by eepy.bsky.social – Updated October 21st 2023

Welcome to Bluesky! This platform may look and feel a bit like Twitter but it has some key differences especially in the areas of privacy and moderation. This article aims to give you the information you need to make informed decisions about how to use Bluesky safely while avoiding any privacy-related surprises.

As always, check when this was last updated. I try to stay on top of things but shouldn't be trusted to do that 100% of the time.

Summary • Settings: Tune settings so content you want to see is not hidden by default • Privacy: Some stuff you might expect to be private is actually public, especially likes and blocks. Stuff you might expect to be deleted can stick around for a while. • Feeds: Your content is discoverable in ways you might not expect coming from another platform and why your first post is important. • Blocking and Muting: How blocking works in detail and how to use mute-lists.

Settings

I highly highly recommend taking a look at your moderation settings. These will drastically alter your experience of the platform. For example, your Following feed will hide replies to posts in some cases. If you never want to see replies you can turn them off, if you always want to see them you will also have to opt in to that.

If you want to see adult content and you're using the iPhone app, you have to log in on the web app and change the settings from there. Android users can simply change the settings from the app. Important: the app will hide your own explicit content from you unless you enable explicit content in settings. You can set it to put nudity and stuff behind a spoiler that you have to click through.

If you speak multiple languages or want to see content in a language other than one your system (phone or computer) has set as default, manage that under language settings. When you make a post, you have the option to say which language it is in.

Privacy

I wrote a big article that goes into detail about what is and isn't private on Bluesky. You can read it here. Actually don't read it right now I need to update it because I don't know how much of it is accurate at the moment. The following IS accurate though (as of October 21st 2023).

To summarize:

Fully Public i.e: easy for anyone on the internet to access or build tools to access. – posts – reposts – likes – photos – blocks – who you are following – current profile info – your published mute lists

Who you've blocked is public information and there are widely used tools to view and run analyses on it. For example, there's a website where you can see the top most blocked accounts in the last 48 hours. There is at least one tool that allows you to view who has blocked you and who a given user has blocked.

Also want to emphasize that there are third party tools that allow anyone on the internet to view content on Bluesky without an account. Even though you need an invite code to post to the platform, everything on the above list is accessible to the entire internet.

Other people's likes are not visible to you in the official app, but they are technically public to the internet at large. Other people will be able to monitor what posts you've liked by using the API or a third-party app like Graysky.

Always private between you and bluesky – who you have muted – what mute lists you are using (the ones you publish are public) – your email address (with one important exception!) – invite trees: who you invited is visible to you but who invited you is not. Bluesky doesn't publish any invite information but they do store it. – moderation settings (aside from blocks, which are public)

Showing up in Feeds

If you haven't been on Bluesky very long you might not know about custom feeds. They're really cool! Check them out by going to “My Feeds”. There's one for nudes, pictures of cats, posts about science, posts by Black users, posts by furries, posts by users named Alice, posts that contain the word “eepy” and a million other ones.

These feeds are created by third party developers. Feeds can use any of the public information listed above to determine what to show you. For example, there's one feed that shows posts from the most-blocked users of the day and another one that shows you your own likes. Feeds know who you are when you visit them. We'll get into that later.

As far as I can tell, there's no way to opt-out of a feed. There was a rumor going around that you could do so by blocking the creator but I tested it and this is false. Just be aware that your posts can be discovered by people completely outside of your network even if you have very few followers.

If you haven't made your first post yet, be aware that there is a widely used feed called “Newskies” that shows only first posts. Introduce yourself and give some reasons folks may want to connect with you! If you have made your first post but want a do-over you can delete all the posts you've made (including replies!) then when you make a new post on your empty account it will show up in Newskies.

Languages and Feeds

Something very important to note is that the app will hide your own posts from you in feeds if they are set to a language you haven't enabled in settings. For example, if I make a post in Spanish and include a #linguistics tag to send it to the linguistics feed but I only have English enabled in setting, when I go to the feed, I will not see my own post.

