Fetlife Criticism Links

There’s A War On -- Part 6: Anti-Sunshine League

Justice Brandeis said that sunlight is the best of disinfectants.... Who could be against that? The single largest online organ in the BDSM universe is against that: Fetlife. The Borg that is taking over all online BDSM discourse has a TOU (Terms of Use) that flat-out helps the abusers. There have been suggestions to change it through formal channels. They’ve gone nowhere.

A radical social experiment started last winter. In one small group of mostly New York youngish queerish kinksters, the owner started taking anonymous, first person accounts and posting them — including ones that named names. The results were mixed. Several people owned up to past misconduct, or said that if anyone thought they should be named that they welcomed it. Some folks who were named talked about things they had done wrong and their process to fix it, including not playing while impaired, or recognizing bad relationship dynamics that they had felt gave them license to act wrongly. Others reacted poorly, of course, and some people whined about the drama, because resolving interpersonal conflict is uncomfortable.

On March 5, the Carebears who run Fetlife shut it down, disappearing the items that named names.

Fetlife privacy or lack there of

The core of the problem is that Fetlife wasn’t designed for privacy. Instead, it depends on goodwill to protect its users. You know, your vindictive former spouse’s goodwill and agreement not to create an account, download the naked pictures you’ve posted to Fetlife, repost them to facebook, and tag you.

Fetlife does not protect users from each other, but it does isolate conversations from the rest of the internet. That sounds like safety, but is actually a gross approximation of such. When I use Facebook I can post a status that I only want close friends to see, when one of them links to it outside of Facebook any users not in that category “close friends” will not be able to access the content. Not so with Fetlife – you post something to Fetlife and a friend links to it from outside of Fetlife, sure enough anyone following the link will be presented with a page that explains that this content is only available to members. They can then sign up and access your content. It doesn’t matter if you know them, trust them, or are working for them: they can make an account and access the content you create.

Fetlife Is Not Safe For Users

Now, to have full control of your content (“Anything posted on your profile can be removed at any time… it is your profile after all,” promises FetLife), means that when you tell FetLife to delete an image, the image should first be removed from Amazon S3, then from Fastly, then finally from FetLife. Failing to do things in this order — like, say, the image is deleted from Fastly first, then Amazon S3 — would result in Fastly fetching the image again, effectively cancelling the deletion process. Deleting the FetLife copy first would disable a user from trying to delete content again if either of the subsequent deletions on Amazon S3 and Fastly failed.

Unfortunately, it seems that the only place deletion is occurring is on FetLife itself. The consequence of this oversight, as far as I can tell, is that the image or video will remain on Amazon S3 for all time, and on Fastly until the cache expires, which is set by FetLife to be a little over eight years (see the HTTP headers serving the image for the cache persistence — Cache-Control:max-age=252460800, public. This refers to your browser cache as well as Fastly’s, as you can see on their API docs).

This means that any non-FetLife URLs people retain of images (which you can get by inspecting the element in-browser and grabbing the URL, or by right clicking on any thumbnail in FetLife and modifying the last chunk of the URL from _60.jpg to _720.jpg) will remain live for effectively eternity. This also means that if Fastly or Amazon S3 were compromised or subpoenaed, your supposedly “deleted” images would be right there for the taking.

Got Consent? III: Fetlife Doesn't Get It

FetLife is focused on the appearance of security–making you believe you can’t download images because you can’t right-click on them, for example. Yet because its being shown on your screen it is already on your computer and you can get the hotlink from the HTML code. Nor does FetLife respect the autonomy of your account. FetLife administrators can and do go in and change content. They have gone so far as to change users‘passwords without their consent!

Just like FetLife doesn’t respect the consent (or lack thereof) of abuse victims, they don’t respect the consent of average users when it comes to sharing of information. You should have the option to consent to who views what information about you on social media and other websites. Of course; loads of websites count on users being careless about privacy. The culture of the internet has evolved to rely on users not thinking about whether they have or should have the ability to consent to share information. The history of Facebook is a classic case of consistently pushing the boundaries on privacy. But Facebook also have provided complex privacy controls. Granted, many people don’t use them right. But they exist. You can limit things to be viewed only by some friends and not others; you can control whether other people see pictures that have you in them. You can make it so people who aren’t your friends can see almost nothing about you; indeed, I think that’s now the default.

FetLife has very little in the way of direct controls on who can see what you post, and is counting on its users not being experienced with the Internet.

The Story of 'No' [tw: sexual assault narrative] -- this one is mostly about BDSM communities in general but also includes an abuse accusation against John Baku, the founder of Fetlife. This is the only surviving record I cound find of it.

Fetlife Premium Members Cross-Referenced with Predator Alert Tool

From a dataset of over 1.5 million FetLife accounts (1,517,103, to be precise), a total of 15,495 customers were identified, showing that FetLife’s customer base is approximately 1.02% of its total user base. In contrast, out of 652 unique users reported to the Predator Alert Tool for FetLife, 86 of those users are paying customers, which is a whopping 13.19%.

(Note: the database of these predator reports is public. And yes, there are reports about the creator of the database.)

A platform effect

I think Fetlife’s lack of privacy settings and thing with pushing anything anyone on your friends list says (including in a group) into your feed contributes to inhibiting the bringing up of and discussion on certain topics. (Obviously Fetlife has a lot more problems than that, most prominently the one about protecting rapists, but this is one I’m not sure I’ve seen brought up).

Because, this means there’s basically no space between ‘don’t discuss things’ and ‘potentially have a fight with everybody ever’.

Lastly, tips for the sex-repulsed -- some important things to take into account if you're considering joining Fetlife, both the problems and some workarounds for those problems.