FetLife is an online community for people interested in BDSM and other fetishes — think of a Facebook filled with kinky people who can post content and images of a sexual nature without worrying about censorship. For those who believe in having the freedom to express ourselves sexually and find like-minded people, FetLife has been an incredible tool.
Before FetLife and sites like it, we were on our own as far as finding people whose sexual desires were anything beyond conventional coupling. Some of us got lucky, managing to sniff out the kinky in the crowd with whom to share our pleasures; but for every great connection, there were many more instances of shocked silence and judgment. FetLife, for a great many of us, not only brought us a treasure trove of potential play partners, but enabled access to existing local communities, and helped solidify the ties within. We are grateful to FetLife, which is why we feel it’s impossible to remain silent about the site’s inability to protect its own or enable them to help themselves.
CONVICTION OR IT DIDN’T HAPPEN
I’m a caretaker with the FetLife team. Recently we had a report about your writing, and after review, your writing has been edited and we are writing to let you know. Basically, it’s really not cool to post something that accuses another member of FetLife of a crime. So, we’re giving you a heads up that this behavior is discouraged on our site.
Please know that continued posts like this will result in a warning, and continued warnings can get you removed from FetLife. We really hate to do that, so we hope you’ll avoid any inappropriate comments in the future.
If you’re having a problem or conflict with another user — we want to help! Please let us know what’s going on, so that we can get involved and help to resolve the issue. We’d much rather do that, than play the bad guy We hope you understand, and if you have any questions or comments please don’t hesitate to get back to us.
FetLife’s idea of helping currently involves telling victims of abuse and rape to go to the police. To quote site founder John Baku: “the only way to protect others from a sexual offender is by putting them behind bars. Not talking about them on FetLife, Facebook, writing a blog post on the interwebs… etc. It does not prevent this person from doing what they did again to someone else. Agreed… the legal system has failed many a person… but all this energy should be spent improving the system and not allowing other to name their abusers on a site that is not setup, nor has the resources, to give a fair trial to both parties. So let’s put our energy towards locking up the rapists and throwing away the keys! This way those who have raped can’t do it again and those who would ever consider rape would be so scared shitless of the consequences they would never even consider it.”
If you’re unfamiliar with how difficult it is to bring about a sexual assault or rape conviction — even before you inject the BDSM element into a case — this will seem logical to you. But as the veteran consent commentator Thomas MacAulay Millar writes:
The difference between the cases of rape that get brought and those that don’t are “bad facts,” which means facts that will make the jury judge the victim instead of the perpetrator. And in almost all BDSM abuse cases, there are going to be “bad facts.” The first bad fact is that none of them are going to fit the profile of the stranger rape, the only scenario where juries can apparently be counted on to convict. In BDSM cases, the victim will almost always have gone to a club or a party, or met up with the perpetrator, with the express intention of playing. The victim probably will have said something to that effect by email or PM or text, or said it around witnesses. The defense lawyer can always point to that and say, “see? The so-called victim consented!” You and I know that consent isn’t a lightswitch, consent to being tied up isn’t consent to be fucked and all that. We know that, but do juries know that? Your boss is on the jury pool. Your mail carrier, your mom, your high school principal, and the yenta in the bookkeeping department are on the jury pool: do juries know that? [ ... ]
All the things that make acquaintance rape cases unprosecutable in front of shitty mainstream juries — they knew each other, they had a prior relationship, there were messy personal dynamics, they intended to get together for sex, alcohol was involved — will make an appearance in a disproportionate number of BDSM rape and abuse cases. They’re all the kind of cases that don’t get prosecuted.
