After a machine learning librarian released and then deleted a dataset of one million Bluesky posts, several other, even bigger datasets have appeared in its place—including one of almost 300 million non-anonymized posts.
in a practical sense you’re completely right. However in a legal sense, I am not sure implementing ActivityPub on your website and not restricting federation doesn’t mean you’re not allowed to still impose legal conditions on access to the data that your website is hosting. I am not sure that the nature of the protocol completely absolves you of liability.
to be extra clear. I am not making any kind of claims here. I’m only saying that I am not sure the answer is a simple one
I’m sure you’re allowed to impose legal conditions on your data, but the AI folks have very clearly shown they don’t care and would prefer to just fight it out in court years and years later, if ever.
From a copyright point of view… the rights to each piece of content are of each owner… but each owner is sharing that content with an instance, with the intent of it getting re-shared to further instances.
In a strict sense, most instances are in breach of copyright law: they don’t require users to agree to an EULA specifying how the content will be used, they don’t require federated instances to agree to the same terms, they don’t make end users agree to the terms of other instances, and generally allow users to submit someone else’s content (see: memes) without the owner’s authorization, then share and re-share it across the federated network. A fully “copyright compliant” protocol, would need to have these things baked into it from the beginning… which would make joining the federated network a royal PITA.
With the current approach of “like, chill bro”… anyone can set up an instance, federate with whatever target or federated-of-a-target one, and save all the data without any consequences. The fact of receiving federated data, carries an implicit consent to process that data, and definitely does nothing to prevent random processing.
Scraping the web endpoint of an instance, carries the rules set by the EULA of that endpoint… which tend to be none, or in the best case, are that of the least restrictive instance offering that federated data.
All of that, before scrapers simply ignoring any requirements.
Legislation is so far behind these issues, I expect AP to be replaced by whatever comes next before legal considerations have any impact. And what’s Joe Smallserver going to do? Sue Google?
I agree with your theory, but while in theory, theory is the same as practice, in practice, it doesn’t.
in a practical sense you’re completely right. However in a legal sense, I am not sure implementing ActivityPub on your website and not restricting federation doesn’t mean you’re not allowed to still impose legal conditions on access to the data that your website is hosting. I am not sure that the nature of the protocol completely absolves you of liability.
to be extra clear. I am not making any kind of claims here. I’m only saying that I am not sure the answer is a simple one
I’m sure you’re allowed to impose legal conditions on your data, but the AI folks have very clearly shown they don’t care and would prefer to just fight it out in court years and years later, if ever.
Tech bros have never understood concepts like personal property, privacy, or stopping when asked.
From a copyright point of view… the rights to each piece of content are of each owner… but each owner is sharing that content with an instance, with the intent of it getting re-shared to further instances.
In a strict sense, most instances are in breach of copyright law: they don’t require users to agree to an EULA specifying how the content will be used, they don’t require federated instances to agree to the same terms, they don’t make end users agree to the terms of other instances, and generally allow users to submit someone else’s content (see: memes) without the owner’s authorization, then share and re-share it across the federated network. A fully “copyright compliant” protocol, would need to have these things baked into it from the beginning… which would make joining the federated network a royal PITA.
With the current approach of “like, chill bro”… anyone can set up an instance, federate with whatever target or federated-of-a-target one, and save all the data without any consequences. The fact of receiving federated data, carries an implicit consent to process that data, and definitely does nothing to prevent random processing.
Scraping the web endpoint of an instance, carries the rules set by the EULA of that endpoint… which tend to be none, or in the best case, are that of the least restrictive instance offering that federated data.
All of that, before scrapers simply ignoring any requirements.
Legislation is so far behind these issues, I expect AP to be replaced by whatever comes next before legal considerations have any impact. And what’s Joe Smallserver going to do? Sue Google?
I agree with your theory, but while in theory, theory is the same as practice, in practice, it doesn’t.