this post was submitted on 04 May 2026
351 points (90.9% liked)

Fediverse

41949 readers
68 users here now

A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, Mbin, etc).

If you wanted to get help with moderating your own community then head over to !moderators@lemmy.world!

Rules

Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration)

founded 2 years ago
MODERATORS
ruud@lemmy.world
Xylinna@lemmy.world
MrCenny@lemmy.world
TragicNotCute@lemmy.world
automodbeta@lemmy.world
woelkchen@lemmy.world
351
AI-assisted moderation in the fediverse is happening. Now what? (join.piefed.social)
submitted 5 days ago* (last edited 5 days ago) by rimu@piefed.social to c/fediverse@lemmy.world
345 comments fedilink hide all child comments
 

I recently discovered that some popular federated instances have been using LLM-assisted moderation tooling that evaluates whether someone has said something bannable. They do this by running a script/app that sends the user’s comment history to OpenAI with the question “analyze this content for evidence of specific political ideology sentiment. Also identify any related political ideology tropes“. (The italic bits are where I've redacted the ideology they're seeking).

OpenAI’s LLM (they’re using GPT-5.3-mini) then responds with something like:

image

and so on, hundreds of comments.

I have not named the instances or people involved, to give them time to consider the results of this discussion, make any corrective changes they want and disclose their practices at their own pace and in their own way. I have also redacted the evidence to avoid personal attacks and dogpiling. Let’s focus on the system, not the individuals involved. Today these instances and people are using it and maybe we’re ok with that because it’s being used by groups we agree with but what if people we strongly disagree with used it on their instances tomorrow?

The use and existence of this tooling raises a lot of other questions too.

What are the risks? Fedi moderators are often unsupervised, untrained volunteers and these are powerful tools.

What safeguards do we need?

Would asking a LLM “please evaluate this person’s political opinions” give different results than “find evidence we can use to ban them” (as used in the cases I’ve seen)?

What are our transparency expectations?

Is this acceptable and normal?

Should this tooling be disclosed? (it was not – should it have been?)

If you were given a choice, would you have opted out of it?

Can we opt out?

Are there GDPR implications? Privacy implications? Should these tools be described in a privacy policy?

Are private messages being scanned and sent to OpenAI?

How long should these assessments be retained and can we request to see it, or ask for it to be deleted?

Once the user’s comments are sent to OpenAI, is it used to train their models?

What will the effect be on our discourse and culture if people know they are being politically profiled?

Where are the lines between normal moderation assistance tools, political profiling and opaque 3rd-party data processing?

I hope that by chewing over these questions we can begin to establish some norms and expectations around this technology. The fediverse doesn’t have any centralized enforcement so we need discussions like this to develop an awareness of what people want in terms of disclosure, privacy, consent and acceptable use. Then people can make choices about which instances they join and which ones they interact with remotely.

And of course there are the other issues with LLMs relating to environmental sustainability, erosion of worker’s rights, increasing the cost of living and on and on. I can’t see PieFed adding any functionality like this anytime soon. But it’s happening out there anyway so now we need to talk about it.

What do you make of this?

top 50 comments
sorted by: hot top controversial new old
[–] sobchak@programming.dev 26 points 3 days ago (8 children)

I'm mostly just surprised that a mod would pay for tokens to moderate. The Fediverse is radically public by design, so I don't have any expectation of privacy. I'd bet at least someone is gobbling up the entire Fediverse to train AI, since companies are so desperate for new human-generated data.

[–] mathemachristian@lemmy.blahaj.zone 9 points 3 days ago

It was a local model.

load more comments (7 replies)
[–] gedaliyah@lemmy.world 159 points 5 days ago (40 children)

I don't like this happening, and there should be transparency in all moderation decisions, but some of these points make no sense.

There is essentially no expectation of privacy on threadiverse platforms. Everything is public and probably already being used to train models.

There is no private messaging system. Direct messages are unencrypted and potentially visible to any instance admins. They and should not be used to share anything sensitive.

