A public API is the antithesis of privacy and of focus on the user

[venteto]

A current news item indicates a half million new signups for Bluesky and suggests one possible cause for this is a recent change to the terms of service at Twitter / X which further enables Musk to use user content to train his AI.

Another recent news item (actually multipe instances of this theme) indicates the other AI companies are completely ignoring / disrespecting conventions like robots.txt files.

If anyone is signing up to Bluesky in hopes of preventing their content from being used to train AI, I don't think it is clear to many users that Bluesky is not (as of yet) the solution to that desire. Until anything changes, new users signing up should be warned with flashing, bright neon signs that they are not escaping being used in an API when they come to Bluesky. New users should not be courted by any means necessary, including the obfuscation of how they can be used via the API.

It seems to me that a public API, if not a protocol itself, is a false goal, if designing a social media network / app that is supposed to be the opposite of / better than Musk, Zuckerberg, et al.

As long as Bluesky has the goals of developing a protocol and a public API, there should be a mechanism to allow users to completely opt out of any public API, regardless of how they may separately choose for their content to be presented (or not) in any web / graphical clients.

Additionally, unlike Twitter, there should be a granular option to switch on privacy at the post level, not an all or nothing approach like "protecting tweets" which boils down to just making every post from an account private. A user should be able to go into their account settings and configure a global setting, for example, maybe they set the default for all posts to be fully public (in the graphical client, and separately, in any public API), indexable by search engines, scrapable by rogue AI companies, embeddable on other sites, and so forth. Then they should have the second separate option to make these same choices, to override that global default, on the next post they make. They should be able to choose if the next post will be visible to the public, to all logged in Bluesky users, to just their followers, or to just [any future function to allow creating separate subsets of followers, or "circles" to borrow a term] in the graphical client, while also completely hidden from any API.

Essentially there is no reason for any new social network to exist if it is just more of the same, repeating the flaws of what came before it, and pursuing the wrong goals as its social network ideal, especially now with the menace of AI, and AI companies who have no respect for anyone and have a sense of entitlement to everything on the Internet (which in turn drives their environmental ills).

Are you thinking about this as a developer, or as an ordinary user without any technogeek ideals, who are likely to vastly outnumber the former on any social media network / app?

Related discussions:
#1409
#2809
#1079 (another consideration: keeping historical data private, even for cancelled / terminated accounts)

[qazmlp]

I'm seconding the request for per-post privacy / circles.
That would be feature parity with ActivityPub then, which would lend itself to bridging.

Regarding preventing AI/API use specifically: I don't think that's technologically possible for posts that should otherwise be displayed very widely. (More precisely: Not mathematically possible.)
You could introduce a post privacy level equivalent to Mastodon's 'Quiet Public' which removes the post from all discovery features (even search!) aside from the Following feed and profile view. That's probably feasible, more or less, even if it would still be on the Firehose.

The most effective method to prevent AI scraping right now is probably to hide your content from logged-out users. That option can be found at the bottom of the 'Moderation' settings (but really should be at least linked to under 'Privacy', in my opinion. It took me more than a minute to find).

Beyond that, it's unfortunately a matter that needs to be settled in court, from what I can tell.

[axiand]

I agree with your assessment that it should be communicated clearly to the user that the content they share and their interactions are public and easily indexable/scrapable. It's a reason that I disagree with having, for example, the app hide other people's likes tab by default, because this restriction is easily circumvented and gives a false sense of privacy. However,

As long as Bluesky has the goals of developing a protocol and a public API, there should be a mechanism to allow users to completely opt out of any public API,

This is antithetical to how the protocol works and simply not feasible. Hence the need for communication.

[strgalt-t]

If that's an issue to you personally I would recommend not using social media build on a public, open protocol.

[kyefox]

Any sort of user education is notoriously difficult. You can blast it from the sky with the trumpets that signal the doom and most people will just ignore it until their usage intersects with why the warning was there, and they won't remember being warned.

Warning at the UI level is fine, but don't expect much from it. This kind of thing is best communicated person to person, community to community. It doesn't get through otherwise.