Policy Proposal: SocialHub Community Values

that includes as many of the 126 people

OK, I understand your point here. I overlooked this Feb 9 [note to me: Coffee is ready]
Then I propose to

  1. take out the “deadline”
  2. make clear to what level the proposal downstreams

You need to make sure they are actively involved in the discussion.

Nope. If they decide to join an Open Protocol, it is their duty to involve.

The big players aren’t here because being here doesn’t net them anything useful – as I said previously, SocialCG does not move fast enough for them, so they work amongst themselves in backchannels and issue trackers.

So, you only hear from them at APConf if that (I don’t think Mastodon has ever presented at APConf, but I could be wrong).

I agree that this is all quite unfortunate, and one of the key things about folding Litepub back into SocialCG was that SocialCG would become more adaptive in terms of managing the ecosystem so that these backchannel conversations would be replaced with rapid consensus. Unfortunately that didn’t get realized.

1 Like

The mainline projects are involved, unfortunately despite efforts to fold Litepub back into SocialCG, this group is still not aligned with mainline.

Implementing a policy statement which does not explictly define obligations of mainline projects will simply ensure that mainline projects never engage with SocialCG.

And to be clear, if Mastodon and Pleroma didn’t roll the dice on ActivityPub, nobody would be using ActivityPub anyway, for better or worse.

lol

So, you only hear from them at APConf if that

No. M. did not want to do a keynote and they were invited to 4 events by me.
The first was payed by me and I rent a watertower and apartment they could have filled.
We cooked together.

Well, if it makes you feel better, Mastodon and Pleroma (in its default configuration) are not fully AP conformant anyway (due to federating the Block activity, which is problematic for a multitude of reasons, which is why the spec explicitly says not to do it).

Anyway, to get this back on topic, I propose the following alternate text as a starting point. I have done some light copy editing and tried to clarify that the obligation of participant projects are narrowed to the scope of the policy statement.


We Care For Our Own

Members of the Social Web Incubator CG agree to abide by the W3C Code of Ethics and Professional Conduct .

On top of this, we acknowledge that Web and communication technologies are inherently political and can be used to cause harm, even though the original creators did not intend for their technology to be used this way.

We recognise power imbalances are endemic in the technology industry, and in Social Web systems in mainstream use.

With that in mind, we do not welcome participation from participants involved in projects or other activities which facilitate:

  • oppression, or encouraging oppression, of vulnerable people or minority groups.
  • planning, encouragement of or inciting violence against vulnerable people.
  • promotion of fascism, nazism or other authoritarian systems and practices.
  • perpetuation, promotion, or enactment of systematic injustices, such as racism, sexism, homophobia and transphobia.

We are vigilant against the use of imagery, language and dogwhistles related to such behaviour. We reserve the right to exclude contributors from projects which are incompatible with this policy statement on a case by case basis.

SocialCG chairs and forum administrators may use their discretion to remove posts or suspend user accounts. SocialCG chairs may similarly refuse access to or remove individuals from virtual meetings.


But revising this raises more questions. Who determines if a project (or a contributor) is in violation of the policy? Will there be an adjudication procedure? I think the ACM ethics board is perhaps a good model to emulate – it provides due process for both the complainant and the accused.

Ensuring there is due process, in a public record, by an impartial board is important to me, as it goes a long way to ensuring that participants are protected against bad faith accusations.

Finally I believe it is important to clarify explicitly that developers are not responsible for the actions of a downstream instance. There is a difference, however, between downstream instances passively existing and contributors being sociable with those instances, so it is admittedly a gray area.

1 Like

[disclaimer] I can’t answer in the next 12 hours cause https://mastersofdigital.org
/ off topic:
I encourage anybody to attend the 2nd day!
The networking breaks are pure fun:
You are connected to a random person and this can be any person in the democratic spectrum.
Also leaders.
/ on topic
Let us also please wait for the opinion of SocialCG chairs …

I love your starting point and the proposed follow-up points of discussion. Thanks for taking the time to help this go further :+1:

In my eyes, given the reasons mentioned by kaniini, devs of the larger AP stacks should really have a chance to participate in the discussion. If we want to move the core of it into the CG meeting (or a meeting afterwards), then informing them and trying to find a date that suits most people is a good idea. Then regarding “them not being more important” of course they do not have vetoing power or such, so if their arguments/ concerns are not convincing to most folks then they won’t be included – with the danger of their withdrawal, as mentioned by kaniini.

