We're months removed from the Cambridge Analytica scandal and the public outrage of #DeleteFacebook, and new information continues to surface about Facebook's sloppy handling of data and hunger for surveillance. Last month, we learned about an Orwellian patent that might allow Facebook to track you via mobile microphone. Though some have cast doubt on the reports, mobile spyware like the now-infamous Alphonso do track mobile devices via sound emitted by TVs.

Yale Privacy Lab has been warning about proximity tracking via mobile sensors and microphones, and Exodus Privacy's excellent scanner will help you find nasty trackers that utilize similar spy methods. The only way to really dodge Facebook's lidless eye, however, is jumping ship from the social network to a privacy-respecting replacement.

There is no shortage of alternatives, but you won't find surveillance sanctuary in Facebook-owned Instagram or ad-powered, centralized networks like Nextdoor. Instead, you'll have to jump into the "Fediverse", a constellation of Free and Open-Source Software (FOSS) replacements.

Mastodon is the fastest-growing of the FOSS social stars, and its links to the rest of the Fediverse are strengthened by the new ActivityPub standard. In a recent blog post, lead developer Eugen Rochko (@Gargron) sums it up nicely: "The social network that is Mastodon isn't really Mastodon. It's bigger. It's any piece of software that implements ActivityPub. That software can be wildly different in how it looks and what it does! But the social graph – what we call the people and their connections – is the same."

Are we really witnessing the origin of an all-new, all-different social Web? For deeper insight into the Fediverse, read my short interview with Eugen, below.

What is Mastodon and how is it different from social networks such as Facebook and Twitter?

Mastodon is a decentralized social network that uses standard interoperability protocols and is completely [FOSS]. What this means is that anyone can run a Mastodon server, and the users of those servers can talk to each other. More than that, non-Mastodon servers are also part of this network if they conform to the same protocols. This means that Mastodon is more future-proof than Facebook or Twitter: Even if Mastodon-the-software falls out of fashion, the network can be simply continued by other interoperable software. You don't have to tear out your entire social graph to have all friends migrate to something new if that happens. Furthermore, Mastodon allows self-determination and control. When you run a server, it's yours. Your rules, your community, hosted on your hardware… you don't depend on anybody, definitely not on a [Silicon Valley headquarters]. There are a lot of other differences to Facebook and Twitter too.

Where did Facebook go wrong as far as privacy is concerned? How can federated social networks do better?

Facebook is a vacuum for private information. It uses dark UX patterns to solicit every detail of your life from you, but also from your friends. It also builds shadow profiles about people even if they don't use the platform, through e.g. the contact books that people let it access, or from social sharing buttons on random websites. It's quite easy NOT to do that. If you don't intend to advertise to people then you don't need to know everything about them. Mastodon lets you broadcast messages to the public and to your friends, but there is no incentive to convince you to reveal more than necessary. The format of Mastodon is a lot closer to Twitter and Instagram than Facebook specifically, but I think that's a detail of decoration. Facebook replaced MySpace, and they were different formats as well. It doesn't have to be the same thing to be an alternative.

What is unique about federated social networks? Where can they improve upon Facebook and the traditional social networking models?

Federation is key. In my opinion it's one of the most ideal forms of decentralization, and it can be found in many real-world institutions. There is no single point of failure and top-down authority like in a centralized system, communities can spring up by themselves, just like in the old days of the Internet… except now they are interoperable, so content can travel freely between them. And unlike peer-to-peer solutions of decentralization, some issues are avoided, such as having to encounter and moderate all bad content on your own (instead, servers have mods, and your server neighbours can help with reports), or having to be online to receive messages (the server is the one being online), or synchronization between devices.

What can we do about audio, video, and multimedia, to make publishing and sharing of these formats federated and decentralized?

Mastodon allows images and videos up to a certain size limit. The servers cache this content so end-users are not hotlinked to another server, this saves the origin server's bandwidth and protects end-users from leaking their IP address to a different server. Of course, this approach brings challenges when file sizes grow. PeerTube, a federated video sharing platform, takes a different approach by using WebTorrent (BitTorrent over the browser). This does reveal the end-users' IP addresses to other end-users who are watching the video, but bandwidth costs for the origin server are lowered and other servers don't have to download and cache large files. A very similar approach to that is using IPFS. With IPFS, servers can cache large files (essentially also using a form of the BitTorrent protocol), and end-users can either peer with the IPFS network directly or use a gateway server to view the content.

How has the Facebook "scandal" affected federated social networks so far?

With growth and press attention, so quite positively. Privacy-minded people have been ringing the alarm bells about Facebook for years, but right now is when this idea is entering the mainstream.

Can Mastodon avoid the same pitfalls/errors as Facebook?

I think so, and I wouldn't be here otherwise. We have to be careful and thoughtful about our design decisions, but many of the fundamental differences between the platforms are reassuring.

How does Mastodon stand out, improve upon, or interop with the various social media projects of the past (StatusNet/GNU Social, Diaspora, Friendica, etc.)?

Mastodon begun as an OStatus implementation (this is the protocol that StatusNet/GNU Social implement), but it was quite dated and lacking in features, and OStatus never left the draft stage to become an official standard. So halfway through 2017 we performed an upgrade to the newer ActivityPub, which would, after our implementation, become a W3C-recommended standard. PeerTube, Hubzilla, Friendica and MissKey are some of the other softwares that implement ActivityPub. Support for ActivityPub in GNU Social has been planned, as far as I am aware. Furthermore, people are working on other implementations, such as Kroeg, Rustodon and Funkwhale.

Mastodon differents from GNU Social in having more privacy-oriented features, more moderation tools, a simpler/elegant API for client apps, a real-time streaming API, better content discovery mechanisms, and a more attractive user experience. Friendica and Hubzilla have a quite different user experience to Mastodon. Diaspora is the one big-name project that is completely incompatible with Mastodon because they use their own protocol rather than ActivityPub.

Where do we go from here (standards, interoperability, etc.)?

ActivityPub is already a W3C-recommended standard! And I am proud to see more and more implementations spring up. It's a really generic protocol that can support many different use cases of social networks. Microblogging, photo sharing, event planning, video hosting, it's all possible and beautifully interoperable. Ironically, perhaps ActivityPub is the thing that will truly "connect the world", rather than Facebook who that catchphrase belongs to.


Eugen Rochko is the creator and project leader of Mastodon.

Sean O'Brien is a lecturer at Yale Law School and leads Yale Privacy Lab, an initiative of the Information Society Project.