin Kissanereplied to Tim Chambers - VOTED on last edited by
@tchambers For just Bluesky-the-app, as opposed to other potential future ATP apps?
Looking at the whitepaper plus Paul's most recent comments, I *think* it's labelers hardwired into the official client app(s) and actioned at the App View layer plus takedowns at the Bluesky-run relay and Bluesky-run PDSes, right?
Caveat that my understanding is highly fragmented. (As are their docs and explanations, bless them.)
-
Tim Chambers - VOTEDreplied to Erin Kissane on last edited by
@kissane I *THINK* you and I see it the same way, but I personally am still feeling like I have a 20 percent or more chance of being wrong. Wish they would clearly state that.
Side question related to that: So if Gab.com built it's own full AT Protocol coalition of services (It's own app, own labler, own PDS's etc) could the BlueSky service "defederate" entirely from GabSky?
If so, would that also be done at the BlueSky service's App?
-
jonny (good kind)replied to Tim Chambers - VOTED on last edited by
@tchambers
@kissane
"Can you opt in to labeling" is the whole tension of labeling for content moderation - the answer necessarily has to be "no" at some level or else it wouldnt work, ppl posting harmful shit dont want it to be labeled as harmful, but then it becomes a vector for abuse as eg. The gab system eg. labels all queer people for targeting.They have a view on abuse that "if you dont see it, then its not abuse" - so eg. here you dont see labels from labelers you dont subscribe to: https://github.com/bluesky-social/atproto/blob/a0625ba40f3d66528488a18f6d32854d9165e191/packages/api/src/moderation/decision.ts#L262
But it does look like any labeling service can label any event - there isnt a good way of making that opt in on the protocol. Im going to set up a test instance later and try and label myself and see what happens in my PDS.
The risk is that identity is so cheap that there doesnt need to be a stable "gab" labeling service - if it gets blocked at an infra level by atproto, cool, signal through a side channel to your followers youre minting a new DID and block successfully evaded. So it is effectively impossible to stop labels as designed from being used as abuse vectors.
I raised this last June and Paul did respond once and from a first look it doesnt seem like any changes were made https://github.com/bluesky-social/proposals/issues/19
-
Right. I don't think they've fully thought through the implications of the underlying design. I asked @bnewbold over there if they had done threat modeling but didn't get a response, oh well.
@tchambers @kissane that's also how I see it with Bluesky-run relays and PDS's, but they've also said that it's only illegal content and spam. Masnick's paper talked about *not* removing Alex Jones at this level. So it's not clear that Gab would have to have their own PDSs or relay. (1/N)
