A BDSM/Fetish website which apparently locks-in its user data and then deletes it #fetlife #aptbutwrong

No joke; from Feb 2013:

In case you weren’t already aware, Fetlife has announced that to maintain their relationship with their credit card processor, they have to delete quite a bit of content. I hate that credit card companies get to police what we can talk about, but I can understand why the Fetlife team decided to keep the site running over fighting the good fight, losing the ability to take credit card payments, and not being able to process enough payments to keep the power on.

Because people are (rightfully) worried their pictures/writings/comments/etc will be deleted, they’ve been using the hell out of maymay’s exporter tool, which is really driving up his costs. He could use some help keeping that tool running if you’re inclined to donate.

…but click through to the cited website and you will read:

FetLife Exporter
This tool is currently disabled. (Why? No, wait, What do you mean disabledLearn more about FetLife’s troublesome behavior. Please ask FetLife to stop blocking this tool, and please do CC me. Thanks! You can stilldownload and install this tool on your website, or you can download the exporter itself and run it from your personal computer.

Update, please read:
On the night of February 14, FetLife.com blocked this server’s IP address, functionally preventing anyone from managing their own archive, including taking away the ability of users to delete archives themselves. This is…somewhat stupid and rather counter-productive, especially because FetLife’s new community manager, Susan Wright, has apparently been sending vaguely threatening emails to individuals telling them to delete their archive. I’m not sure why FetLife would ask their users to do something that they then prevent them from doing, but that’s FetLife for you. 🙂

I am not interested in fetish stuff but I have a bunch of friends who are, so I’ll appeal to them here for a grassroots user-opinion before bouncing the matter off the Open Rights Group to see what they say; I suspect that on general principles the answer will be that people should have rights over their own data, and the freedom to export it.

That said, I am not really certain that the exporter tool works in a way with which I would be entirely happy – if I read the linked document right, it appears to spider the user content and put it up on the web with no protection at all? If so, that’s rather unfortunate, even if it may be consensual. Also, if so, this “lock in” may actually be a positive protection measure.

I’d also be interested to know precisely what FetLife are having to take down in order to satisfy payment card regulation; the explanation is behind a paywall…

11 Replies to “A BDSM/Fetish website which apparently locks-in its user data and then deletes it #fetlife #aptbutwrong”

  1. My data is just that mine. I object to others decided what is and what isn’t acceptable in terms of my writing and poetry… Some if mine is quite graphic and descriptive…. If its to be deleted then let me delete it not done nameless moral police

  2. Nope, definitely not a joke. I wrote the FetLife Exporter a couple years ago when my attempts to get FetLife.com to prioritize user privacy and security issues were eventually met with threats of account deletion. Since I’d been using FetLife heavily and I didn’t want to lose my data, I wrote the exporter and used it on my own account.

    Then I wrote a stupid-simply PHP wrapper to offer the same ability to other users, because there were an increasing number of people who were upset about being locked-in to the service.

    However, FetLife is…well, [ASSERTION ELIDED – ED]. On the one hand, they’ve said they’re encouraging of people backing up their account, but on the other hand they suspend the accounts of people who try to do so, and they offer no export options of their own.

    I’ll happily answer whatever questions you have about this. An immense quantity of the happenings are also documented in various places on the Web. I’ll happily point you to those resources upon request.

  3. Behind the cut, the announcement reads:

    If you haven’t been in the loop. You should first read my announcement about losing the ability to process payments on FetLife and then read my update.

    From all the research we’ve done over the past two weeks, the Big 4 no-no’s are:

    1. Anything Under 18.
    2. Incest. (Even between consenting adults.)
    3. Zoophilia.
    4. Scat.

    Note: By incest, we don’t mean “daddy/daughter” play unless by daddy/daughter you really mean daddy… daughter play!

    For the record, when it comes to anything under 18, we don’t allow anything other than cartoon jokes. When it comes to zoophilia, all we do currently is allow people to fantasize about it. And when it comes to scat, we allow anything. Why wouldn’t we?!?!?

    But, because of what we’ve learnt over the last couple of weeks (and admittedly, many years ago), we won’t be allowing any of the above going forward. We won’t even be able to allow people to fantasize about incest (between consensual adults), zoophilia, or scat… if we want to continue to be there for the community.

    What the f#@k does that even mean? Said in my best Sacha Baron Cohen voice.

    FetLife is HUGE… so it might take a bit of time… but over the next 2-6 weeks (it’s not going to happen over night) we are going to:

    Clean up all our fetishes.
    Clean up all our groups.
    Re-write our internal guidelines.
    Introduce a new “Content Guidelines” page, that in plain english, explains to everyone our content rules. A page that we will keep updated and link to it from our ToU.
    Build better tools so we can catch offending content quicker.
    Re-engineer our Content Caretaking team.
    Like I’ve said in the past… it’s a slippery slope. And when you stop allowing people to openly write about some of their fantasies… it becomes really scary.

    Being forced to censor people’s fantasies, even if some make us squirm, is something I will struggle with. But hopefully something, as a community, we can come together and fight. And not by just allowing people to post content we are not allowed to let people post… like in the past… but by fighting the good fight.

