FetLife’s stance on privacy is the same as the RIAA’s stance on piracy, which is the same as Burning Man’s stance on scalping, which is the same as anti-trafficking activist’s stance on sex work. In a sentence, it goes like this:
“Punish anyone visibly breaking ‘the rules’ and ignore everyone invisibly breaking the rules, because these rules aren’t actually there to help anyone except ourselves, and we really need them to believe the rules we set out help keep them safe.”
Here’s the thing:
- Everyone knows DRM doesn’t stop piracy, and yet…RIAA sues computer-less family. In other words, DRM only frustrates legitimate users, while doing worse-than-nothing to stop “pirates,” it actually increases piracy.
- Everyone knows Burning Man tickets are often scalped for greater than face value, and yet…“We’re…going to reward the scalpers who don’t use their real names?”
- Everyone knows a paper trail helps law enforcement stop sex trafficking, and yet faulty logic is employed to censor the Internet under the guise of protection: “Taking something that is visible and making it invisible makes a politician,” or, I’ll add, the founder of a social networking website like FetLife, “look good, even if it does absolutely nothing to help[…]. It creates the illusion of safety[…].”
Some clear, yes-or-no official answers to the following would be nice; it’s not immediately obvious to me that these have been unambiguously addressed:
- Did FL ‘catch’ Maymay doing this? Or did TeamFL find out what was happening because Maymay was live-blogging / -tweeting what he was doing as he was doing it?
- Would TeamFL know — as it happens — if someone else was doing this type of ‘security breach’ & the perpetrators were not live-blogging about it & did not make their results searchable on Google, just hung onto the data for their own purposes?
- Does TeamFL have any way to tell if this kind of thing has been done in the past by more secretive hackers?
- Has TeamFL eliminated the ability for this to happen again? Is that even possible?
- Is content which is ‘deleted’ from FL actually permanently deleted from the internet? Or does that content still ‘float’ around out there somewhere the tech-naive know nothing about, even if just for some window of time after the user ‘deletes’?
- Does TeamFL plan on doing more to warn FL users that nothing uploaded here is ‘private’, ‘safe’, or ‘protected’, given how many people indicate that they do think that FL is ‘safe’, ‘private’, &/or ‘protected’?
I’m always appalled at how many FL’ers do seem to think that their content is ‘safe’, ‘private’, or ‘protected’ on FL. For the record, I’m both ‘out’ & tech-savvy enough to know that FL (& the greater internet) is not ‘private’ in any substantive sense, that not even the ‘friends only’ settings offer much ‘privacy’.
In other words, I’m not FetLife’s enemy, despite FetLife’s and many of its users’ insistence to the contrary. Why am I not FetLife’s enemy? Compare the actions I took to the actions someone actually trying to do harm would take:
- I woke up yesterday morning and spent an hour or so writing a trivial (even stupid) 50 line PHP proxy, with no attempt, technically or socially, to hide what I was doing. Then, immediately, I publicized that fact as loudly as possible to focus intense attention on the technicalities.
- An actually malicious person would at least spoof referer and user-agent headers, and re-route their traffic through an anonymizing network like Tor, not to mention not publishing their work publicly and loudly shouting from the Internet’s rooftops that they were doing this! (Obviously.)
An actual enemy, folks who are already data-mining FetLife (if at least for the LULZ, but likely worse), isn’t going to live-tweet the fact that there are problems. They’ll just use the fact that there are problems to do whatever they wish, with no one else the wiser. As the messenger of uncomfortable truths, I’ve become familiar with getting shot (although FetLife sycophants like @LoveorLust prefer, and I quote, “Skinning…and…adding salt and crushed glass to the mix”) each time I do this, which is often:
I am very good at finding information. So are a lot of people. Most of the people who are really good at doing what I can do with information don’t care to show you how good they are at it. They would far rather keep you unaware and ignorant of what can be done with such information. Most of them are so good at it that they are hired by corporate or government interests for this ability. When that happens, they gain far, far more tools than I currently have to do what I can do even more quickly and more thoroughly. For most of us, corporate or government interests are not a threat worth worrying about. It’s people with personal grudges that are a real threat[…].