[–] scrubbles@poptalk.scrubbles.tech 77 points 5 days ago* (last edited 5 days ago) (29 children)

Thank you for calling this out. I think people assume that since it's held by private instance owners that the fediverse is secure. I've posted this comment many times, that no, the fediverse is quite literally by design open and unencrypted.

A post is literally blasted out to anyone who listens, same with comments, upvotes, downvotes, everything can be saved, stored, and used for whatever anyone who listens wants. It should be completely assumed that nefarious agencies are currently listening and storing everything we do here. This is by design. It's the tradeoff we have of having an open platform. Anyone can spin up a server, and that means anyone.

DMs are similar, they're blasted out to the other server. If the server admin of the user in question wants to read them, they can. Lemmy/the fediverse is not a secure messaging platform. That's why the Lemmy devs literally put a Matrix handle option in the profile, to encourage people to use Matrix instead. A DM on here should be simple, to the point, and if need be, inviting them to speak on something secure.

Edit - As a perfect example of the fact that there should be no expectation of privacy here on Lemmy, as an Admin myself, I can see that @A_normy_mouse has been downvoting all of my comments here. Absolutely everything here is public and visible, even if I weren't an admin there are tools to view this, regardless of your opinions. It's imperative that everyone understand this.

Edit 2 OP as well has downvoted me. @rimu@piefed.social I'm sorry if you disagree, but it's irrelevant. Everything you do here can and should be assumed will be used in any way that you disagree with, that is the nature of the fediverse. Mastodon, Pixelfed, Piefed, Lemmy: ActivityPub is an open and unencrypted protocol. Even if it were encrypted, you still put 100% of your trust in your server admin, and beyond that each server admin you are blasting your messages out to.

I'd highly suggest accepting this fact before trying to push for rules. The very nature of the Fediverse is that no one can dictate rules, and to do that the tradeoff quite literally is that everything is open and unecrypted.

Another way to think of this. I run a server myself. I made my own rules and decided how to run it. Now your server starts sending activity to my server. That's your server's choice. I didn't agree to your rules, I may disagree with your rules, but you're sending your data to my server, of which I have complete and total ownership over. I didn't click accept on a ToS, I didn't agree to anything. Hell on my server I could literally have a "By sending me your data you accept that I can do whatever I want with your data". You sent me your data, I quite literally can do whatever I want. (Personally I won't, but that's how you should think of the fediverse)

load more comments (29 replies)
load more comments (39 replies)
[–] forestbeasts@pawb.social 6 points 3 days ago (1 children)

Oh fucking YIKES.

Do NOT send our post history straight to OpenAI, that's just ... extremely gross.

Sure, it's "public", but that doesn't mean feeding it directly to the slop machine is okay.

-- Frost

[–] mathemachristian@lemmy.blahaj.zone 7 points 3 days ago* (last edited 2 days ago)

there is no AI moderation, no one is sending comments to OpenAI

It’s a python script that calls the lemmy/piefed api to grab comment histories. Calling it an “App” is quite a stretch. Luminous just likes pretty things, bless his cotton socks.

You are right about one thing, we will no doubt keep using the script to pull comment histories on the few occasions when we want a deep dive into someone’s profile.

For the record, we were never planning to use it as an automod or hook it to an LLM. You hallucinated that, ironically. That’s why we never announced it. It was nobody else’s business.

https://lemmy.dbzer0.com/comment/25880065

Also the LLM was running locally nothing got sent to OpenAI

quite frankly it's shameful to leave this slanderous post up without even linking to the accused parties statement.

[–] General_Effort@lemmy.world 11 points 3 days ago

GDPR-wise, this is the absolute nightmare scenario.

Data about the political orientation is defined as especially sensitive ("special category data"). When people just straight post their ideological leanings, that's one thing. But what's described here is profiling. All the available data relating to a person is analyzed by "automatic means" and used to assess their leanings. This then is used to discriminate against them. It doesn't get much worse.