There are all kinds of theoretical questions about creating an obligation to report, and I’ll leave those all aside. Let’s just look at it practically. Is reporting a sexual assault in a BDSM context likely to work? No, absent serious injuries or hospitalization, or video evidence, it’s hard to conclude that it’s likely to work. It’s hard to conclude that it will work even for relatively privileged people within BDSM communities, let alone the sorts of folks who can’t count on the cops for other reasons. So if it’s not all that likely to actually produce a conviction, the notion that we should pressure victims into the criminal justice system is busted. It’s a derail, a way of throwing up a hurdle and washing hands of the allegation. Until it’s fixed (if it can be), it cannot be a mandatory part of any solution and we can’t count on it to save us from having to figure out how to deal with rape and abuse in BDSM communities ourselves.
Going to the authorities, in many cases, is not a solution that brings justice to the abused. Further, it disables the community from protecting itself against predators, and while many have argued that local groups are competent at passing such information along privately, this approach leaves those who are not well-connected or who are simply new in the scene at risk — all the while inadvertently creating a culture that protects predatory behavior instead of doing anything to address it.
Despite the coherent arguments that have been made to this effect, Baku stands his ground. In an interview with Tracy Clark-Flory for Salon, he elaborated on his concerns:
“Let’s say you and I — you do have a beautiful voice — I come to San Francisco and we go on a date. Hypothetically, I’m submissive, you’re dominant, and I ask you to tie me up,” he says. “You think we have a wonderful night, I think we have a wonderful night, and all of a sudden tomorrow I go online and say, ‘You raped me,’ and email your editors at Salon and say you raped me and go onto Twitter and say you raped me.” Falling for his role-play scenario and flattery, I offered that I’d want to talk to him to figure out whether I had unknowingly violated his consent.
Sure, that’s all good and great, he said, but what about the potential consequences? “The community’s very small, right? So you might lose all your friends,” he says. “You might lose your job.” Baku adds, “We live in a society where you’re innocent until proven guilty. ‘Proven’ is very important.”
Conviction or it didn’t happen is the new pix or it didn’t happen.
FetLife’s Community Guidelines are fairly clear about how they feel about anyone who speaks out about abuse or any other criminal behavior at the hands of another user: “We don’t accept aggressive personal attacks, criminal accusations, making fun of, trolling, flaming, bullying, racial slurs… pretty much any type of disrespectful behaviour that degrades the quality of discussions and people’s experience here on FetLife.” As far as the FetLife culture of silence is concerned, coming forward about someone violating your consent is “disrespectful.” Victims, as a result, are effectively locked out of the one space they have come to feel safest, and — as the comments on any discussions about abuse in the community show — their failure to remain silent is rewarded only in victim-blame, shaming and ostracization.
DON’T WORRY, YOU’RE SAFE
FetLife’s stance against accusations places a lot of emphasis on reputation, which seems in keeping with FetLife’s commitment to protecting their users. As they like to point out, search engines don’t index the discussions in which FetLife users participate on the site, because FetLife only displays those pages after it accepts a valid login and password combination. Group discussions are also not listed chronologically (the way that blog posts are), but rather by the date that the discussion received its last comment; thus, unless people have a link to a post, finding it again can be a challenge. FetLife takes great pride in the little walled garden they have created for kinksters to be themselves.
Unfortunately, security measures on FetLife are as helpful as the suggestion that victims of abuse should stay silent until they get a conviction for their abusers. People come to FetLife because they know other networks are not safe for their sexual self-expression. FetLife promises not only openness but safety — the second point on the list of reasons to join the kinky network (which one sees upon accessing FetLife.com without logging in) is: “We have a fetish for security. That’s why we’re the first social network to be 100% SSL. The same security banks use.”
Please be aware that no security measures are perfect or impenetrable. We cannot control the actions of other users with whom you share your information. We cannot ensure that information you share on FetLife will not become publicly available. We can’t be responsible for third party circumvention of any privacy settings or security measures on FetLife. You can reduce these risks by using common sense security practices such as choosing a strong password, using different passwords for different services, and using up to date antivirus software.
