- cross-posted to:
- privacy@lemmy.ml
- cross-posted to:
- privacy@lemmy.ml
This shouldn’t come as a huge surprise. Meta is moving forward with their plans for Theads and the Fediverse, and their adjusted terms reflect a new impending reality for Fediverse users.
Technically. Yes.
But doing so is onerous enough that I can’t see it as any sort of “threat”.
And again… Defederating does absolutely zero to restrict Meta from being able to access your info. Defederating means you don’t see Meta. It doesn’t block Meta from seeing you.
You don’t even need to dip your toes into ActivityPub to scrape most of the data. It’s public – aside (I think) from just user IP addresses on Mastodon. And in the case of Lemmy, I don’t think there’s anything you can’t access from outside of ActivityPub.
Defederating actually does stop Meta from accessing data (at least through ActivityPub) if you enable AUTHORIZED_FETCH / similar. That setting requires remote instances to authenticate themselves, which prevents blocked instances from querying anything. IIRC, Lemmy either already supports or plans to support that same feature.
Meta could, of course, just use web scraping, but that can be prevented with DISALLOW_UNAUTHENTICATED_API_ACCESS. Although admittedly, I don’t think Lemmy has this feature yet.
Even DISALLLOW_UNAUTHENTICATED_API_ACCESS can be easily bypassed by creating a client that logs into mastodon.social (for example), and just gobbles up the Federated feed.
It’s what the FediBuzz relays are now doing in order to keep single-user instances viable and not funnel everyone to the same 3 instances.
Unfortunately, if Meta wants to be shitty, they’ll be shitty. Even stuff like robots.txt & nofollow tags are just polite requests that can be ignored by shitheads.