This might be legal in very specific circumstances. EG non-profit religious or political organizations are allowed to police their members and associates to some degree. That would involve quite some extra paperwork. But it doesn't apply here anyway.

Apparently that is on top of ordinary GDPR violations. The processing is done by a third party (OpenAI) without the necessary paperwork. You remember that billion Euro fine that Meta got? That was because they processed data outside the EU, in the US. And that wasn't even "special" data.

You know how those cookie banners in the EU look like? That's for normal data. All the disclosure, all those settings are legally required. Some people on the Fediverse go apeshit over far smaller things.

This may also be a problem for other instances. Your instance sends all your data (except e-mail and IP address) to anyone in the world who asks, with no strings attached. That may be okay as long as users understand that that's exactly what they sign up for. Looking at comments here, it doesn't seem like that is universally understood. That's a problem. On top of that, we now have a situation where there are hints that the personal data is being abused.

[–] skisnow@lemmy.ca 16 points 3 days ago (1 children)

LinkedIn's LLM-powered automation banned my account on a false positive a few months ago, and it took ages to get it sorted out and they treated me like shit the entire way through even after acknowledging that they'd made a mistake. Sadly it's extremely difficult to operate in my field without a LinkedIn account, because I would love to be able to delete it.

This shit is poison

load more comments (1 replies)
[–] Andy_R@feddit.uk 20 points 4 days ago (1 children)

Is Rimu okay lately? He’s been acting so hostile.

[–] MysticMushroom1776@lemmy.dbzer0.com 16 points 3 days ago

I don't think so, then again he hasn't been okay for a while. Him making poor descisions about piefed and deleting users who are critical of him aren't a new thing. They're par for the course. People have criticized piefed for this for a while, but they've been dismissed as tankies or reactionaries. I admit I used to dismiss them as well. Not anymore though.

[–] Alvaro@lemmy.blahaj.zone 48 points 4 days ago (5 children)

Wthout going into the issue itself, it is such a ridiculous waste to use an llm for something that a far simpler model could do like 100x faster and locally for essentially free...

Just search for "machine learning text moderation" and you will find all kinds of options. Not to talk about the fact that a simple 4B LLM could do this as well.

One thing I really hate is how LLMs have completely overshadowed the entire ML/AI field and people just use them for everything.

Using a trillion parameter LLM model for basic text moderation is like using a gaming rig to play candy crush.

load more comments (5 replies)
[–] Duke_Nukem_1990@feddit.org 10 points 3 days ago* (last edited 3 days ago) (6 children)

Lol it's dbzer0 isn't it.

But also, I don't really care. The fediverse is open by design, you don't even need an account to access the data. I don't like it but we can't really do anything against it.

load more comments (5 replies)
[–] db0@lemmy.dbzer0.com 53 points 4 days ago* (last edited 4 days ago) (17 children)

You talk about instances utilizing this tooling, but in your comments you admit it's just some mods. This is misleading, as talking about instances doing it assumes admin access and relevant instance policy, something which invites calls for defederation (as can be clearly be seen from the comments in your post).

A random mod doing something is not the same as an instance doing it. Literally anyone can be a mod and they don't get any more access than an anonymous account by doing so.

This is the second time in one week I see you throwing careless statements like chum in the water. I can't help but notice a pattern emerging.

load more comments (17 replies)
[–] runsmooth@kopitalk.net 3 points 2 days ago* (last edited 2 days ago) (1 children)

I think the use of AI or LLMs for the Fediverse is a fair topic of discussion. Instances are run by volunteers, and these instances are free to dictate how their communities are to be administered. These Instance Admins can determine the jurisdictions that they operate under, and the laws that they are subject to. I'd suggest then the use of "AI" or LLM products are a choice made by each Instance.

