Privacy: should the UI warn that things are forever in more places?

[ianklatzco]

For example, profile names:

It strikes me as likely that most users would not consider that putting private / embarrasing-in-five-years information into fields like these.

Thus, maybe it would be good if the mainline social-app had a warning for e.g. on "edit profile" that noted that all display names ever recorded are permanently recoverable?

[bmann]

It’s the Internet in public. Whether through screenshots or any other method this is pretty capturable and always has been.

Encoding it in the repo so that DID <> display name label is captured along with time of posting is pretty new. I’m sure you could add a label to the field something like:

history of display name edits are stored in your profile.

[bnewbold]

Indeed! At least with DID PLC, the full history of handles, keys, and PDS location are public forever, even if the account is "deleted" by terminating the DID PLC operation log with a tombstone.

This is discussed a bit in the DID PLC docs: https://github.com/bluesky-social/did-method-plc#privacy-and-security-concerns

But agree that this is totally not known or obvious to most humans in the current app. A disclaimer would be helpful, but in this sort of situation "show don't tell" probably works best and we should have an official and obvious way to view this kind of information, it make it clear that it is public.

Profile history (including display name) is currently also retained, but we are actively working on easier/default mechanisms to purge repo history, so the display name history will probably not be available through repo history for long.

[bnewbold]

With recent repo history changes, i'm going to close this as outdated.

It is still definitely possible for third parties to archive and republish everything! Many of the underlying privacy, communication, and UX design concerns are still relevant today. But I think the situation has changed significantly. Please feel free to re-open (or open another discussion) if you disagree.