Community Moderation and Euro-centrism

Had some concerns regarding the moderation and application of code of conduct in the community, especially in discussions around news articles and tools.

In the short time I have been here, I have seen some of the moderation having consistent bias in favor of members of the team/long time members, and against visitors, instead of it being based on the value of their argument. It is especially visible when it comes to discussion of news articles and tools. Some points below:

1. Team members often tread the lines of code of conduct, but responses to them in the same vein are often removed.
2. Discussion of tools are often leading into conjectures, but not enough proof is given. Sources are consistently asked for claims that are not well regarded by the group, while others are presented as facts.
3. News discussions often devolve into Euro-centric ideology and bashing of non-euro countries, ideas, and companies. Similar questions when raised against European and North American powers are either ignored or chalked up to conspiracy.

It is quite disappointing to see that yet another forum falls into the same trap of r/privacy and other not-so-nice-or-credible forums. Wanted to start a discussion to see if this has just been my experience or not. Feel free to delete/lock this if this is off-topic or out of bounds, but that will make it impossible for me to continue here (not a great loss in any way )

I would like to add one thing that I think is important. This is an aspect that did not immediately catch my eye when I first started to explore such spaces as forums. Topikstarter and all those who have recently joined I advise you to pay attention to the foundation, which shows the level of trust, demanding and evaluating the weight of words of these or those forums. This is first of all - the system of trust to forum members from Discoure.org itself

While it’s possible to perceive bias in moderation, it’s crucial to recognize that moderators aim to uphold the community’s code of conduct. Note though, that EVERYONE has a bias, whether they like it or not, best one can do is be mindful of it and try to act on it. If you see anyone overstepping the Code of conduct, do call them out on it, its what it is there for.

Regarding tool discussions, whats written on the site is generally perceived as the truth, as it had to have been researched before it was added, the discussion from when it was added is in this case the source that is provided by default. If one wants to claim the site is wrong (and if that is the case, please do) then the burden of proving that it is wrong/should be changed is on the one making the claim.

Regarding the third claim, I wouldn’t say that the site is focused on the European mindset specifically, but I can see you point with it being focused on western countries. While our team members are spread across the globe, we are mostly based out of western countries, and as such it is only logic for us to have more knowledge on this subject from a western mindset/point of view. If you have a tip or idea of how we can improve this, I am all ears :).

I disagree with this. We often talk about the NSA surveillance or how EU wants to forbid encryption.

That being said, it doesn’t rrmain the case that for the most part Western countries have more transparency and are more democratic. When a Russian, Chinese or Iranian company claims to have a private product, the difficulty is that in those countries, there are secret laws that force a company to spy for the government in total secrecy. To be very clear, the US government could force a company to hand over the data, but the user, but they cannot force them to implement back doors.

I know it might seem unfair, but a company in a country with secretive and harsh laws needs to be assesed with a higher level of scrutiny, than a company in an open society. That being said, privacy guides do recommend non-Western tools. For example, Notesnook is Pakistani and Ente is Indian.

But privacy guides might have some biases and this is why we are working on a list on privacy regulation for each country. So we can have a better idea of what country really respect the privacy, in theory - and also in practice.

Ente Technologies, Inc. is based in the US

It was based in India when it was recommended if I’m not mistaken. Didn’t know their current status.

There is one incident with content moderation that I had.

My password managers poll got hidden because the votes were public, which doesn’t make any sense at all.

1. There is a clear warning stating that the votes are public:

IMG_20240827_1613541080×1576 118 KB

2. You shouldn’t expect any privacy on a public forum. If you want privacy, then create a pseudonymous or anonymous account and use that, nothing that you do on the forum will be tied to your real identity.

3. There are countless other polls that have public votes enabled.

4. Why is making polls public even an option if it can cause the poll to be hidden?

Yeah, I’m not sure why @dngray delisted it, someone was complaining about the option of a public poll existing and I thought we were explaining why it could exist, then it got unlisted in response to my explanation.

I don’t know why it was hidden I have asked him in the team chat and ill come back to you on that.

Yes, my understanding is also that it was based in India. The founders are in India AFAIK. And Notesnook is based in Pakistan. I don’t know if the company is in Pakistan, but the founders are from there and live there.

