How the fediverse is reshaping social networks
“It’s a federated universe which makes it sound huge and expansive and kind of endless, but the purpose of it is to find your community”, Palak Sheth, Head of Privacy Policy, Instagram and Threads, Meta, explained at a panel she chaired earlier in this month.
The fediverse has been widely discussed as one of the central ways that interoperability between social media platforms could revolutionise the way they are used. Many of these platforms have significant overlap in users and a connected approach could streamline user experience.
Sheth continued: “It’s an open decentralised social media network that lets users connect with and share information across independent servers”
She highlighted that although this is novel for social media it is not a new concept: “If we think about it, the early example of a federated universe that we’re all part of actively is email. So if I use Gmail and somebody else uses Yahoo, I can send an e-mail to that person with a Yahoo address, they will receive that e-mail and they can respond.
“They can delete it and they can do anything that they would like to do. And the reason why we can do that and interoperate with each other across different e-mail servers is that they all use the same protocol, that being the simple mail transfer protocol.”
Threads, Meta’s newest app built for public dialogue, recently launched a public-facing fediverse beta experience in some markets where it allows users to opt-in to have their content federated across services built on the ActivityPub protocol. Meta signalled its intent for Threads to facilitate interoperability with other platforms at its launch in July last year when it gained 100 million users in five days.
In the panel, brought together by Privacy Laws & Business and convened by Stewart Dresner, Sheth was joined by:
- Dr Stefan Brink, Executive Director, Wida Digital / Former State Commissioner for Data Protection and Freedom of Information in Baden-Württemberg
- Evan Prodromou, Software developer and Open source advocate, Co-editor of ActivityPub, W3C
- Willy Mikalef, Partner, Bird & Bird, & Professor of Data Protection and AI Law, Université Paris Saclay and Université Paris V
Prodromou began by outlining some of the key reasons the fediverse is seeing such an increase in appeal both for users and companies that could benefit from the wider adoption of common protocols.
“One of the most important aspects of the fediverse is that distributed locus of control. We no longer have a single platform that operates all the apps and all the services; it’s distributed to different platforms, and different operators. That gives us a lot of benefits.
“One of them is some effective competition. If you are an influencer or a content creator and you don’t feel like the terms of your platform make sense for you in terms of ad revenue or in terms of payment or reach, you can change and move somewhere else where those benefits are more advantageous to you.
“So we’re introducing some market forces into social networks. The counteracting forces that have always been there, that if you build up a following on one service, you go back to 0 when you move to a new service, we’re dropping that inhibitor.”
He outlined how an approach where networks are not connected creates a significant barrier to entry for new social media companies.
“On the business side, there’s a big barrier to entry in creating a new social networking business. On day zero, when you launch your application, you have zero people participating and you actually have to spend a lot of time and energy getting up to 100,000 users, 1,000,000 users. The fediverse gives us a chance to have new software coming onto the system and on the first day they have access to 10s of millions or hundreds of millions in audiences.”
Brink focussed on some of the key data protection considerations that decentralised social networks raise.
“When you think about data protection issues in the decentralised social world, there are at least two main questions. The first question is what’s the legal basis for data processing in the Fediverse? And the second question is what are the special features or special problems of decentralised social networks?
“Firstly, what’s the legal basis to process data in the fediverse? You look at GDPR and you’ll see there are various legal bases for the processing of personal data. You can either process it on the basis of users’ consent, or you can think about a contractual basis.
“It’s also conceivable to work on the basis of legitimate interest. But it becomes difficult if you think about tracking, even in the fediverse. If you think about the strict case law of the European Court of Justice about tracking, you remember the case Meta versus Bundeskartellamt in July ‘23, all legal bases except consent can be ruled out – but consent is OK.
“So a second question is much more important: what are the special problems of decentralised social networks? One might think that decentralised social networks are very advantageous from the point of view of data protection and the supervisory authorities; this may also be the case with only limited or no tracking at all.”
“However, decentralised social networks have special features. That makes them more difficult under data protection law. Since it is a network of providers and not only one provider, it’s difficult sometimes to determine who’s responsible and to assess the trustworthiness of the network. Trustworthiness already plays a major role when it comes to the question of which instance the user should register with, especially as the instance is networked, and one problematic provider can infect the entire network.”
Mikalef focussed on the same data protection issues outlining why the fediverse can align with current data protection policy.
“Hearing all of these views makes me feel reassured in my feeling that fediverse is compatible with GDPR’s philosophy. The fact that the fediverse is empowering users like never before, I think is a proof that it is in line with GDPR.
“I’m not denying that there are clear compliance challenges and also on security. But it’s important to note that the fediverse decentralises digital power and it promotes user autonomy and privacy. This is why I’m saying that it not only complies with the GDPR overall objective, but also with the more recent data laws adopted by the EU.
“On the GDPR, I think that what is important to note is that the notion of user control is central. When you read Recital 7, it is clear that individuals should have control over their personal data, but also when you look at what was the objective of the EU legislators when they created a new right for that subject: that is data portability; it was clearly to empower you.
“The objective was that the user could become a player in its own digital consumption and make its accumulated data stored on existing platforms available to benefit the new platforms they may wish to use and fediverse clearly serves this object.”
RAID Director Ben Avison commented: “The panel on the move towards a fediverse for social networks demonstrates how exciting and innovative developments in tech raise complex policy questions. In this case, there are clear benefits from a competition standpoint but continued discussions are required around what interoperability between social media platforms means for data protection.
“Meta’s approach to introducing interoperability in Threads’ beta testing reflects the way that tech companies are serious about the way the fediverse can empower users and transform the way social media is used.
“This conversation illustrates the kind of decisions policymakers have to consider when implementing regulation that encourages innovation and consumer benefit without compromising core rights like those that are ensured through data protection law. RAID’s 2024 conference will see experts expand on this dialogue across a range of areas.”
The RAID 2024 conference takes place over two days from 23 to 24 September at the Stanhope Hotel in Brussels. To book a ticket follow the link here.
Write-up by Nick Scott. Editing by Ben Avison.
