Login Sign up

Can other people read my direct messages?

Last updated on 

Lets start off by saying that nothing on the internet is truly private, but that does not mean you don't have a right to privacy. Your right to privacy should be respected to the fullist extent the law allows. Most server administrators, especally those at Inadvertently Online, respect your priavacy. With that being said, the posts on mastodon are not end-to-end encrypted, and no matter what service you use to communicate online the messaages have to be sent and stored somewhere.

In regards to mastodon, the location these messages are stored is along side other posts on the platform. This is because direct messages on mastodon are really just posts with their privacy scope set to only be visible to those mentioned in the message. All posts on mastodon are stored in a database to be retreived by the application for it's users to view if they have the right permissions, and database administrators have permissions at the database level to conduct maintence and operations work. This level of access does not differ from other services used day to day online.

The way this is communicated to users is through policies, and via an information box on the client when a user goes to post a "direct message". When the scope of a post is set to `mentioned people only` an information box is displayed above the input field as shown in the image bellow.

Screenshot of the input box on mastodon with the privacy scope set to "Mentioned people only". The information box above the input field reads, "Posts on Mastodon are not end-to-end encrypted. Do not share any sensitive information over Mastodon. Learn more" with the learn more being a link to the privacy policy page of the instance.
Mastodon Post Input Box

It's strongly encuraged not to post any sensitive information or illiegal content via mastodon.

Additionally, posting illiegal content on Inadvertently Online is prohibited and doing so will result upto and including legal action agenst the perpetrator (regardless of the privacy scope of the post). It is our intention to create a privacy focused safe space for all members of our community. Keep in mind that while a human might not be reading direct messages, instances might be required by law to check for illiegal content such as CSAM using automated processes.

TL;DR

  • Posts on mastodon are access controlled.
  • Database administrators have permissions inorder to preform maitences and operations work.
  • Don't post anything senstive or illiegal.