    What’s the most re-assuring thing though in all of this is that the majority of you are being really understanding. Thank you so much for that!

    And like always, if you have any questions or comments please don’t hesitate to hit me up. I will try my best to answer as many questions as I can but if I don’t answer your questions here our new Content Guidelines, that we will be publishing in the near future, will.

    Thanks again everyone for your support!

  4. Nope, definitely not a joke. I wrote the FetLife Exporter a couple years ago when my attempts to get FetLife.com to prioritize user privacy and security issues were eventually met with threats of account deletion. Since I’d been using FetLife heavily and I didn’t want to lose my data, I wrote the exporter and used it on my own account.

    Then I wrote a stupid-simply PHP wrapper to offer the same ability to other users, because there were an increasing number of people who were upset about being locked-in to the service.

    However, FetLife is…well, pardon my language, but they are [assertion elided – ed]. On the one hand, they’ve said they’re encouraging of people backing up their account, but on the other hand they suspend the accounts of people who try to do so, and they offer no export options of their own.

    I’ll happily answer whatever questions you have about this. An immense quantity of the happenings are also documented in various places on the Web. I’ll happily point you to those resources upon request.

  5. People have the right to export their own data – their FetLife content belongs to them. But they don’t have the right to export other people’s content, and that’s what Maymay’s exporter tool does.

    Maymay’s exporter downloads not only your own content but the comments and profile avatars of people who also commented on the same pics or writing. It also downloads Private Messages and pictures of people who didn’t consent to having their content downloaded. Tens of thousands of people had their content downloaded by other people using Maymay’s exporter.

    Plus, all of this exported content was made public on Maymay’s website. The people who used the exporter weren’t informed that their content would be downloaded to his website and be open to the public so search engine bots could crawl it and make it publicly accessible. This content is adult-oriented and is normally protected behind FetLife’s robot.txt

    1. Susan – I quite agree, people should have control over their own data, and the principle of least surprise should be operative – people should not be surprised where their data ends up.

      However I really hope that fetlife depends upon more than robots.txt to inhibit spidering and unauthenticated download of data?

    2. People have the right to export their own data – their FetLife content belongs to them. But they don’t have the right to export other people’s content, and that’s what Maymay’s exporter tool does.

      If you actually believe this, you will prioritize development of a FetLife export tool that gives people that ability as I have been repeatedly challenging you to do.

      Maymay’s exporter downloads not only your own content but the comments and profile avatars of people who also commented on the same pics or writing.

      First of all, it does not download other people’s avatar pictures. [ASSERTION ELIDED – ED]. You obviously aren’t reading the code and you obviously don’t understand the difference between an image and a download. Please educate yourself [ASSERTION ELIDED – ED].

      It also downloads Private Messages and pictures of people who didn’t consent to having their content downloaded.

      For fuck’s sake, Susan. It downloads private conversations of the person using the tool. If someone is talking to you and they want to save the conversation, would you expect only one of the voices speaking to be recorded and the other voice not to be?

      Again, welcome to the Internet.

      Plus, all of this exported content was made public on Maymay’s website. The people who used the exporter weren’t informed that their content would be downloaded to his website and be open to the public so search engine bots could crawl it and make it publicly accessible.

      Thirdly, yes they were informed [ASSERTION ELIDED – ED] There is a video explaining the exporter and exactly this fact above the “submit” button. [ASSERTION ELIDED – ED]

  6. “Protected behind… robot.txt”?

    Blink.

    [Checks date… aha, April 1st, ri-ight, ya got me 🙂 ]

  7. Of course, I’m no techy – I’m referring to the fact that our website isn’t meant to be searchable. That’s why you have to register to be a member in order to see the profiles. I’m still getting too many messages from panicked people whose FetLife profile URLs are suddenly searchable on Google because someone else downloaded their content with Maymay’s exporter. This includes sensitive content like personally identifying information in the private messages and graphic adult photos, which were deleted from Maymay’s website but are still cached on Google.

    1. I am surprised that fetlife are getting a “moral pressure” from their acquirer. Adult content is certainly seen as a business sector at high risk of fraud, but its unusual for an acquirer to make a content-editing judgement, as there is a plausible defence that fetlife can make that any content not forbidden by their acquirer has been approved.

      That being said, I believe that there are a number of acquirers who are extremely keen to attract new merchants, and this is an option for fetlife that is worth exploring, if they are under this type of unwanted pressure. Its also worth looking at a payment indirection service such as Spreedly to avoid “lock-in” and also to significantly lighten compliance burdens such as PCI DSS.

      From a quick look at fetlife’s robots.txt:
      Disallow: /users
      Disallow: /posts
      Disallow: /groups
      Disallow: /explore
      Disallow: /home

      Although robots.txt is meant as a “gentle hint” to search engines what part to avoid, what it actually does is highlight to an inquisitive third party which parts of the website are considered sensitive. This is why many sites have done away with robots.txt, preferring to rely on web server or application controls for content visibility.

Comments are closed.