Although I have yet to experience it here, as I’m also quite new, I find that online forums in general, around any topic, including privacy, are quite American centric more than European centric.

What I mean by that is that I’ve seen many people on Reddit ask for help with something, and someone will reply with:

you can buy X at Walmart.

They assume that OP is in the US, when OP has not stated their location. They should ask first. When I respond to people who haven’t sated their location, I say, if you’re in the US, you can use this.

People should specify when a tool is exclusive to a country or region.

Moreover, I think that the influencers in the privacy community should specify that a tool is exclusively available in the US when they recommend it. I’ve seen too many of them fail to state that. And if they don’t know, IMO, they should know. Of course, they’re allowed to make mistakes, I’m just saying they should keep that in mind.

The perfect example is privacy.com. Many influencers in the privacy community recommend it without stating that it’s only available in the US.

On a loosely related topic, I’ve seen no one in the privacy community address the fact that Privacy.com requires KYC, which includes ID, proof of address, and social security number. That is a huge compromise in privacy.

Although I’ve yet to see the European bias that you’re referring to OP, I agree that we should be mindful of it. Like one of the mods said, we all have biases. To pretend otherwise doesn’t help.

Yes, I hid it because people were complaining about the voters showing.

It turns out you can’t modify a poll 5 minutes after it has started so there wasn’t much we could do to preserve privacy of those who voted and maybe thought it was anonymous.

As for US/EU centric, we tend to prefer products in countries with obviously stronger privacy laws, but failing that, E2EE is really the only way to ensure privacy. It just happens to be that some EU countries have better legislation in regard to GDPR and enforcement of it.

If they’re worried about that, they can just undo their vote. Also, as Lukas shared, it clearly states that the votes are public. I don’t think it’s fair to hide the post.

Well we can unhide it if you want, maybe we should have a vote on it

It’s hard to comment on any of these concerns without specific examples. I do think that non-experts making unfounded conjectures (and sometimes presenting them as facts) is potentially something we should be more active in policing.

They have addressed that. It comes down to threat modelling and attack surface, you’re doing KYC with one company rather than giving your card out to every single website, contractor, etc you work with or use. If theres a data breach you just close that one singular card for that one site rather than have to get a new card from the bank and go through the hassle of updating payments everywhere.

There are a number of services which provide “virtual debit cards” which you can use with online merchants without revealing your actual banking or billing information in most cases. It’s important to note that these financial services are not anonymous and are subject to “Know Your Customer” (KYC) laws and may require your ID or other identifying information. These services are primarily useful for protecting you from merchant data breaches, less sophisticated tracking or purchase correlation by marketing agencies, and online data theft; and not for making a purchase completely anonymously.

For someone who’s a prolific contributor here, you can’t be serious asking for “examples” when there are plenty?

In this reply, Daniel says “let’s hope [NextDNS devs] reply to my emails” and tells me to shut up because he thinks I am dishonest “All of this can’t be verified” (for something that was literally on our Twitter) and that I demand things, and that when I bring my expertise, I am just “arguing from authority”, and that I prove why a “single integer counter” wasn’t enough to prevent attacks and abuse across a world-wide network of DNS servers, because to Daniel, it was totally possible to do so (of course didn’t have to present any proofs).

The scorn was unreal.

What kind of Orwellian logic is this when you yourself admit “EVERYONE has bias”?

Not everything is “researched”, is it? For instance, the section on “Anonymous routing” looks like it was put up haphazardly. How does one research and come to a strawman conclusion that Just like other decentralized platforms, adding features is more complex for developers than on a centralized platform?

This is a high bar for contributors to clear (when it is demonstrable that the website itself doesn’t meet it). Instead the point should be to encourage more contributions. Though I understand bikeshedding is an inevitable outcome when that happens. Either way, communities like Wikipedia (which encourage contributions) have the right model for a knowledge resource. PrivacyGuides shouldn’t be run like a Journal, imo.

No tips from me, but I sincerely hope the team themselves are thinking about improving on this criteria, now that they’re aware of it.

I’ve heard it from two other FOSS project leads in the privacy space that the bias against non-Western projects here is overt and overwhelming.

Not taking any side but I think @Niek-de-Wilde is referring to unconscious bias that we are inevitably “configured”.