this post was submitted on 26 Mar 2024
320 points (96.0% liked)
Privacy
32169 readers
438 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I think this is impossible in a fediverse context. Data is either shared publicly or only shared with your home instance's admins. There's no other sharing model as far as I know.
Thats no issue. You can make only public data federate and use p2p for sensitive data.
Public would be your skills, some text about yourself, your industries and amount of employed years in each industry without dates or companies.
Think of it like a puzzle. First part the employer gets to see. They can search „java dev 5 yrs exp“ and get 100 peeps, in state/country/remote, for xxx$ per year/month/hour.
Then they can send you a request but only if they have authenticated through their own public website like on mastodon. If you accept, they can ask you questions and talk. If you reach common ground, they can request your full cv which could be self deleting or something in case the job falls through.
Its not a perfect system but its a lot safer than sending a cv per unencrypted email imo. or answering to some rando on linkedin. Also, anyone who knows you can find you on linkedin with your clear name. Its totally crazy to decline the potential of such a project in light of the current situation.
Things could be encrypted. But yeah, that's my biggest issue with the fediverse, it's just not designed around privacy. It's also why I'm working on my own lemmy alternative, I want something a bit more privacy-friendly.
I don't think working on a LinkedIn alternative is worthwhile because it relies even more heavily on the network effect. The only point I see in LinkedIn is in finding jobs, and getting employers to look at something else is an uphill battle I don't want to fight.
My understanding is that Activitypub federation and that sort of privacy are somewhat incompatible. Because someone could always just create a new instance and then federate the stuff you don't want shared with them.
The point would be sharing data that's not useful without the key. So you could share your public key and public metadata, but to access private data you'd need to get approved first. An approval request would be encrypted with your public key and contain a response key, and your response would contain your response encrypted with their key.
You obviously wouldn't be able to control what they do with your data once decrypted, but all of that back and forth can happen in the clear without giving up private information. It's the same way GPG/PGP works over email, just on a fediverse instead of SMTP.
It really wouldn't be all that hard to implement, I just don't think it would get any meaningful traction because LinkedIn is so reliant on the network effect.