Clearly, I make many of you uncomfortable, or angry. Moreover, some of you believe me to be a threat of the form you describe. I certainly could be, no one’s denying that. But am I? Look at my actions, use the paper trail you know exists, compare them to the ones in your story, and try to figure out if my actions match your abusers’.
I’m not trying to tell you what is or is not dangerous to you—that’s up to you to assess. What I am trying to tell you is that there are things we don’t know, and by being uncomfortable, rather than being in danger, we can find out what those are so that we can choose to learn more about them or to dismiss them. But at least we will be choosing. We can not choose to do anything when we do not know that we do not know something.
Clearly, FetLife makes a lot of you comfortable. I think that’s very dangerous. It’s dangerous not just because it means you’re publishing information about yourself that anyone with an email address can access trivially, information that you clearly don’t want to make that public! It’s also dangerous because it keeps you isolated from people who do not spend time in FetLife. It filters its users’ reality to such a degree that many of its users are not even aware of. Worse, they don’t know that they don’t know this, and that’s the most dangerous thing of all. It creates a social filter bubble.
And THAT is what the BDSM Scene proper does, too. That is what ALL Scenes do. That is not just dangerous, that is oppressive.
If we do not understand how these Scenes work to filter information, then we are vulnerable to being controlled by those who do. We need to make sure that they’re transparent enough that we can see what the rules are that determine what gets through the filters, and ultimately makes it to us. I can make you uncomfortable because I can influence the filter. This is a power we need to be aware at least EXISTS, if not gain, ourselves.
Anyone who, after all this, still naïvely believes that FetLife and its powers-that-be are invested in your having the knowledge you need to have power over your own environment is, yes, delusional. So far, the single best comment about this entire issue comes from StudentEarthpig:
[Revealing personal information is] easier on Facebook than here [on FetLife].
Facebook even has a download link. Here’s a screenshot.
That’s more or less precisely why it isn’t a concern on facebook. No one is given a false sense of security and privacy. If the powers that be simply tell everyone “look, this really isn’t a secure area, check out this download button,” then it isn’t on the powers that be if people act like it is a secure area.
FetLife has this odd sort of security by obscurity thing, but it isn’t really obscurity… it’s security by non-tech-savvy-ness. If I make a circle of friends that aren’t tech savvy and I myself am not, there’s a good chance we will all convince ourselves this is a super secret secure place to post dirty little secrets about ourselves that would fuck our lives up if discovered.
This is so important, it deserves repeating:
If the powers that be simply tell everyone “look, this really isn’t a secure area, check out this download button,” then it isn’t on the powers that be if people act like it is a secure area.
For years—years—I have been harping on this one point. I have explained and re-explained my own motivations countless times. I have done this until I literally could not stomach the thought of doing so again. And then I did it again.
- Many say, “If you don’t want your personally identifiable information made public, don’t post it on the Internet.”
- While it sounds like common sense, this statement neglects to consider the fact that it’s impossible to use social media without providing “personally identifiable information” because what makes such networks valuable is such information.
- Companies know this, which is why social networks—including FetLife—are in the business of collecting your personal information.
- The people for whom “personally identifiable information” is not dangerous to be made public are people in positions of institutionally-backed power (they have many, often intersecting, privileges, such as myself). Therefore, when these people are suggesting that others not post to the Internet, what they are saying is, “You don’t deserve to have an online safe space for your self-expression.”
When it comes to FetLife, all of its users are marginalized (although some, like queer, POC youth, for instance are obviously even more disadvantaged) since FetLife is focused on sexuality and so much of the Internet is so hostile to sexual expression. In contrast, FetLife is a downright treasure precisely because it encourages sexual expression in a way literally every other large virtual public square that has ever existed in history has never done.
