Copyright ©MMXXIV Patrick's Place LLC. All rights reserved.

Tech & The Web

Bluesky Rolls Out its Anti-Impersonation Policy

A 3D representation of the butterfly Bluesky logoDeposit Photos

As more users flee X for Bluesky, the platform says it quadrupled its moderation team and explained its anti-impersonation policy.

If there’s one thing you can count on when it comes to social media, it’s the concept of “bad actors.” That’s a nicer way of describing spambots, scammers and impersonators than I’d probably use. Bluesky is reporting a big surge in growth, especially since Election Day, as people flee the mess they feel X has become. But with the growth comes familiar problems. Bluesky just provided details on its anti-impersonation policy to help you know which accounts are authentic.

Unlike some other platforms, Bluesky does not (so far) offer the familiar little blue checkmarks services like Facebook and Instagram use. I omit X from that list intentionally. Twitter offered them but then Elon Musk changed how they work on X, rendering them mostly useless.

But the lack of the traditional checkmark doesn’t mean Bluesky isn’t taking some action to block those impersonator accounts.

“With more users joining Bluesky, we know how important it is to identify which accounts are real,” its official account said on its own platform. “Users deserve confidence that the accounts they interact with are authentic.”

Domain verification

The first step they’re taking is using verified domains as handles. The service allows organizations like The Washington Post, for example, to change its handle to its main website address. So its handle switches from something complicated like “washingtonpost.bsky.social” to simply “washingtonpost.com” on the service. The organization must then verify the URL by adding code to its web address that the platform recognizes. At that point, it approves the handle.

This is a good step for organizations, particularly businesses and charities. But notable figures within those organizations don’t really benefit directly from it. Let’s say you’re the CEO of a charity and you’re asking for donations. You can’t really get your handle verified the same way, since your name wouldn’t be the domain name.

Granted, if you were CEO, you’d want to push to the official account that is verified, anyway. But for the CEO and other high-rankers, there’s still no easy way to verify them.

It’s especially tricky for members of the media. A television station or newspaper, for instance, can verify its main site. But what about a lead columnist or a national correspondent for a newspaper? What about an anchor for a television station? Other than the main organization reposting that account’s content, there’s nothing on the person’s profile to “verify” that they’re not imposters.

What about celebrities? Sure, some actors have their own domains. Many, however, do not. How do you know that the action star or even the soap star you’re communicating with is really the one behind the account? (Or that the person’s “team” is in charge of it?)

More moderators

The service says it qudarupled the size of its moderation team. That sounds impressive, of course. But when you have a small number of people on a team to begin with, making it four times larger doesn’t necessarily mean bringing in a lot of people.

It’d be one thing if you had 100 moderators and you bumped it up to 400. But if you start with, say, five people, quadrupling it only means you have 20.

The service acknowledges a “backlog” of reports of potential bad actors who are impersonating accounts. It promises to deal with those reports as quickly as possible, adding they are “making progress.”

Parody accounts

Parody accounts are also a potential problem for users who try to interact with what they assume may be real. Some parody accounts post satirical content that is obviously satire. Others, however, post things that may, on the surface, seem more legitimate.

Bluesky’s anti-impersonation policy addresses this as well.

The service allows parody accounts as long as they clearly label themselves as such. Some sites have become famous for parody. So self-labeling as parody or satire isn’t necessarily a nail in the coffin.

But a site that’s designed to provide misinformation isn’t going to be nearly as interested in admitting that they’re not the real deal. Bluesky requires parody accounts to label themselves as parody accounts both in the name and the bio.

“Accounts with only one of these elements will receive an impersonation label,” its policy states.

If they do neither and moderators catch it, I imagine they’ll slap an impersonation label there as well if they don’t suspend the account altogether. But that part of the policy isn’t spelled out.

It does mention something called “identity churning.” That’s when a parody account builds a following and then switches names to something else in an attempt to fool its followers.

“If you set up an impersonation account just to gain followers and switch to a different identity that is no longer impersonation to keep that account, your account will be removed,” the policy states.

No sympathy there.

I hate to suggest the blue checkmark, but…

The mess X’s Musk made with those little blue checkmarks makes it hard to want to suggest them as a reasonable verification measure.

But there are instances in which a blue checkmark — or green or gold or some symbol other than a checkmark — something that indicates there’s been an extra step taken to verify the user’s identity, wouldn’t be a bad thing at all.

I could use my URL for my personal Bluesky account. But this blog has carried the name “Patrick’s Place” for more than 20 years now and my social account is likewise named Patrick’s Place. If I changed my handle to this site’s URL, that’s the only visible change to show any kind of verification and I don’t know that most people would recognize the URL as a handle as true “verification.”

Other than the handle name, the account still looks the same.

There should be some kind of icon, some kind of checkmark, or a color to make verification clear. And they need to expand the verification to include verified members of a team so that those who legitimately work for a verified organization likewise have some coverage.

If we’re trying to make sure the audience has an easier time telling which accounts are real and which might be fake, then we should have a clear symbol that stands out.

I’m glad they’re making their anti-impersonation policy visible. But it seems the lack of a clear symbol or indication that an account is verified is the biggest thing that’s missing so far.

It’ll be interesting to see how they proceed as their numbers continue to grow!

Have you given Bluesky a test drive? If so, how do you like it so far? If not, what’s stopping you from taking a test drive?

the authorPatrick
Patrick is a Christian with more than 30 years experience in professional writing, producing and marketing. His professional background also includes social media, reporting for broadcast television and the web, directing, videography and photography. He enjoys getting to know people over coffee and spending time with his dog.
Subscribe
Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x