(h) Preservation.-
(1) In general.-For the purposes of this section, a completed submission by a provider of a report to the CyberTipline under subsection (a)(1) shall be treated as a request to preserve the contents provided in the report for 90 days after the submission to the CyberTipline.
(2) Preservation of commingled content.-Pursuant to paragraph (1), a provider shall preserve any visual depictions, data, or other digital files that are reasonably accessible and may provide context or additional information about the reported material or person.
(3) Protection of preserved materials.-A provider preserving materials under this section shall maintain the materials in a secure location and take appropriate steps to limit access by agents or employees of the service to the materials to that access necessary to comply with the requirements of this subsection.
(4) Authorities and duties not affected.-Nothing in this section shall be construed as replacing, amending, or otherwise interfering with the authorities and duties under section 2703.
I would also suggest reading User Generated Content and the Fediverse: A Legal Primer – https://www.eff.org/deeplinks/2022/12/user-generated-content-and-fediverse-legal-primer
Make sure to follow its advice - it isn’t automatic and you will need to take affirmative steps.
The safe harbor doesn’t apply automatically. First, the safe harbor is subject to two disqualifiers: (1) actual or “red flag” knowledge of specific infringement; and (2) profiting from infringing activity if you have the right and ability to control it. The standards for these categories are contested; if you are concerned about them, you may wish to consult a lawyer.
Second, a provider must take some affirmative steps to qualify:
Designate a DMCA agent with the Copyright Office.
This may be the best $6 you ever spend. A DMCA agent serves as an official contact for receiving copyright complaints, following the process discussed below. Note that your registration must be renewed every three years and if you fail to register an agent you may lose the safe harbor protections. You must also make the agent’s contact information available on your website, such as a link to publicly-viewable page that describes your instance and policies.
Have a clear DMCA policy, including a repeat infringer policy, and follow it.
To qualify for the safe harbors, all service providers must “adopt and reasonably implement, and inform subscribers and account holders of . . . a policy that provides for the termination in appropriate circumstances of . . . repeat infringers.” There’s no standard definition for “repeat infringer” but some services have adopted a “three strikes” policy, meaning they will terminate an account after three unchallenged claims of infringement. Given that copyright is often abused to take down lawful speech, you may want to consider a more flexible approach that gives users ample opportunity to appeal prior to termination. Courts that have examined what constitutes “reasonable implementation” of a termination process have stressed that service providers need not shoulder the burden of policing infringement.
…
And further down:
Service providers are required to report any CSAM on their servers to the CyberTipline operated by the National Center for Missing and Exploited Children (NCMEC), a private, nonprofit organization established by the U.S. Congress, and can be criminally prosecuted for knowingly facilitating its distribution. NCMEC shares those reports with law enforcement. However, you are not required to affirmatively monitor your instance for CSAM.
Providing just a searchable marketplace that then dispatches you to buy from the store where you have to enter your payment information for them? Sure. And I’d use it. But then, that’s what the ‘shopping’ item on Google is.
If you then say “but I’ve got to enter my payment and shipping info with the store again” - is that as much of a problem as you make it out to be? Because they do need it to do the payment processing and shipping. Fortunately my browser knows who I am and so it auto fills much of that information.
The payment processing is a major hurdle. You’re dealing with each company and each company has its relationship with the payment processor. They have different rates depending on how trustworthy they are and how much business they do. The less trust in the system, the more it costs. The smaller the volume, the more it costs again.
The companies that leak credit card data? They’re gonna pay with increased payment processor costs. You may not see it, but behind the scenes you’ve got https://www.commerce.uwo.ca/pdf/PCI-DSS-v4_0.pdf (that’s a 350 page checklist for the standards for handling payment cards).
Assume that we’ve handled payment… logistics. Amazon has their enormous warehouses and automation that they’ve invested in (the robots are originally from Kiva - https://www.fromscratchradio.org/show/mick-mountz ). Having everything in one place and then dispatching works well and saves money. If I buy something from Best Buy and something else from Pottery Barn and something else from Williams Sonoma – they don’t share a warehouse and so they’re each doing their own shipping with whoever they’ve contracted to do shipping.
Amazon again got big enough that they’ve got their own last mile shipping (and since they’ve got coverage with distribution centers it makes it even more efficient). Shipping from DC to DC is cheap - it’s the last mile that has the expenses.
So, its cheaper (and more carbon / energy efficient) for someone to buy from Amazon and get one package from a marketplace where Amazon manages the payment, inventory, and logistics for delivery than it is to have it be managed from multiple vendors each with their own payment, inventory, and logistics.
Presenting the marketplace is the ‘easy’ part of this. Payment, inventory, and logistics are hard and aren’t solved by federation but rather made more complex and worse from the standpoint of the consumer.
New accounts are being created.
How many of those new accounts are people shuffling between different identities and interests? This account is for the music stuff I follow, this is my meme account, this is my serious stuff account…
How much of that is also the people leaving lemmy.world when they were having stability problems?
curl https://literature.cafe/post/641633
The text ‘A large issue’ appears multiple times in the payload (frankly, surprisingly many).
Inspecting it with xxd:
00004530: 6f6e 652e 295c 6e5c 6e41 206c 6172 6765 one.)\n\nA large
Further down in the output (and the only case of this happening):
000487a0: 6c6f 6e65 2e29 2041 206c 6172 6765 2069 lone.) A large i
In this instance, The A
(character 41
in hex) is preceded by 20
which is a space.
The number of times it shows up:
% xxd post.txt| grep 'A large' | wc -l
27
It’s possible that your reader is using the wrong instance of the text… but also a “why are there that many copies?!”
Viewing it on a web page, there are seven paragraphs. https://literature.cafe/post/641633
There are some people who just want to watch the world burn.