Because…

… that might be partly true – or at least we’d like it to be – but please slow down your expectations a bit:
This proposal has been posted on February 2, so expecting all stakeholders to have found time to get involved – even to know about its existence – is unrealistic IMHO.
While in most parts of the world it is unlikely for $reasons we all know that folks are just on holiday for this week, I for one do not regularly have a look at SocialHub (sorry). I expect this tu be true especially for other small-project stakeholders, because these projects – and the discussions about its surrounding ecosystem – are only dealt with on a best-effort – time available basis. So speeding this up too much might even affect small projects harder than the larger ones.

Given @aschrijver’s statements, the proposal is really intended as what I understand the word proposal to be, just the set-up of the post might not’ve been optimal.
As I am apparently not the only person mistanking this as a take it or leave it CoC, I urge @system, @how or any other @staff admins to please clarify this in the top post.

Another thing I have not fully understood so far is the scope of this CoC’s validity.
While wanting to enforce it to all communication of people even outside of SocialCG/ SocialHub matters is probably unreasonable and a reach too far – even if we think that’s how nice people should behave anyways –, some of the issues tackled in the document are by concept taking place in non-official channels, e.g stalking.
As we all(?) know, most of Fedidrama happens just in the everyday networks we use, not in this special interests forum. As the document talks about the “[…] foundational concept […] that we all share responsibility for our work environment” I am not sure whether the scope definition is a good fit.

Where do we hinder them?
Feel free to do so. I am already occupied 100% with fighting the enemies of the majority fedi users and my work in the European Parliament. In the second screen with Minister Schulze now.

This proposal has been posted on February 2

But I did not know about a “deadline” !

Another thing I have not fully understood so far is the scope of this CoC’s validity.

Exactly the same.

Thanks for your feedback @kaniini and @schmittlauch

Agreed. We are hoping to have a loose statement of values and trust in the discretion of the chairs and (collectively not individually) forum moderators, rather than try to define a set of hard and fast rules. Because strict rules can always be gamed, and we end up making more problems than we solve. The idea here is to put out a statement that reassures members of this community that they are safe. By this I mean it is usually clear when some software is being used outside of the original developers control or knowledge, and we would not want to punish people simply for that. We are all only humans, and nobody controls the whole fediverse.

5 Likes

Please figure out a less draconian interpretation of this policy because your “most draconian interpretation” certainly does not reflect the intention. If you can find a better formulation, please do.
But if Mastodon developers are here, and Gab developers are not, there is a good reason.
The idea is to prevent hostile disruption, not to chastise AP developers. If you can see it as a statement of good faith, as a positive right (I think this is the issue at play here, that European right and U.S. right come from entirely different places, the latter leading to considering ‘most draconian interpretations’ while the former leading to consider the ‘spirit of the law’), then you might reconsider…

Is this the only change in your revised proposal? I see that you’re shifting the responsibility out of projects. That means we could have a Gab page here, but no-one from Gab could participate. I cannot see how this makes sense. I think a project has some control over their communities: forks or parallel projects only count as your community if you’re happy with collaborating with them. If you exclude them because of their ethics you will have “made a good faith effort to discourage such behaviours.”

Of course. You’re not responsible for people using your software. But you can still make some of them feel they’d rather use another software by refusing to normalize their oppressive presence in your community. That’s the whole spirit of the policy.

This is not a CoC, it’s a policy. W3C CPEC is the CoC. A ‘policy’ is something members of the community need to take a position on. If there’s no agreement, then there’s probably need to clarify both the intent and the text. The scope is the SocialCG and the SocialHub. It may affect the Fediverse positively but we’re not a State with an army, you know.

The ACM ethics board involves “non-discrimination” against… military status, and uses the notion of ‘race’, which, in my book, is racist, since this notion has no basis except in racist literrature. Seriously? Please, tell me to not discriminate Facebook and I’ll be happy to try and understand what it means to do reverse racism and find it acceptable. The W3C CEPC is a bit more progressive IMO.

The point of giving a time limit is exactly to draw attention on the topic and clarify things. That includes debates and amendments. But experience shows that such a policy could well be postponed indefinitely and this is not what we want. Instead we want to make a statement and get past it. It’s unfortunate that the main point of the proposal be side-stepped by details out of scope of the proposal. If you think the policy is against you, I certainly misunderstood your politics, @kaniini. Let’s find ways to clarify that developers are not responsible for downstream usage, but also that community members flagging instances, users, or calling a developer to do something about their downstream attitudes be actionable: if a developer is called upon that, for example, his new contributor is part of an organization promoting racism, then he should do something about associating with them, because this is in his reach.

