Combating abuse in Matrix - without backdoors

The Matrix team talks about various governments calling for backdoors to end-to-end encryption (e2ee), and then goes on to explain how their federation / distributed system is looking at distributed reputation data:


this entire section quoted from the article

  • Anyone can gather reputation data about Matrix rooms / users / servers / communities / content, and publish it to as wide or narrow an audience as they like - providing their subjective score on whether something in Matrix is positive or negative in a given context.
  • This reputation data is published in a privacy preserving fashion - i.e. you can look up reputation data if you know the ID being queried, but the data is stored pseudonymised (e.g. indexed by a hashed ID).
  • Anyone can subscribe to reputation feeds and blend them together in order to inform how they filter their content. The feeds might be their own data, or from their friends, or from trusted sources (e.g. a fact-checking company). Their blended feed can be republished as their own.
  • To prevent users getting trapped in a factional filter bubble of their own devising, we’ll provide UI to visualise and warn about the extent of their filtering - and make it easy and fun to shift their viewpoint as needed.
  • Admins running servers in particular jurisdictions then have the option to enforce whatever rules they need on their servers (e.g. they might want to subscribe to reputation feeds from a trusted source such as the IWF, identifying child sexual abuse content, and use it to block it from their server).
  • This isn’t just about combating abuse - but the same system can also be used to empower users to filter out spam, propaganda, unwanted NSFW content, etc on their own terms.

The subscribing to feeds from trusted sources sounds like our badhashlist idea that we’ve been thinking about for content addresses.

Also relevant to the portable / linked usernames, too: Portable Usernames, DIDs, and Distributed Auth with UCAN

They are hiring a Reputation Team and have the beginnings of a spec: MSC2313: Moderation policies as rooms (ban lists):

Matrix is an open network and anyone can participate in it. As a result, a very wide range of content exists, and it is important to empower users to be able to select which content they wish to see, and which they wish to block. By extension, room moderators and server admins should also be able to select which content they do not wish to host in their rooms and servers.

The protocol’s position in this solution should be one of neutrality: it should not be deciding what content is undesirable for any particular entity and should instead be empowering those entities to make their own decisions. This proposal introduces “moderation policy rooms” as a basic mechanism to help users manage this process, by providing a way of modelling sets of servers, rooms and users which can then be used to make filtering decisions. This proposal makes no attempt at interpreting the model and actually making those decisions however.

To reaffirm: where this proposal says that some content is undesirable it does not intend to bias the reader into what that could entail. Undesirability is purely in the hands of the entity perceiving the content. For example, someone who believes birthday cake is undesirable is perfectly valid in taking that position and is encouraged by this proposal to set up or use a policy room which prevents birthday cake from coming across their field of view.

This is very much something that’s interesting as a building block at the protocol / platform level as we think about Fission federation and app policies.