Mastodon: Clarify and/or fix how privacy works for replies

Also, what if you're replying to someone who doesn't follow you, using the followers-only setting because you are replying to a followers-only post? Can they see your reply?

The person you're replying to will be @-mentioned in your reply, and my understanding is that @-mentioned people always see a toot regardless of privacy settings. It'd be good to hear from someone more familiar with the codebase though.

Replies are posts which mention a user and have a in_reply_to_id marked connecting them to the post before it in the thread. Besides the in_reply_to_id they are the same as how a post works.

If you make a followers-only post, and I reply to it. Your followers will only see my reply is they follow me too. My followers will only see your original post if they see you too. Replies to users that you don't follow don't show up in your timeline so that's not really an issue.

If you do not want your followers to see a post you are making, use the Direct privacy setting. You can reply to a followers-only post, set your privacy to Direct, and then only the person you are replying to will see it.

There is of course the big caveat that these are merely filters. Your posts aren't e2e encrypted and this whole system is assuming your followers and the person you are talking to are on instances which are following this same system. If I make a direct post at a GNU Social user; that post is visible to anyone on that user's instance. Which is why a warning will pop up.

Does this clarify the current system for you? If there is an issue here please clarify

I just want to make sure that when A makes a followers-only post, and B replies to it, B's reply isn't visible to people who don't follow A (assuming that everyone involved implements mastodon's privacy model). If the reply is only visible to people who follow both of them, I'm satisfied with that; my concern is privacy rather than visibility.

Replies to users that you don't follow don't show up in your timeline so that's not really an issue.

If you do not want your followers to see a post you are making, use the Direct privacy setting.

I'm a bit confused, since these two sentences seem to be implying opposite things. To clarify, when B replies to A's followers-only post, is the reply only visible to the intersection of their follower-sets? Or is it only displayed in the timeline of people who follow both, and also any follower of B can see the reply on B's profile page?

Also, if C replies to B's reply, is that visible to the intersection of A's followers and C's followers, the intersection of B's followers and C's followers, or some other set of users?

I'd like this to be explained better on https://github.com/tootsuite/documentation/blob/master/Using-Mastodon/User-guide.md#toot-privacy , since I feel uncomfortable replying to followers-only toots from locked accounts without understanding how that affects the privacy of my friends' conversations.

You write a followers-only post. I reply to it.

If somebody follows me, but not you. My reply won't show up in their timelines, but they can see my post on my profile if they look. They cannot see your post that I am replying to.

If someone follows you, but not me. They will see your original post, they cannot see my reply.

If someone follows both of us, they can see both posts and both posts will appear in their timeline.

If I reply to you, but change my post to the Direct setting, only you will be able to see that post.

Ok, thanks for the explanation. I feel like it'd make for a more intuitive privacy model if replies to followers-only posts weren't visible at all to users who didn't follow the OP, even by looking at repliers' profiles. However, I realize this might require substantial architectural changes, and Mastodon is explicitly not trying to be an ironclad private communications platform. Feel free to close this issue if you feel my proposed change is outside the scope of the project.

Well, this may be a matter of individual brains working differently. To me it is intuitive that a privacy setting would remain consistent across posts. A public post is always visible to the same set. An unlisted post is always visible to the same set. etc. Direct posts are intended for conversations you don't want others to see.

If you want to close the issue that's your choice. It's worth a discussion on whether this would be a good change. Someone like @wxcafe would be useful to have in the thread to help triage if it should be closed

This is also the same system that twitter uses. I think it's more intuitive too, but more importantly I think changing it would be way too confusing for users who previously used twitter and for users who got used to the way mastodon privacy settings work. I'm going to close that issue, but we can still discuss this and/or reopen it later possibly

There's a technical concern here too: how do I know, as a server, what the correct audience for a given reply is, if I don't know the full list of followers for the person you're replying to?

I can think of a few solutions to this, but they would all require very fundamental changes to how replies work, and even how they're conceptualized from a user perspective.