Can we have online journaling while maintaining privacy?

I've been blogging for over 11 years now, for better or worse. I cringe a bit when I look back at some of my older posts, but I'm loathe to delete them, because it's who I was then. I've also maintained a Livejournal (LJ) or Dreamwidth (DW) account for almost as long, where I've made posts of a more personal nature. How did I decide where to post, where the dividing line was? It came down to two things: 1) How personal the post was, and 2) where my intended audience was. Back in the mid-00's, many of my friends and acquaintances had public blogs, but were no on LJ. That meant that if I wanted them to know how I was doing, I had to post for the world to see, even if that meant future employers with boundary issues would see those posts out of context. As the blogosphere slowly deflated and I entered Boston-area social groups where LJ was more common, the choice became easier. Then Facebook rose to supremacy, and I chose not to jump off that particular bridge... but now it's much harder to have an online social life.

I really miss that, but Facebook is not an option. How can we return to the days of easy journaling? I'd like to lay out what I see as (a) central problem, then ask you for ideas in solving it.

I think I've boiled the problem down to this:

  1. Personal opinions, stories, and details are best put behind access control;
  2. Access control requires a common protocol or platform;
  3. Protocols lose to platforms since the latter can adapt to needs and desires faster;
  4. Platforms suffer from the network effect, so there can only be one or two giant platforms, such as Facebook;
  5. Giant platforms are a privacy nightmare and a danger to the public discourse.

Let's walk through that. Hopefully you can point out some weak links in this chain, some ways we can avoid the ugly conclusion.

1. Journals need access control

Here are some types of posts that I might want to make in a journal without fear of who might casually encounter them later:

  • Requests for advice about a romantic relationship
  • Ill-informed ramblings about a subject I then become well-versed in 7 years later
  • Political opinions that are individual enough that everyone hates them, not just half the country
  • Here's-how-my-day-went trivia
  • Anything I wrote more than 1/3 of my life ago

Access control means being able to lock co-workers out of a post about my current job, or a friend out of a post about social drama. It means not having to think long and hard about "will I always stand by these words" since I can always take the post down later and search engines won't have a cache for people to view. It means having any kind of say in how I present myself, since I present myself differently to different audiences, and I can choose my audience.

LJ and DW implement this as "friend groups" or "access filters"; I can then mark a post as public, friends-only, or locked to a specific group of friends. This does not prevent problems like "Alice is just a friend now but a coworker later" or "I'm fine with Bob looking at my current friends-only posts but not the older ones" but there are both workarounds and enhancements to be had here.

I think we can agree that Access Control Is a Good Thing For Journals.

2. Access control needs a protocol or platform

If we're to have journaling with access control, I think there are only two broad categories of how to go about it: Protocols and platforms. (I'll be drawing a similar distinction to Moxie's federated vs. centralized services, although I disagree philosophically in many places with his arguments.)

A protocol is an agreed-upon way for computers to communicate. The simplest example of a journaling protocol with access control would be "I send my journal entry to people as an email". Wouldn't that be awful? But not everyone would have to use the same email host or way of accessing email. Perhaps something more sophisticated: A desktop or mobile app that similarly sends messages out to your friends, where a copy is then stored locally, and comment threads are distributed transparently and collectively across your laptops and phones. Those ideas both implement access control as "who do I send this to", although you could also do it with encryption: "Who do I encrypt this for". Fancy! But importantly, the protocol doesn't rely on any one website, any one mail provider, or any company at all.

A platform is a website or service that one entity controls, and other people talk to. Think of Facebook here, or Livejournal. All of your posts are stored on the site; all of your interactions with other users are mediated through that site; all the Facebook mobile apps talk to Facebook, not to each other or other services. Livejournal is the same. Platforms generally implement access control as a central database that contains statements like "Alice is a friend of Bob" and "Bob made post 401125". Alice can then see Bob's post 401125 when she logs into Livejournal, because LJ is where the post and its metadata reside in the first place. LJ decides who sees what. One hopes that they do this in accordance with the user's wishes.

3. Protocols lose to platforms

I'll largely defer to Moxie's aforementioned post for this argument, but I'll summarize it here: Protocols are slow to change in order to respond to a changing world since everyone has to cooperate, while platforms, being under central control, can change themselves very quickly (whether you like it or not). Users get impatient and choose the platforms. Even worse, platforms sometimes eat protocols:

Indeed, cannibalizing a federated application-layer protocol into a centralized service is almost a sure recipe for a successful consumer product today. It's what Slack did with IRC, what Facebook did with email, and what WhatsApp has done with XMPP.

Moxie uses this argument to defend Signal not being federated: To talk via Signal, you send all your messages through Signal's servers. I happen to think this is a bad thing, and that they should commit to opening Signal up from a platform into a protocol just as soon as is possible, but I understand the reasoning. Like it or not, though, I think this is a very real thing that happens, so it may well not matter how good the access control is on journaling protocols if the platforms win out.

4. The network effect leads to a few large platforms

The network effect is a property of (among other things) communication systems wherein the more people join the system, the more valuable it becomes. Let's say 75% of your friends are on LJ and 25% on DW. Where will you spend your time? LJ, of course, and so that's where you'll post... and now the next person sees an even greater disparity. The network effect is a positive feedback loop, and in a competitive environment, that means it's a destabilizing effect. As Facebook grew, it became easier for it to kill off competitors, not harder. DW is trying hard right now to take users from LJ, but why would they leave? All their friends are on LJ.

There are some ways to counter network effects. For example, you can set up your DW to cross-post entries to LJ. Your LJ friends can still read your posts, but they can also sign up for DW and read and comment there. Eventually you might have enough people with DW accounts and crossposting that you can just go DW-only... but that large social network is going to really hinder the process, since not everyone will follow you over and it's hard to let go.

5. Big platforms suck

I don't need to reiterate the ways that giant platforms like Facebook suck, but I will anyhow:

  • They sell your data to marketers, including things they have inferred about you (such as your "racial or ethnic affinity")
  • They put hard-to-block ads in with your friends' posts
  • They prescribe a single set of ways to interact with your friends
  • They make it very hard to leave (and may refuse to delete your account), or indeed to find older things you have written
  • They are a ripe target for surveillance by governments, corporations, and the random bored shmoes who work for them
  • They control and warp the presentation of news, which can influence public discourse -- including implementing censorship at the behest of governments.

Now, is this inevitable? Maybe Zuckerberg is just an amoral asshole. I would argue that it's at least very likely for any large platform, because they have high costs (from running all those servers) and a vast quantity of user data (which they can get money for). It's a bad combination.

Where to from here?

Sorry to leave you with no path forward, but I don't see a clear way out of this. How can we enable pleasant, social, digital journaling while keeping people safe from the likes of Facebook?


Comments are closed.