Admins Can Read Your DMs

Posted on 2024-05-09

People who refuse to use the fediverse (often conflated with Mastodon) often cite concerns about privacy with regards to DMs as their reason for avoiding it; "admins can read your DMs" and all that. To be fair, that's technically a true statement, but it's more complicated than that. Now, I have no problem letting these people be wrong - I'm not eager to convince idiots with no capacity for critical thinking to come to my favourite social network - but I'm nothing if not endlessly pedantic, so I felt the need to explain my take on the issue anyway.

DMs Are A Lie

To begin with, the term "DM" as it applies to other social platforms is kind of a misnomer in the case of the Fediverse. Websites like Twitter and Instagram have a dedicated chat-style interface for messaging people directly. If you spend five minutes with most fediverse software, you'll notice that it doesn't have this.

Sending a DM on the fediverse is generally accomplished by making a normal post and changing the visibility setting to only show the post to people who are mentioned in it. This isn't a case of obtuse UX design, it reflects how DMs on the fediverse actually work under the hood: The underlying protocol has no concept of direct messages, and is only able to approximate them with a special flag on an otherwise normal post.

In other words, when you send a "DM" on the fediverse, what you're really doing is making a public post, and asking the network nicely to only show it to the person it's intended for. All software that isn't actively malicious or extremely shitty will comply with this request, and in fact admins can only read your DMs by circumventing the instance software and accessing the backend database directly, but the post is in no way actually private.

This Is Fine Actually

I don't personally think this is an issue; I think it's perfectly fine that the fediverse doesn't attempt to do secure communication. Doing things this way reduces liability for server owners and reduces the complexity of the software for developers, and you really should be able to contact anyone who you actually want to keep in touch with on multiple platforms anyway.

Besides, it's not like insecure DMs are an issue unique to the fediverse. DMs on [Twitter/Instagram/Reddit/etc] aren't encrypted either, meaning the admins of those websites can read your DMs too. Same for actual dedicated chat platforms like Discord and (mostly) Telegram. Twitter's admins can read your DMs, Discord's admins can read your messages, Gmail's admins can read your emails, and your phone provider can read your texts. And they often do, to sell information about you to advertisers or comply with police requests or what have you.

It's only slightly less of a problem on those platforms because you're much less likely to know the admins personally, and individual staff members could probably lose their jobs if they used the contents of your DMs to start drama. That said, I've personally never seen evidence of any admin actually reading someone's DMs on the fediverse, because doing that is a huge pain in the ass involving like, SQL queries and shit, and is much harder than any actual administrative task most fediverse admins will ever do.

Either way, you should really be using an actually secure messaging service if privacy is important to you. Be the change you want to see in the world and become that person who insists on taking conversations in Twitter DMs to Signal. I'm being completely serious.