You are requiring users sign up for an account on a proprietary, closed-source, for-profit server. All metadata will flow through this entity and whoever they choose to share or sell this data to. Many rooms demand SMS verification which will often leak who you are and prevent anonymity. Chat platforms also include DMs and smaller group chats for private conversations around projects and there is no E2E so you’re making all of these message be read by Discord. Users must also agree to the ToS set by Discord—not your community—which can change and go against the community wishes. They also have the maximum authority to just axe your community by shutting down its chatroom (it’s not a “server”) if a bad apple breaks those ToS.
> Also what kind of privacy informations would you share in OSS community
If you are building a community, then people chatter around the common area (this chatroom or server) about work and real life stuff just like they do at the water cooler and at conferences because we’re humans and not code monkeys who want to connect to one another. That’s normal, but letting corporations read that data should not be normalized considering we already have the technology, E2EE. With E2EE law enforcement and the government couldn’t read it either. The public side should be public and search indexable, but the private messages should be private. Without good support of third-party clients (which corps like Discord like to shut down), implementing something like OTR is much more difficult and I doubt many folks would bother going through the effort to exchange PGP keys and, I dunno like, using some browser add-on to seamlessly do the encryption/decryption in the browser for you.
With a technology like XMPP or Matrix, users could self-host a server behind a proxy or Tor and join the discussion anonymously without having to create an account or sacrifice that anonymity if they didn’t want to, and that should be allowed and acceptable.
With IRC, it’s flawed but most of the big servers are at least ran by foundations and non-profits which have different motives with how they would collect and treat that data.
Do you like eavesdroppers when you’re in chatting to a friend in a public space? Would you be happy to be constantly recorded while in such a space behind a closed door too? And then those recordings sold or given to the cops when they requested? Because that’s what you’re signing everyone up for when Discord is chosen, and you have the option of not doing that.
You are requiring users sign up for an account on a proprietary, closed-source, for-profit server. All metadata will flow through this entity and whoever they choose to share or sell this data to. Many rooms demand SMS verification which will often leak who you are and prevent anonymity. Chat platforms also include DMs and smaller group chats for private conversations around projects and there is no E2E so you’re making all of these message be read by Discord. Users must also agree to the ToS set by Discord—not your community—which can change and go against the community wishes. They also have the maximum authority to just axe your community by shutting down its chatroom (it’s not a “server”) if a bad apple breaks those ToS.
Tldr: unless you give them your phone number, then it is no different from the rest of the internet.
It is like acting that hair dresser violates your privacy because s/he wrote your last name and date of visit.
>so you’re making all of these message be read by Discord.
They may, but unless you have proof that they do (except law enforcement cases) then you cannot simply state that they violate your privacy.
Also what kind of privacy informations would you share in OSS community (which should be transparent after all, right?) chat that youre worried about?
Also how IRC server owner doesnt violate your privacy too?
> Also what kind of privacy informations would you share in OSS community
If you are building a community, then people chatter around the common area (this chatroom or server) about work and real life stuff just like they do at the water cooler and at conferences because we’re humans and not code monkeys who want to connect to one another. That’s normal, but letting corporations read that data should not be normalized considering we already have the technology, E2EE. With E2EE law enforcement and the government couldn’t read it either. The public side should be public and search indexable, but the private messages should be private. Without good support of third-party clients (which corps like Discord like to shut down), implementing something like OTR is much more difficult and I doubt many folks would bother going through the effort to exchange PGP keys and, I dunno like, using some browser add-on to seamlessly do the encryption/decryption in the browser for you.
With a technology like XMPP or Matrix, users could self-host a server behind a proxy or Tor and join the discussion anonymously without having to create an account or sacrifice that anonymity if they didn’t want to, and that should be allowed and acceptable.
With IRC, it’s flawed but most of the big servers are at least ran by foundations and non-profits which have different motives with how they would collect and treat that data.
Do you like eavesdroppers when you’re in chatting to a friend in a public space? Would you be happy to be constantly recorded while in such a space behind a closed door too? And then those recordings sold or given to the cops when they requested? Because that’s what you’re signing everyone up for when Discord is chosen, and you have the option of not doing that.