This topic seems a bit fast. Please refrain from repeating yourselves, take time to respond, and leave space for other people to intervene.

3 Likes

Thank you
@rhiaro
and
@how

for clarifications and taking the time!

The reason Gab never came here is because they didn’t care about ActivityPub in the first place. They just wanted access to Mastodon’s ecosystem of apps.

From the perspective of somebody who has poured thousands of hours of time into ActivityPub, this requires risk analysis. When you are analyzing a proposal for risk, you must assume the most draconian interpretation possible: hope for the best, prepare for the worst.

I would rather determine what presences are tolerable in my community based on my own judgement instead of having people who are not part of my community making the decision for me. I have already drawn the lines in the sand I am comfortable with, but this policy proposal, as presently stated, would require a different posture.

Like with software licenses, we cannot assess risk based on what the current moderation team says their interpretation of the policy is – we must go by what the actual statement says.

Please limit the scope of this proposal to interactions with SocialCG only. If the intention is to meddle in how downstream projects run their communities, then when compared to the value of this community, non-participation is more fruitful.

We are adults, capable of making appropriate decisions for our communities, we do not need the threat of SocialCG expulsion as part of that process.

For the Web and the Social Web to be healthy, a wide variety of political views must be tolerated. No, this does not mean that we need to tolerate white supremacy or nationalism, or even work with those who do, but it does mean that we need to respect the boundaries of downstream projects.

Lets look at a hypothetical situation.

Say KiwiFarms downloads and installs your fediverse software for their instance, and then they find a problem with the software and open a bug. Under this policy, as presently stated, fixing the bug, or really doing anything other than banning them from the bug tracker, would count as collaboration, and the developers would then be in violation of the policy.

This is a problem because while KiwiFarms might have hit the hypothetical bug, other users are as well.

What if it is a security bug that is harming users? Should we wait until a different user reports the bug? What if they include a patch? Should we reject the patch and waste time writing a new one in a way that they cannot claim copyright on?

Why does SocialCG feel it is appropriate to force projects to evaluate these questions? If we are forced to evaluate these questions, the answer becomes clear: replace SocialCG with something else that does not force us to evaluate these questions.

The original point I was making here is that the ACM ethics board provides due process, meaning that the accused has the right to defend themselves from the allegations made against them. This protects everyone involved from abuse, and is something lacking in most of these policies, including this one.

However…

I find the fact that you find that distasteful concerning. In many countries, marginalized people wind up joining the military because they are poor and joining the military allows them to build a career and thus gain upward mobility. To discriminate against a person simply because they chose to take what options were available to them for upward mobility is disturbing, especially when, again, at least in the US, the military is the primary path for upward mobility for those living below the poverty line.

It’s not against my politics personally, but it is against my philosophy towards the scope and role of SocialCG as steward of ActivityPub. I believe, strongly, that ActivityPub is for all who want to use it (including Gab), and that this position results in a strong, robust, democratic Social Web.

Does SocialCG have an obligation to promote the software created by those platforms? Of course not, but honestly, should SocialCG be promoting any software at all?

Fight nazis in the streets, not by conscripting developers into fighting them for you.

In the first part of this sentence, you agree that developers are not responsible for downstream instances, but then (emphasis added) claim that the root of my concern is a legitimate scope of the proposed policy statement. You cannot have it both ways.

See the previous KiwiFarms scenario.

As “contributor” is not defined, we must assume that end-user bug reports (possibly with patches) are contributions. I want to write code and merge patches, not do background checks on potential contributors’ political beliefs.

Society has become hyper-polarized, and this proposal and everything leading up to this proposal are a result of that. It is important to think about why this has happened if we wish to champion an open, democratic Social Web, which is my primary interest, not litigation of a contributor’s personal beliefs.

If I determine I don’t want to collaborate with someone, I am capable of making that determination without SocialCG telling me who I can or cannot collaborate with.

If the scope is SocialCG and SocialHub, then why does it matter who uses or contributes to the downstream project?

Another hypothetical situation.

Say Gab comes back and reimplements ActivityPub, and then finds a security flaw in the way ActivityPub is specified. Should SocialCG ignore this report because it came from Gab?

I think it is important to consider how mixing politics into a technical community might be harmful for the technical output of a technical community.

