yawnbox

In February 2023, I wrote a blog post titled, “Defending the (Mastodon) User” where I described a theoretical opportunity to create a legal entity with the aim of decentralizing power structures in order for every member of the community to be informed of legal action made against any member of the community or organization. It's primary goal therefore aims to accomplish radical transparency because — juxtaposed to traditional social media platforms — where there are tech executives, tech administrators, and users, where the latter do not have any privileges into the back-end operations or legal threats against said users.

This month, June 2026, having since moved to the Netherlands, having made wonderful new friends, having been granted gay.amsterdam from the dot-Amsterdam Registry and Amsterdam municipality, and working towards the formation of a Dutch Stichting ourselves for ethical community building, I've been able to discuss this topic with some nuance as a group who are equally interested in defending our LGBTQIA+ community. I recommend reading the original blog post (linked above), but in this article I will go into more detail about how this might look for Disobey Discotheque and directly affect gay.amsterdam and disobey.net.

The DSA's notion of “illegal content” is content that's illegal under EU law or the law of a relevant Member State. So, for example, a lawful-in-NL sex-work post can be the subject of an Article 9 order from an authority in a Member State where that content is illegal. Disobey Discotheque will likely receive orders to act against content that is perfectly legal in the Netherlands. gay.amsterdam is for the Dutch LGBTQIA+ community and operates under Dutch law. We aim to fight to protect content that is legal in the Netherlands to stay up for our community, and for the world to see and interact with our Dutch queer community via the ActivityPub protocol. We expect those legal demands, and our position is that we follow Dutch law, not another country's, which should not be confusing when it comes to the human rights of our LGBTQIA+ community. Our Trust and Safety system is intended to be built to handle these demands as a routine matter and to push back on them, not to quietly comply.

This is exactly why our Trust and Safety design must be both radical and responsive to an actual threat model. The communities most exposed on gay.amsterdam, queer sex workers (18+) and also minors (16+), are precisely the groups that have historically and are currently being targeted through legal process, and an order from a hostile foreign authority against a lawful Dutch post is the modern version of that. Community-member-visible handling is a protection against a community member being quietly given up to a jurisdiction that criminalizes their lawful work.

Another threat that is on the horizon is age surveillance, which is just plain surveillance with a dash of built-in censorship. How will European Union law or Dutch law change our current freedom where we are not required to collect age data and make censorship decisions based on that data? With all of this anti-human-rights discussions around censoring queer minors based on surveillance data, there many more unknowns than knowns, and it is critical that a fediverse community have autonomy and transparency to govern itself, because only our community will know best how to provide safety for our community. As discussed in our draft Server Rules for gay.amsterdam, the Mastodon instance intends to be invite-only, where existing community members may know and understand the Server Rules and invite people they know to be 16+, which is simply not possible with centralized social media platforms. The ways in which Big Tech work, and the laws that govern Big Tech, are predominantly, willfully negligent to decentralized and federated social media.

This is all still only a theoretical idea, and we would greatly appreciate feedback from all types of people.

the Dutch Stichting

A Dutch foundation is a type of non-profit legal entity. We intend to also apply for ANBI status, which would make donations to the foundation tax-deductible for donors. The aim is to establish an organization similar to Emerald Onion, a U.S. 501(c3) public charity.

There are three types of groups we intend to use, strategically to best support our communities.

1) Board of Directors 2) Advisory Board 3) Trust & Safety

Board of Directors

The Board ultimately retains all legal responsibility for the foundation. In order to decentralize power structures as much as possible, the Charter and/or Bylaws must establish that the Trust & Safety committee have priority autonomy to carry out the operations of the community. However, the Board will always operate as a fail-safe mechanism if no action or inappropriate action is taken that does not follow Dutch or European Union law. The Charter and/or Bylaws should be written so that the Trust and Safety Committee, operating within the law, would be as autonomous as possible.

Advisory Board

The Board of Directors would also establish an independent Advisory Board, which the members of the Board of Directors cannot be a part of. The Advisory Board would be invite-only and would independently advise on:

1) The initial creation of the Trust and Safety Committee, and

2) Monitor both the Board of Directors and the Trust and Safety Committee without having any direct responsibility, access, or authority of either.

Trust & Safety Committee

Disobey Discotheque, by way of the Board of Directors and the Advisory Board, would establish the Trust and Safety committee (the Committee) as a body of the foundation, with its democratic structure, rules, and authority defined in the Charter and/or Bylaws and published for anyone to read.

There are many questions with this approach. Should all Committee members be named as official Officers of the Stichting? Disobey Discotheque would very likely not have significant funding, so everyone would be volunteers.

The Committee:

1) Would manage full-stack IT administration; including but not limited to, technical transparency tooling (auditing, ticketing, logging, reporting, alerting, etc) that would keep track of command line and database instructions run. Also, just in time (JIT) privileged access management (PAM), where the PAM authorization requests of narrow service accounts would be granted by the Board. It's critical that the Committee have full-stack control because only then can they have full purview of low-level access. Root/ssh access is a trust and safety matter. It's also critical that there be zero trust access controls to avoid abuse by fellow Committee members.

2) Would manage community safety including content moderation, which includes the handling of legal processes associated with fediverse operations.

3) Would be open (opt-in) to any user from any fediverse community operated by Disobey Discotheque. There would be no limit to the size of the committee. Because membership is open and the transparency tooling is shared, committee members check each other's actions in real-time.

4) Would make its own operational decisions. Following a formal committee decision, the committee would request privileged access, which the Board would approve through JIT/PAM. The Board's approval of each request validates that the committee's decision complies with Dutch and European Union law before privileged access is granted, consistent with the Board's ultimate legal responsibility for the foundation.

5) Would autonomously validate and accept opt-in membership applications using a majority vote system. Verification and processing mechanisms must be defined by the Committee and published in the Trust and Safety policy. Voting must be time-limited, and non-votes must not count as a no-vote.

Effectively, any gay.amsterdam and disobey.net user would have full visibility into legal requests sent to the community, because such requests arrive at shared aliases (abuse@, admin@, legal@) that the entire committee can see. Further, to mitigate obvious privacy and security risks among the users themselves, zero-trust access controls and transparency mechanisms will support trustworthy self-governance.

Charter

The Charter will codify the legal structure described above.

Two primary goals of the Charter, concerning the Committee, are to 1) clarify responsibility, both to the Dutch KVK but also to the public, since the Charter is a public document via the KVK and hosted on disobey.net and gay.amsterdam; and 2) and give structural autonomy to the Committee, attempting to maximize decentralized power structures concerning any aspect of Trust and Safety.

I've moved the example Charter language to our Forgejo repository:

https://code.disobey.net/dd/GayAmsterdam-Policies/src/branch/main/Org-Charter.md

Trust and Safety policy

Per the above (now linked) example Charter, a Trust and Safety Policy must be created and maintained. I've moved the example Policy language to our Forgejo repository:

https://code.disobey.net/dd/GayAmsterdam-Policies/src/branch/main/Org-Trust-Safety-Policy.md