The Twitter crisis and the Fediverse: Chance and Community Chest

Questo articolo è disponibile anche in italiano.

Faked Monopoly Chance and Community Chest cards: "NEW OPEN PROTOCOL IN TOWN You Loose 44 bn$" and "COOPS TAKE OVER SOCIAL NETWORK collect 5 $ from every player"
Remember Monopoly?

Compared to the other mass social networks Twitter stands out for being predominantly text-based and for hosting authoritative users such as scientists, journalists, and opinion makers. In there you find not just mere entertainment or gossip like on other social networks, but what is going on in the world. In a way, it is a virtual, global public sphere: the place where public opinion takes shape!

Better said, it has been one, since more or less since Twitter Inc. was delisted from NYSE (November 8, 2022) chaos reigns in there and many users are desperate about what is happening.

For this reason, there is an ongoing migration from Twitter to a social network until now little known to most: Mastodon. Although the numbers are still small (we are talking about 8 million accounts versus 400 million Twitter users) and the phenomenon is not new (previous waves happened during various Twitter controversies or mishaps) this time it is different because some of the influential users are moving to Mastodon.

But Mastodon is a very different thing from Twitter: first, it is open source and was not created with a nonprofit intent. Moreover, along with other similar tools, it is part of the Fediverse, a collection of heterogeneous platforms and software operated by thousands of separate servers that are compatible and interoperable with each other thanks to the standard ActivityPub protocol. The model is distributed and thus differs from the typical social network we have in mind, operated centrally by a company. Nothing really new here either: we are already familiar with networks based on standard protocols where multiple providers offer interoperable services: just think of telephones or email. What is new is rediscovering even for social networks the value of something as obvious as being able to change providers without losing contacts, which we had lost by jumping a little too quickly on the social network bandwagon.

In any case the Fediverse, which until recently was populated by minorities such as hackers, nerds, queers, and anarchists, is now starting to be populated by more “normal” people, and while this is nice to see and a true “Internet moment” of awe for something that happens outside the logic of profit and by truly spontaneous human initiative, it opens up a number of questions, which I would like to try to answer.

Is it a robust and scalable technology?

The ActivityPub protocol is quite recent (2018), and incomplete in some parts. For example, it lacks a mechanism for verifying servers and managing global whitelists and/or blacklists of servers. See for example this rather technical article:

We really don’t know what will happen if the users count increases by 1 or 2 orders of magnitude. Interconnection costs could increase. One can imagine that a system of distributed servers will be less efficient (in terms of energy, network bandwidth, computational resources, storage…) than a centralized system.

The most stable and widely used ActivityPub-compatible software, Mastodon, is the almost exclusive work of its creator Eugen Rochko. Although it is open source, looking at certain parameters (almost complete absence of documentation for developers, low number of contributors, number and age of issues and pull requests, and number of active forks) it has all the appearance of being a not very open project. The 29-year-old creator has perhaps yet to break out of the pure programmer’s mindset and change role becoming more the architect and strategist of the project, opening it up to new contributors. Meanwhile, many requests for new features are stalled and it is unclear when and by whom they will be addressed:

Is it safe? What are the risks?

About the security of a social network, there are several levels.

The first and most important is physical security, because we know that in the past social networks have been used to plan and commit crimes and terrorist acts, to persecute people at first in words and then also in deeds. The world is full of assholes and weirdos, and some will be (or already are) drawn to the Fediverse. To get a sense of the risks and techniques for defending against them, I recommend this testimony from inside the social networking industry itself:

Second come the digital crimes that can be committed through the social itself: incitement to commit crimes, slander, copyright infringement, dissemination of child pornography, apology of fascism (in Italy) etc. Here of course it is relevant where and by whom the crime is committed: different legislations may allow or prohibit different things. The biggest risk in this case is taken by those that operate the servers, who are legally responsible.

The third, somewhat less critical, is the enforcement of safe language, in the sense of not exposing some categories of people to language they do not like: the faithful would not like to see blasphemies, the woke hate bigotry, for monarchists the king is sacred, trans people better not read about biological sex, vegetarians would do without the video of the last sausage festival, some feminists can’t stand porn while others support sex workers etc. Human values are so varied that it is not even possible to imagine all the possible incompatibilities that could arise. Some make you smile, others are more serious, others are very serious indeed, even if you remain in the field of legal behavior.

Of these first three levels of security, so far the Fediverse has dealt extensively with only the latter. First of all, there is the CW (Content Warning), which can be used on a voluntary basis to flag content potentially unwelcome for a certain group; since it is a social norm (a form of netiquette) it is interpreted in a very varied and non-uniform way. Second, due to its decentralized nature, each server can write its own policy to manage language safety, and then define a self-managed team of volunteer moderators to enforce it. The defense mechanism against policy infringements is to block i.e. to ban individuals or entire servers. This requires that the blacklist be manually propagated to each server, which has been successfully applied to problematic servers such as Gab.

The “other” social networks have (much understaffed) teams of (under-)paid professional moderators assisted by algorithms that pre-filter images in search of swastikas and nipples. While this can be criticized and has been widely criticized, it does works, and allows mothers and children to use them without too much fear. And it made Black Twitter possible: a sub-community of black U.S. users who could build digital relationships without being harassed/threatened by anyone (or just a few). But with the influx of new users it became clear that until now Mastodon has been actually not very welcoming to people of color (see the excellent article, that I would attribute to the prevalence of a mixed liberal (because hackers like freedom), and anti-cop (because anarchists like ACAB) culture, which downplayed the fact that if there is a policy there must be a police that applies it. Another value of this anarco-liberal culture is the right to anonymity on the net and the freedom to use pseudonyms, which can protect the weak, but can also protect or encourage aggressors.