If we find ourselves rejecting security reports or useful technical discussion simply because it came from a pariah, then we are ultimately harming the marginalized people the policy is trying to improve the safety of, by exposing them to security issues due to ignoring them because they came from a pariah.

Unfortunately the proposal as presently stated is not a collection of positive rights, but instead a collection of obligations for project managers to consider carefully.

If the idea is to publish a diversity statement, then publish a diversity statement, not a policy statement which imposes undue burden on projects which are already struggling with manpower issues.

In this sense, you can do that by writing a statement such as:


ActivityPub is a critical protocol facilitating interoperability in a diverse network of participating instances. Accordingly, as stewards of ActivityPub, SocialCG affirms that all are welcome to a technical community free of harassment. We recognize that disparities are present in the technical industry at large and strive to build a more open, inclusive and democratic Social Web. This means that behavior from participants which is not aligned with this statement is unwelcome. In those scenarios, SocialCG reserves the right to remove access to SocialCG resources.


The last thing I would like to say is that policies as the proposed policy is presently stated are formulated with good intentions, but then ultimately become utilized (due to their vagueness) against marginalized people that other stakeholders disagree with.

The USA Patriot Act was created to enable investigation and criminal prosecution against supporters of the Al Qaeda terror organization. However, in reality, most uses of the USA Patriot Act involved surveillance of anti-war protestors or people related to anti-war protestors.

It is important when formulating policy to consider how people down the road may abuse that policy to their own ends.

As presently stated, this policy extends guilt-by-association (and thus the possibility of punitive action) to project developers who have no actual control over what end-users do. It is possible to achieve the goals of the policy statement by rewriting it in a way that does not impose this obligation on downstreams. Doing so is critically important if SocialCG is to be seen as the legitimate steward of ActivityPub.

If this policy goes into force without substantive rework, please delete my account at that time.

@kaniini, I find myself once again in agreement with most of what you say, and I have argued in similar direction in other conversations.

From my understanding everyone is in agreement (but anyone pls chime in if they see it differently) that the effort to ‘provide community safety and ensuring community health’ - part of which in form of a policy, CoC, diversity statement, or whatever we agree it to be - is indeed scoped exclusively to SocialCG, SocialHub and affiliated sites plus repositories.

I’ve also argued that - though technology is not neutral, and this community not entirely apolitical - we should try to be as neutral as possible, but with clear values and boundaries than cannot be crossed (without consequences, moderation action, etc.)

Because after all - and this may also need to be better defined - we are a community hub that exists for the purpose of:

  1. Evolving ActivityPub / Fediverse technology standards and practices, and the adoption of these by developers.
  2. Discussing / researching / improving / advocating Fediverse culture, social structure and new appliances.

(I know that most people currently in this community joined on the premise of point 1. Positioning is open for discussion, OT here)

Now as for the reason of some of the points in the policy that led to most discussion. A not-so-hypothetical case (because it happened) where the project of a member itself led to controversy, multiple people expressing concerns and one other leaving the community (but returning when seeing this effort).

Think of a case where the imagery used in the project itself (e.g. project logo, opengraph images + description, names used, etc.) does not conform to community values. So by even pasting a link into a forum post one would cross the line.

(I think in the particular case that we dealt with, it was debatable whether the action was warranted, but notwithstanding that fact people were feeling really uncomfortable / unsafe. So action was taken)

Edit:

I forgot to mention that related to point 2. above, an example of discussion within scope of SocialHub imho is a topic I created yesterday, namely: Improving fediverse culture and social behavior. The various tracks to achieve this improvement boil down to technical solutions and advocacy approaches.

1 Like

The problem is that while the intent is that the policy statement be scoped to projects affiliating with SocialCG, it is phrased in such a way that projects are responsible for their downstream users, which they have no control over.

Mastodon can’t control the fact that counter.social, Gab and dozens of alt-right instances use their software.

Pleroma can’t control the fact that KiwiFarms, Spinster, and dozens of alt-right instances use their software.

The policy statement as presently required would require Mastodon and Pleroma to reject all forms of contribution from those groups, including security-impacting bug reports, lest falling in violation of the policy statement, and thus being exposed for punitive actions from the SocialCG admin team.

This is completely absurd, but it is how the policy statement is worded, and as a result concern trolls will demand it be applied that way.

Until and unless there is explicit recognition of the boundary between SocialCG and project autonomy, I will not agree to this policy statement and I encourage all other developers to also reject it.

Thank you. Yes, this point has been clearly made. I feel it needs no further repeating, only improving.