But, just as Instance admins have these powerful choices, I believe that end users should also be given notice that these products are expected to be used so they can decide to continue with their account or move. I also recall that when many "Redditors" decided to leave, they also made a lot of fuss about salting their posts so that their contents not be used as training material to develop a commercial LLM. I'd point out this was a time when Meta and others were found to be combing the internet, downloading pirated materials, and using these for training purposes.

In 2026, these LLMs have already taken these pirated materials and public social media posts. There are news articles of how failed start-ups are even selling their Slack and other work related chats as training materials as well. In time, perhaps these issues can be properly litigated in courts. But for social media Instances run by volunteers, resources are limited already. I don't think these Instances should be responsible for the privacy of the end users. Rather, good education in generating throw-away email addresses, strong passwords, and VPN use can give users real choices.

While there's an argument that posts should not have any expectation of privacy, that doesn't mean we don't collectively share an interest in the value of privacy - a human right. I don't believe users who sign up for accounts on the Fediverse and are asked for their email to set up an account, expect in turn that information to just be published to the world with full, open access without some kind of notice or choice to opt out, for example. Ultimately though, I believe the issue must be dealt with at the government level, and that means people getting pitted against professional lobbyists and politicians.

I want to also clarify that there will also be times when intervention is necessary. We're here to join together in community, and "AI" or LLM activity that ultimately attacks that objective should be a top issue. For example, I'm not sure anyone here would be comfortable with "AI" duplicating an Instance and impersonating the community members within it. Yet that did happen on Mastodon. I recall the community responding, making reports and complaints to ultimately get the instance taken down. Another example would be AI or LLM accounts that do not identify themselves as bots, and are here to post on the Fediverse to astroturf issues or manipulate discussion are clear threats to proper discussion.

But I don't want to digress too far from the original concern, which was how people feel about LLMs processing Fediverse posts, and related issues. Assuming we are not discussing materials that are already restricted or illegal, we cannot control what people choose to share on these platforms of themselves, and I don't suggest we even attempt or consider it. But we can try to control how much information these platforms retain about its users - and I suggest that should be as close to zero or nil as possible. In this way, even if an Instance admin faces terrible pressure from a state, the platform itself has as close to nothing additional to report or share besides the face value posts of an account.

I'd also want to point out that we all do some form of labelling or profiling as we go over posts or read. Is there a difference between what we do already, and what an LLM does to create an opinion to profile a collection of posts? Humans get it wrong all the time, as would any LLM for that matter. Computers are valued because they're good at copying and pasting information. What changed exactly if one person copy and pastes for free and for themselves, vs another who copy and pastes on behalf of a third party for a fee? I'm not really inviting philosophical discussion, this is mostly a question for myself. Whether the copy and paste procedure is done once by hand or thousands of times by computer, I'm still weighing the question.

I think it comes down to exploitation of asymmetric information and the appropriate use of the profits from this exploitation. But I suppose that's always been an evergreen issue.

[–] runsmooth@kopitalk.net 1 points 1 day ago* (last edited 1 day ago)

I wanted to add that while it's good to talk about LLM's, part of this discussion is to explore either alternatives to their use or ways to partner the use of LLM's with real human interaction. CEO Hawk for Discourse recently shared a blog post deep dive into Digg, and offers how Discourse has features in place to build trust in users and the community as a whole. Some of these features involve turning on email sign ups, a tiered system of membership that builds trust over time and engagement that opens up more options to the user (increased post limits, access to chat, increased edit limits, options to attach files). As I recall, this includes badges that can be visible to the community to demonstrate progress and acceptance.

https://blog.discourse.org/2026/05/the-digg-lesson-why-moderation-infrastructure-matters/

I recognize that CEO Hawk takes a similar view of LLM's in the sense that there's a concern if LLM use is rampant, then a community cannot differentiate between authentic engagement vs the concern I raised of astroturfing. I agree that this is a threat to proper discussion, and the Fediverse must answer this threat. I do agree that a "trust system" does provide a lot of answers, and in some ways PieFed has already introduced some of these trust based features.

