"Private" Posts / Visibility Settings

[Heartade]

The equivalent to Twitter's private account or Circles has been requested by a lot of users. While we can't implement private posts like those of Twitter, we can at least ask servers and clients to comply with visibility settings, like on Mastodon.

This has to be implemented before federation opens, as we should expect this to work immediately without having to wait for other servers to update.

Implications

A user can add friction to minimize the chances of unintended audiences seeing their posts.

Details

• Ideally, the user should be able to set the intended visibility of individual posts:
  • Visible to everyone.
  • Only visible to their followers.
  • Only visible to members of a specific list.
• The user should be able to set the default visibility of their posts.
  • Both Twitter and Mastodon default to 'the visibility of the last post'.
• A reply to another post should inherit the visibility settings of the original post.
  • This prevents the original author from not being able to see the replies, and potential abuse using replies only visible to the replier's followers.
• Reposts and quotes of another post should inherit the visibility settings of the original post for the same reasons.
  • "private" posts should still be able to be reposted and quoted, but the repost/quote should only be visible to those who can see the original post.
• The user should be warned, at least once, that visibility settings do NOT guarantee complete invisibility from unintended audiences. (e.g. in case of screenshots, malfunctions, etc.)
• We should perhaps name this setting "intended audience" instead of "visibility" to prevent the illusion of complete privacy implicated by terms like "private posts".
  • Merging this with Opt-In Hashtags settings might also work.

Feasibility

We should be able to filter out private posts that should not be visible to a users on multiple levels, including Feed Generators and Clients. This would hopefully ensure that visibility settings remain valid even if a layer doesn't comply. It would be better if people are able to report and block servers that do not comply with the visibility settings.

Basically, if we can implement Opt-In Hashtags, this could work as well.

Perhaps also related to #28.

[mm14kwn]

"we can't implement private posts like on twitter" - why is this? It's a basic safety feature all other social networks have.