Doesn’t such a treasure—not FetLife.com the website, but your sexuality and the sociopolitical environment in which it was made possible to express—deserve serious, passionate protection, even love?
I have made that very case countless times before, too:
Both FetLife and Facebook arguably have monopolistic control over their users’ online social lives. But of the two, FetLife is in a far more trusted position because many people who use it do so precisely to avoid using services that aren’t friendly to sexual expression (like, say, Facebook). In other words, most of FetLife’s adoring fans don’t just treat the company like a friend, they treat it like the friend they send naked photos of themselves to, the friend they ask to pass on the sexually explicit note they wrote to their sweetheart(s). And not just any note, but the note about that totally taboo fantasy. Because, why not? That’s okay here! I mean, it’s FetLife, not Facebook!
And y’know what? That’s actually really cool! No, not just cool, that’s awesome. And not merely awesome, but culturally necessary. Just in case it isn’t clear, yes, I’m actually praising FetLife. But as the only large social network not actively hostile to (most) sexual expression, FetLife has also become the single, giant basket many of us have placed our eggs in. And that makes it even more important for FetLife to go the extra mile to secure us.
Yet FetLife does less-than-nothing to protect us; like the Emperor they are, they lie about their new clothes. And many of its users, these “well-adjusted” courtiers, having vested interests, see the Emperor as beautifully appointed. These courtiers who are simultaneously dismissive and outraged over my actions are the ones telling you, dear FetLife user, that you “deserve whatever approbation, embarrassment or other difficulties caused by your revealing sensitive details.”
But in a compassionate society like the one I am working to make, we would not abandon anyone across the digital divide because everyone has a fundamental right to express themselves, sexually if they wish, safely on the Internet.
And what does safety mean? Since having a false sense of security is more dangerous than having an awareness of one’s very real vulnerabilities, safety partly means aligning (and, if necessary, re-aligning) your beliefs about your reality with others’ ability to influence your reality. If you truly believe FetLife’s PR, then you have nothing to be worried about. If, on the other hand, you feel “completely violated,” then perhaps your beliefs about the reality of your existence in FetLife are not as well-aligned as your behaviors indicate.
Shooting the messenger will not change the message. When you get right down to it, all I did was remind you of that in a way you did not ignore.
Finally, I want to share an excerpt of this note I received privately—one of numerous messages I’ve been receiving privately over the course of the past day—because it warms my heart and, among all the vile, ad-hominem insults that make up so much of the boisterous Internet, these supportive private correspondences mean very much to me:
You’re a bit of a guardian angel for the BDSM community, you know? Admittedly, of the terrifying otherworldly avenging angel variety much of the time. ;) I don’t really understand why you take such good care of them in spite of all the rocks their puny kings and minions throw at you…except, of course, I do and I love you for it. You’re not guarding “the community”, you’re guarding the people in it. That’s noble work, and painful work, and tricky work[…]. Watching you do something this difficult so skillfully is beautiful; it also makes me[…]worry about your health a little and wish I could be there to support you in person. You have so much love for so many strangers. I realize that being a cyborg makes them less strange to you than you are to them, and I know this is an important part of your own Work regardless. Still, these people don’t love you back and that makes my heart hurt for you. That kind of unrequited passion is an incredible drain on a person. I hope you’re taking especially good care of yourself, mind and body, and that you’re setting boundaries around your engagement to the best of your ability.
I’ve made my point. Again. I may come back and make the same point yet again. I may in fact keep doing this until something actually improves in the architecture of the technology we use to make virtual safer-spaces.
But not today. It’s time to set one of those boundaries around my engagement of this issue. Let’s not forget that an equally important and very related issue is still raging: FetLife must adopt Proposition 429 immediately. (As an aside, I find it telling that many of the same people who are quick to throw out my name for the FetLife wankfest of safety are also against allowing its users to name alleged perpetrators of sexual assault….)
Consider the possibility that our collective energy is better spent forcing FetLife to make things better for us. And, consider, you do not need to play by the rules they set out for you. Ever.