[–] eugenevdebs@lemmy.dbzer0.com 18 points 4 days ago (3 children)

This is the person calling you a tankie. Someone so afraid of words that they need a hallucinating robot to hold their hand and confirm that everything is a secret plot against them. The absolute only way I could see this being useful is for something like trying to sniff out if a Lemmy.world mod account is a leftist infiltrator or not. Someone who had a different opinion on a current event.

You could maybe run a speech pattern comparison but that’s it. For everything else you just made Stupid Reddit and the purpose of their forum is to feed training data to ChatGPT so that it can profile Fediverse users.

This is the kind of shit dystopian novels are made out of. So angry about people calling out actions you built a tool to analyze why they did it, so you can purge users from your digital kingdom.

I for one welcome flat.world and Piefed showing their true intentions. Digital colonization of activitypub and removal of the people who helped to built it. They didn't want to leave reddit, they wanted to be reddit. This is some Spez shit.

Maybe in 2 weeks Piefed will hard code that anyone Rimu has tagged for disagreeing with them mild criticism to be unable to make accounts or federate posts with a false error code.

[–] null@piefed.nullspace.lol -2 points 1 day ago* (last edited 1 day ago)

Lmaoooooo wait, did you think this was PieFed introducing an AI-assisted moderation tool? Rushing to comment too fast and this was your take?

Your silence speaks volumes. What a faceplant! Ahahahaha

Does @flatworm7591@lemmy.dbzer0.com know you think they're:

Someone so afraid of words that they need a hallucinating robot to hold their hand and confirm that everything is a secret plot against them.
So angry about people calling out actions you built a tool to analyze why they did it, so you can purge users from your digital kingdom.

load more comments (2 replies)
[–] ResistingArrest@lemmy.zip 50 points 5 days ago (10 children)

I think this will exemplify the beauty of federation. If I find out my instance mods are running all of my comments through a company’s ai model, I’ll switch instances. This is in great disparity to something like Instagram or Snapchat where every photo I post is immediately fed to ai and my only options are: be okay with it, never post, or delete Instagram.

load more comments (10 replies)
[–] wjs018@piefed.wjs018.xyz 47 points 5 days ago* (last edited 5 days ago) (11 children)

I don't think the privacy issues here are too salient. Pretty much everything on the fediverse is public already and have likely federated outside any particular region like the EU, so GDPR doesn't really have any teeth. The exception to that would be if instance admins are using database access to also feed private messages to an LLM (especially a corporate LLM). I know that the "private" in private messages on the fediverse can be conditional...but it should at least be considered private from LLMs as an expectation since those messages are inaccessible to things like scraper bots or listening instances designed just to harvest data.

My biggest concerns here would be twofold:

  1. False positives - LLM sycophancy is a thing. So, I worry that if you ask an LLM to dig through a big pile of text looking for a thing, that it will tell you that it found that thing...even if it is completely removed from context or completely made up. The false positive rate might be low (I have no idea), but I guess I just don't trust the LLM enough to let it take the wheel with stuff like this.
  2. Outsourcing moderation - LLMs are not going to be up to the task of moderating everything, just ask digg. However, tools to help moderators effectively do their jobs are helpful as well. There is a balance to be struck here. I think, for me, something like asking an AI essentially, should I ban this person, just feels like you are outsourcing your decision making too much. It is too far on the automation side of the scale for my tastes.

All that said, people can run their instances how they want. I don't really have strong opinions on LLMs/AI in general, I just kinda hate big tech companies. That is my foundational belief in the work that I do for the fediverse - fuck big tech and the oligarchy they have built/funded in my country. That is really the only axe I have to grind in all this.

load more comments (11 replies)
[–] Grail@multiverse.soulism.net 30 points 4 days ago (1 children)

Defederate, no question.

Are you gonna tell us which instance is doing this?

load more comments (1 replies)
load more comments
view more: next ›