Unfortunately, to really protect minorities you need many “cops” (i.e. moderators), and it is necessary at the request of the judicial authority to be able to easily identify users to be able to prosecute them (let it be clear that I am against the real-name policy).

Certainly the distributed moderation system hasn’t really been tested against massive and/or coordinated, level 1 and 2 attacks. So far this has not happened because of the small numbers and relative homogeneity of users, but with the current influx things may well change.

That leaves last but not least the level of safety from from side effects. I am referring to the (weak but not insignificant) addictionsthat socials create: addiction to dopamine feedback, self-branding, fear of missing out etc. These have been and are widely used by “commercial” social to keep users inside the platform for as long as possible. This is one area where the Fediverse excels. Generally the most gamified and perverse features are absent, and certain servers can reduce them further by tweaking certain settings (such as hiding or capping follower counts).

Does the Fediverse protect us from indiscriminate data collection and profiling?

As with many technical things, we don’t know for sure at the moment. ActivityPub is an open protocol, even more open than email, in the sense that everything is public except posts (or tweets or toots) that are set to private (unlisted, follower-only and direct messages) that are still visible to the recipients and admins of the servers involved. Technically it is possible (but not so convenient) for a third party actor to crawl everything that is “listed” from all the servers in the Fediverse, archive it, and data mineit.

Perhaps someone is already doing this!

Crawling is precisely how search engines have plundered the originally distributed world wide web (WWW), centralizing the semantic data of all pages of all existing sites, thus creating their enormous power.

The difference between the WWW and the Fediverse lies in the time factor, in the sense that web pages change slowly (once a year a store’s website updates its open times, once a month a user posts a blog article) whereas the social network is a space of fast transactions and rapid trend changes (minutes or hours at most). Detecting trends in real time is not possible with mere crawling: you need to be notified. This can be provided precisely by the ActivityPub protocol… which is why this point is related to the next one.

Will it remain a world alien to concentration, profit extraction and marketing?

Although ActivityPub, the Fediverse and Mastodon were born non-profit, this does not prevent someone from using them for that purpose. The Internet itself has followed this trajectory!

There are already rumors of giants such as Flickr and Tumblr (which are niche, special purpose commercial social networks) that could become interoperable with the Fediverse, suddenly becoming the most “populous” and therefore dominant servers.

In one of the most optimistic scenarios, the Twitter crisis could lead up to a 20% hemorrhage of users towards the Fediverse, before Twitter itself decides to open up to the ActivityPub protocol. With that it would wind up to a situation similar to email, where the main providers (gmail, outlook and yahoo) host 90% of users… and therefore read 99% of the messages that pass through the network.

Back to the theme of the previous point (whether the Fediverse protects us from indiscriminate data collection and profiling), considering these scenarios we can answer: that is not at all certain!

If a major concentration occurs, by the very nature of the ActivityPub protocol, the smaller servers will each send their event stream to the larger servers, which will just need to reassemble them to get something very similar to Twitter firehose (i.e. the aggregate of all tweets of all users), without even having to crawl the data. So data mining becomes possible again at scale.

These scenarios are actually implicit in the very nature of an open protocol. Open protocol, open society, free market belong to the same semantic sphere and the same ideological matrix. It could be said that fate was sealed from the beginning. There is nothing in the technological matrix of the Fediverse that protects us from concentration and therefore from the accumulation of data and power, actually they are already implicitly there.

Can this be a new virtual and global public sphere?

I leave as last the question that is closest to my heart. I would like to answer yes, even contradicting much of what I have written above.

For I believe that a public space where global conversations take place that shape public opinion is a public good and cannot be private. Nor can it be public in the sense of state. It must have an intermediate, pluralistic nature.

At this point I recommend watching this German-language (tough!) video (34’24”) presented two years ago at the Remote Chaos Experience (RC3) entitled “Die rosarote Brille des Fediverse” which can hardly be translated as “The world seen through the fairy-tale lens of the Fediverse where Erwin Ernst Steinhammer analyzes the phenomenon from a social sciences perspective, to understand whether the Fediverse can be a pluralistische Öffentlichkeit (pluralistic public sphere) that is, a meeting point for society but:

“where it does not have to find a compromise on every point, where diversity of opinions and freedom to create are accepted and above all that rejects the idea that there must be an ideal rational compromise for everyone”

His response at the time was generally positive, because there were heterogeneous but connected communities, each proud of their Algorithmic Souveranity, and moderated by volunteers from the same user group, with an optimal moderator/user ratio of about 1:750. But he raised the bell on collective blocks that can harm pluralism!

Two years later and with what is going on, the structure and conditions that Erwin described perhaps no longer apply, certainly they are no more valid for the major servers (, etc.). And even more so how can we think of maintaining them in the face of the further expansion that we can expect if the Fediverse becomes mainstream, and of a real and almost certain risk of centralization?

I leave these questions open: if we want we must find the answer together because history has not yet been written. Above all, the matter must not be left in the hands of us technologists, who do not have the cultural tools to understand and control the key problems that are of a social and communicative in nature.

I hope for a new alliance between people (no longer users or customers) who use, and other people (no longer nerds) who develop and manage platforms.