Concerns about making follower and followee lists public to everyone

[bengtan]

There's some concerns about exposing the follower and followee lists and making them public to everyone.

Obviously, there's privacy concerns, and this is a place where people can express them. Feel free to post your comments here.

---

I have one technical concern (first raised by @bernardd to me):

How does this interact with the ability to 'block' other users? 'Blocking' is something we implemented a long time ago. It's since been taken out of the app but it remains (albeit unused) on the server side.

[zavreb]

@thescurry ^

[bernardd]

I'd be interested to know what the use case is for these features. I can understand wanting to know which of my friends/followers are also following other users, but beyond that it seems like a source of data that can be mined with unintended consequences. In our call, @toland brought up the example of a wife who's left an abusive husband. Let's say she moves to a different town and follows a couple of people who create bots there. That provides a nice route to track her down. I'm not saying it would be trivial, but why even make it possible? Basically, I feel like these kinds of operations really need to have the privacy stuff addressed, at least in an initial form, before they're implemented rather than trying to retrofit it afterwards.

[bernardd]

An additional concern: In its current form, this command can be used to trivially retrieve all users that are in any way connected to a given user - that is, you can essentially spider the entire user's network as far out as it goes. I'm not sure what the maths of it is like, but I suspect that in a large network like Facebook, that could end up being the vast majority of users from almost any given starting user. It basically provides a way to get most, if not all, of the users in our system.

[zavreb]

@bernardd, the primary use case in enabling this is to increase propagation efforts within tr.

It is common for social media apps to provide this type of information, specifically Instagram.

Nonetheless, I do agree that since we are a "location-based" company that the information could be much more sensitive vs. "images". Thus, it's starting to sound like a feature like "blocking" will have to be prioritized if we're going to allow users to see each others' following & followers. Moreover, Instagram does provide a "private" feature where accounts are not public and users get the chance to "approve" new followers instead of these followers automatically having access to their User Profile public bots.

Meaning, 1) if I were an abusive husband tinyrobot would make it very easy for me to publicly view my wife's PUBLIC bot material 2) I would never have to "request" a relationship with her to view her PUBLIC bots within tinyrobot because there's no such thing as a private account 3) the wife would never realize her abusive husband would be mining her account for PUBLIC bots.

So perhaps a combination of having "private" accounts and "blocking" capabilities may protect these users. Also, atm, as a temporary fix (cc: @thescurry) we could disable abusive accounts from tinyrobot until we figure something out. I also don't think we can rely on users being careful and only creating private bots to protect sensitive information, because then we stuck ourselves in the hole where most users will want to create private bots, which will then decrease our propagation efforts for content within tr.

Thoughts?

[thescurry]

Hello Team, thanks for the concern. How is what we are proposing different from what Yelp is doing? I can follow anyone in that app and see all the places that they post reviews about, I can see when they "check-in" in real time at restaurants (actually giving me their current location) and I can also see all their previous reviews, places they've checked in, etc.

We are not giving away the users current location, nor are we giving away their previous location without consent. Users create all the content on our platform, they decide to publish these locations or not (and they can even make them private). I think we should make this a talking point for Thursday. However, please take some time to review some of the apps mentioned in this ticket, what we are proposing is common place in social media today... so I don't want us to get stuck on solving a problem that isn't really a problem. Tho, please do feel free to poke holes in my assumptions... a healthy discussion is very welcome.

What we are trying to do here is make it really easy (especially early on) for users to find other interesting users to follow. This is an app where you make public bots to essentially curate the world around you. I'm not sure how this is going to work if we refocus on keeping people from easily discovering interesting bots/creators. Also blocking will be making a comeback, it's just temporarily shelved. Happy to discuss the priority of this bit too.

[bengtan]

(I'm currently neutral on this topic and undecided, but keeping an open mind.)

A couple of comments.

Github also displays a list of followers and followees. That's something else we can use for comparison.

And

Quoting @thescurry:

I think we should make this a talking point for Thursday

Except that @bernardd doesn't attend the Thursday meetings.

[bernardd]

How is what we are proposing different from what Yelp is doing?

Yelp allows you to block people. It also allows me to stop people being able to find me by name or email address, both of which we have no method for doing.

Github also displays a list of followers and followees.

The "content" a user publishes in github is relatively benign in terms of giving away any personal information. Plus, they also have a blocking option.

Also, atm, as a temporary fix (cc: @thescurry) we could disable abusive accounts from tinyrobot until we figure something out

I think disabling (or more properly banning) abusive users should be a given, regardless of anything else. If people want to be the subject of abuse and hateful vitriol, then that's what we have Twitter for :) Which raises the question, of course, of being able to report users for such behaivour.

I think at a minimum this feature needs to go along with implementing blocking. I take @thescurry's point that we want to be about connecting, not getting in the way of it, so maybe that's sufficient for the time being, but I'd feel extremely concerned if we went to release without at least that basic functionality.

Except that @bernardd doesn't attend the Thursday meetings.

That's fine, I think Phil and I share largely the same concerns. I'll let him and my notes here cover for me :)

[thescurry]

Thanks for your feedback @bernardd (@toland via proxy) and @bengtan. Will discuss and get back to you guys.

[zavreb]

This can be closed will enable feature: blocking