Thanks to everyone who has been sharing this post. Besides Tumblr asks, you can also contact me at me[at]creatrixtiara[dot]com, my website, or on Twitter.
If you’re wondering how to credit me, please use Creatrix Tiara or Tiara Shafiq.
I have moved all updates to their own Tumblr, so please check there. I may take a break from Ello-ing for a while though; it’s exhausting.
I wrote this on September 23rd 2014 at around 11:30PM PST (GMT -8), the night before Ello sent out the email about adding privacy features. Also as of September 27th 2014, 7:01PM PST, I have not heard from Ello personally in any way, shape, or form since this post.
I originally wrote this as my goodbye post on Ello, a new social network that has taken my queer/POC/performer/activist circles by storm due to Facebook’s crackdown on names. Feel free to share.
I know many of you joined Ello due to Facebook’s real name policy, which has shown to be a great risk to performers, trans people, and others who do not reveal their legal name for security or personal identity reasons. And everyone’s super fond of Ello now because they promise not to sell your information to advertisers.
However, there are specific elements of Ello’s privacy settings, deliberately designed, that make Ello actually way more unsafe than Facebook, Twitter, or other social media outlets and CMSes. And in our rush to embrace a Facebook replacement we need to be aware of what we are at risk for when using Ello.
Ello deliberately does not have any sort of personal privacy settings, and it does not have any sort of features to block or report individuals, nor any way to consent to being followed.
According to Ello’s @wtf section on privacy:
Ello is a platform built for posting and sharing public content. You should assume that anything you post on Ello other than private messages will be accessed by others. Search engines will be able to see the content you post. Content you post may be copied, shared, or re-posted on Ello and on other parts of the internet in ways that you and we cannot control.
Their feature list does have an upcoming entry about reporting inappropriate content, but nothing about inappropriate people. And yes, so far it’s invite-only, but invites are flowing so fast that it’s actually breaking Ello servers. And once you are in the system, everyone’s accounts are at your disposal.
Whether they want you to find out or not.
I do not have my legal name on Facebook, or most other sites, mostly because I have had trouble with relatives finding me and spreading rumours. (Also I don’t want to be too easily found by the Malaysian government and be charged with sedition.) However, privacy filters and blocking settings on most other social media help me mitigate the most of this.
Even so, having my legal name on Facebook (or even other sites like Twitter or Tumblr), is less of a problem for me than having no option to filter my content or block/report specific people.
Because the people I most want to avoid know my aliases. They are friends with people I know on Ello. They might already be on Ello (I’d be surprised if they weren’t) and are totally open to following me, reading me, tagging me, commenting on my posts. Hell, they can even find me through our mutual friends - any mutual activity pops up on their Friends feed.
And, by the way Ello is currently set up, there is nothing I can do about it.
I already have had specific posts of mine on social media - even carefully filtered or private material - spun into false accusations that affect my personal and professional reputation. I have no illusions about any of my content being totally private; I’m already a pretty open book. But at least on other places I can do something about it.
On Facebook, Twitter (if made private), and LinkedIn, I can approve or deny friends and followers.
On Ello anyone can follow me, with or without my consent, and I have no way of knowing whether I am a Friend or Noise.
On Facebook and Flickr I can set differing privacy levels - making posts only viewable to certain groups of people, excluding specific people entirely, or making some posts visible to only me. (On Twitter I can make my entire timeline private.)
On Ello, if you can get on Ello itself, you can read anything. (And according to Ello’s “privacy” statement, so could the world.)
On almost all other social media avenues, and even on blogs and CMSes, I can block specific people, or report their profiles for abuse, or find some way of identifying them (such as an IP address) so I can bring the matter up with a different authority.
On Ello I cannot do any of that, leaving me vulnerable.
There’s probably more, if I gave it more thought. But what I’ve found disturbs me enough already to compel me to leave Ello.
I don’t mind companies selling to me. They never really get my details right anyway. But marketing doesn’t usually try to ruin my career, or spread personal rumours about me, or harass me about my race or gender or sexuality.
People in my specific social circles, many of whom have jumped onto Ello as their next Facebook replacement.
People for whom it’s trivial to use social engineering, or even just paying attention, to find me and make trouble for me.
It’s already happened anyway, and that’s with careful security measures. Here? What security?
Many of my abusers, stalkers, harassers, and general trouble makers come from similar social and professional circles to me. Some of them get protection due to their status. Others get protection because no matter how much I speak up about them, no one else is willing or interested in doing anything about it. (Or sometimes they try and they become the new target for abuse.)
Now that many of these specific social circles are signing up for Ello, I have become way more wide open for their harm. And, between the stats about abusers generally being people that you know or know of, and the fact that anybody can read you and add you on Ello without you being able to do much about it, this becomes a huge and more immediate safety risk.
Way more than having my legal name published online. It’s already out there anyway.
I will leave this post up here, but unless something drastically changes with Ello’s privacy policies, I am not likely to return. Especially not as a Facebook replacement, since I get pretty personal on there.
So Ello, I know it’s only been 2 days, but this is Goodbye.
[[I would like to thank Lynn Cyrin, whose comment on consent in social networks on Twitter made me really think about this. I would also like to give a shoutout to Doug, who is/was a Facebook friend of another friend, who had brought up privacy concerns but got immediately shouted down by everyone else because “hey, they don’t sell our data to companies!!”
Feel free to share, tag me or don’t tag me or make me anonymous or say you said it, doesn’t matter.]]