You also won't see posts in feeds in languages other than the ones you've filtered in. I think the default for everyone is English, so if you speak any other languages please check your language settings before telling feed operators their feeds are broken.

Data Saving

Third party apps and federation are great! One side effect of them though is that it's standard practice to store all the activity on the network. Of course this is a risk anywhere on the internet but on Bluesky, it's much more likely that the minute you post something it gets downloaded to someone's hard drive and kept forever.

There's no guarantee that deleting something actually makes it go away.

As the old internet adage goes: don't put anything online if you don't want it to be public forever. This is more true for anything posted to Bluesky.

Muting and Blocking

Unlike blocking, who you mute is private. Users can create mutelists that other users can subscribe to. When you subscribe to a mutelist you will mute any users currently on the list and any added in the future. By unsubscribing, all the users on the list will be un-muted. Which mutelists you subscribe to is private information. There are prominent users who curate mutelists which are widely used in specific communities. “Another one for the contraption” is lingo I've seen used for “add this asshole to your mutelist”.

Since blocks are public, the consequences of doing so are a bit different than they are on Twitter (or anywhere else really). When you block someone, consider that they could at any point look at a list of who has blocked them and see you on it. Also consider that someone could look at a list of who you have blocked.

Blocking someone prevents them from interacting with you in any way with a single exception: blocking you back. This includes: – unblocking you: they can block you back but once they do neither one of you can ever unblock the other – unfollowing you: if you block someone who has followed you they won't be able to unfollow you. They won't see your posts but you'll stay in their list of followers. Two people who have followed each other and then blocked each other will never be able to either unblock or unfollow the other. How the app handles hiding content from people who have blocked each other changes frequently. As of time of writing, if someone replies to you or you reply to them and one blocks the other, both of you will lose access to all posts downstream of you. So, think twice before blocking someone you talk to a lot.

Also important to consider that there are other apps than the official one that can be used to access bluesky and they may have different behavior regarding blocks.

Third party services

App Passwords

Certain third party tools including interfaces like Skyfeed or Graysky and visibility tools such as block viewers require you to generate an app password. App passwords are very permissive in that they have all the same capabilities as your actual password with two exceptions: it is not possible to delete your account or create more app passwords. As of recently (October 2021), they can no longer access invite codes – which is good.

App passwords can reveal your email address! Before giving away an app password, be 100% certain that the owner is trustworthy enough to not steal this information.

Feed Analytics

This probably isn't relevant to most people but if you're a politician or something you should be aware that feeds are third party services. As such they can collect information on how often you (yes you in particular!) visit them. At least one feed operator has publicly admitted that they store and monitor information on individual's usage of their feeds.

Many feeds are created with a tool called Skyfeed. The creator of Skyfeed says that they don't collect individual usage data for those feeds and I personally believe them – so skyfeeds are potentially more private than other types. That being said, probably don't visit the golden showers feed on the account you use to run for congress!

Soft-blocking

Soft-blocking is the word for something people do on Twitter where they block and then unblock to remove them as a follower. This does not work on Bluesky! If you block someone who has followed you it will not remove them as a follower and will actually prevent them from being able to unfollow you. They won't see your posts, but they'll be stuck in your follow-list until you unblock them.

Footnote

Whenever I post one of these I get few people who seem to think I've uncovered some kind of conspiracy and/or oversight. That's not at all the case! This information is all publicly available and widely understood in the AT Dev community.

Bluesky is built this way on purpose to be an open network that anyone can own bits and pieces of. As a result, it can't work the way a centralized network can. Mastodon also has public blocks and Nostr has public muting for example.

---

Hope this helps! If you're not a Newskie, send this to your friends along with the invite code.

Follow me at eepy.bsky.social if you'd like.

Questions about this article can be posed under this thread to keep them organized: https://bsky.app/profile/eepy.bsky.social/post/3jyz7p7k4tl2x