A small lemmy site is often has lax administration and no mitigation for the attacks and so it is easy to point a DDOS at it and take it down and then the attackers get to watch people complain about it.
Additionally, the “white noise file uploads” are likely encrypted content rather than “I just want to fill up the database”. I’d be willing to bet that it is CSAM material.
People leaving reddit are barely a blip on most /r’s and the Lemmy’s growth for the past month is less than that of a popular cat sub on Reddit.
Spez would also likely try to avoid doing things that are illegal and would put him or Reddit in legal jeopardy. Random DDOS fall into that category. Spez may be an ass, but he’s more than likely an ass that would rather not waste his time with things that could send him to jail.
I am on an instance that has the finer granularity of the technology topics and the corresponding subscribers to make the posts and comments interesting.
Small, general topic instances means that now I’ve got a dozen copies of the same post scattered through my feed with only a few people on each talking to each other.
Spreading out is ok… but spreading out too far makes people more isolated and content even harder to discover. Why should I subscribe to that instance rather than:
… or any of the next 20 /c that show up that have less than a dozen people subscribed.
I also don’t want to have to wade through a score of posts that Bram Moolenaar died in my feed. One or two will do (one in a general technology /c/ that I subscribe to one in !text_editors@programming.dev ).
What is the value proposition of another /c/technology on a small, general interest instance?
It’s ok to do it… but I am only subscribed to one because there’s a sufficiently large subscriber count and they’re active about moderating. If there was another techlemmy instance that was able to develop a sufficient community of people around the /c/ hosted there, I’d be interested… but subscribing to every instance that is spread out is more clutter in my subscribed section than I want to deal with.
You can move your account somewhere else, but if you’re subscribed to… say… !technology@lemmy.world then even though you’re on another instance, you’d still be trying to fetch and read content from lemmy.world. If lemmy.world were to go down, then the only content you would see on that /c/ would be from other people on sh.itjust.works and never any of the comments from lemmy.ee or lemmy.ca - who would also have similar problems of isolation of comments.
Lemmy.world going down would mean that the tens of thousands of people who subscribe to /c’s hosted on there would be isolated from each other.
Moving user accounts isn’t sufficient. Moving a /c to another instance is a significant undertaking of trying to get people to do it.
https://startrek.website hosts:
That’s it. Five /c/ all the same topic.
https://programming.dev/communities is software development topics only.
DNS is a poor example to use as there are multiple IPs that can map to one name.
% nslookup www.yahoo.com
Server: 192.168.1.1
Address: 192.168.1.1#53
Non-authoritative answer:
www.yahoo.com canonical name = new-fp-shed.wg1.b.yahoo.com.
Name: new-fp-shed.wg1.b.yahoo.com
Address: 74.6.231.20
Name: new-fp-shed.wg1.b.yahoo.com
Address: 74.6.143.25
Name: new-fp-shed.wg1.b.yahoo.com
Address: 74.6.143.26
Name: new-fp-shed.wg1.b.yahoo.com
Address: 74.6.231.21
You might be interested in looking at something like Usenet News and NNTP where there is one and only one group with the name rec.games.roguelike.nethack
( https://groups.google.com/g/rec.games.roguelike.nethack ) and the contents of that group is federated out to every NNTP server that subscribes to it (not all do). Note that this is a different model and every server contains all the data for the groups that they subscribe to and may exchange those posts with any other server that they federate with (this also solves the “what if Lemmy.world goes down” problem where if the sponsoring server goes down, no one’s comments are exchanged outside of the instance they are on).
https://www.eternal-september.org/hierarchies.php?language=en
But this is a fundamentally different model than Lemmy uses.
This isn’t quite right. There is no central list that gets replicated. There is instead a set of delegated authorities. That top most delegated authority may be revoked with repercussions down the chain.
There is no list that has every name in it. If you resolve test.127.0.0.1.nip.io
its not going to a central list but rather finding out who is responsible for .io and asking that server if it knows where test.127.0.0.1.nip.io
is. Getting a ‘no’ back from the registrar for the country code, it then asks where it can get that information and finds that it should ask ns1.nip.io
or ns2.nip.io
. The system then asks one of those servers if it knows the address that test.127.0.0.1.nip.io
has and that server responds back “yes” at which point the DNS server that you asked may cache the result.
nip.io also demonstrates that anything that you ask for can be there and thus a central list is impractical. app.10.23.45.67.nip.io
works just as well.
You can say that delegated authorities isn’t federated… ok… but its not a central list that everything replicates and working any censorship of the name can be as easy as finding a DNS server that is serving it. Though again, everyone likes using the big central ones rather than hosting and maintaining their own.
Honestly, isn’t it rather stupid to build a community with extreme views on a server you are not controlling? Eventually they are going to lose that.
The activity in /c/ isn’t a community. The community lives elsewhere and what you see in /c/ is the equivalent of a bunch of guys going to the parking lot of a park and making fun of every person that passes by - its an activity. If they get kicked out of that parking lot, they’ll move to another until they get kicked out there.
The community that they belong to lives elsewhere in some place that they can’t get thrown out of easily.
The hashtag #fossilfuels works… but it doesn’t work as well as being in https://mastodon.energy/public/local were things without hashtags exist and all the content is topical.
Aside from the symbolic action (that can only be seen by looking for what isn’t there), what does this accomplish? (And yes, I do note that the symbolic action is important in of itself).
Alternatively, if I wanted to follow @georgetakei@universeodon.com
in Lemmy (universeodon is a Mastodon instance), how can I get him in my timeline?
As far as I can tell, removing a mastodon instance (in this case social.bbc) from from linked instances in Lemmy has absolutely no impact on what someone will see in subscribed, local, or federated timelines.
You want someone else to pay for the disk space and network availability for your videos?