Aside from being completely inaccessible from a user’s home page on the site, the above statement is misleading because it seems to suggest that having a strong password, using different passwords for different services, and running a good antivirus program can help mitigate the risk of having one’s content exposed to the public. The truth is that it doesn’t matter how good your password is — anyone with an account can see your posts and comments on FetLife.
It’s important to point out here that it’s in FetLife’s interest to convince users that this space is safe. The site has for some time charged for access to user-generated content, including photos and videos, in their Kinky&Popular section, a Pinterest-like part of the site that pulls all the hot site-wide content into one place for users to browse. Anyone with an account can see Kinky&Popular, but to scroll back and access more content or view videos, users need to fork over five dollars per month for a minimum of six months. If users didn’t feel confident in FetLife’s walled garden model, they would not be so quick to put up any content. So to continue creating revenue, FetLife must do whatever it can to ensure user confidence.
The problem is that FetLife is not, in fact, safe. Since anyone who makes a free account can access the walled garden, any of the site’s 1,554,288 users can create mirrors of the site elsewhere on the Internet, making other users’ content accessible to people without FetLife accounts.
The most recent example of how login access doesn’t ensure safety happened on August 10, when a FetLife user decided to sit down and write a 50-line PHP proxy to illustrate the issues with this method of security. The user, known online as maymay, has been a long-time critic of FetLife’s security and its inconsistent approach to user safety. He was an ardent proponent of SSL on the site last year — which FetLife finally adopted.
The proxy accessed FetLife and made the profiles of public individuals in the BDSM community as well as the profiles of people who want to maintain the site’s code of silence, available to people outside the network.
Hoping to use the proxy to raise awareness about privacy issues with FetLife, maymay publicized what he was doing, leading to swift action by FetLife which was disingenuous at best. In a post titled “Today’s Attack on FetLife” on the FetLife Announcements board, John Baku wrote:
It was brought to our attention that a member of our community created a tool that allows someone to be able to access a page on FetLife without having to be logged in themselves.
Within an hour of being notified of this tool we blocked it. We’ve also sent DMCA takedown requests to this persons hosting provider, Google, and Twitter.
Creating and publishing such a tool is against everything the kinky community stands for and anyone who would do such a thing is a cancer to our community.
We will not stand for ill-intentioned attacks like this on the community.
FetLife did not block the proxy — they blocked connections originating from maymay’s site where the proxy was installed, meaning that connecting to FetLife from any other source would have enabled the proxy to resume its business. The statement suggests this cannot happen again, though the reality is that it can and it likely will. It’s questionable whether FetLife would be aware of such a thing if it was undertaken by someone who wasn’t actively live-tweeting the event.
“Nobody ‘hacked’ FetLife,” says Yonatan Zunger, chief architect of Google’s social network Google Plus, when we explain the situation. “No locks were picked; someone simply noticed that FetLife never locked the door in the first place.”
People who approach this conversation from the perspective that privacy on the internet is a myth and anyone who is too stupid to realize that putting a photo on a website may result in its dissemination is missing the point. FetLife actively works to create the illusion that the network is safe. Anyone who looks at the comments on Baku’s post about the “attack” will find more people who believe that they are safe to be their kinky selves now that FetLife has “blocked” the “tool” than people who seem to have an understanding of what maymay actually did. Neither Baku nor anyone else on the FetLife team has made any effort to correct them. It’s in FetLife’s commercial interest to make users feel safe and they do not appear to be in a hurry to educate them about the potential risks associated with posting photos and videos of themselves engaging in acts of sexual self-expression.
YOU CONTROL YOUR PROFILE
Curious about other possible privacy issues in the network, we jumped in to do some of our own digging and discovered something altogether more disturbing. In order to provide visual content, FetLife — like many social networks — uses the service of Amazon S3, which you can visualize as a big storage unit, where all videos and photos go. To enable images to load quickly, FetLife also uses the content delivery network Fastly, which holds an easy-access copy of photos.
Now, to have full control of your content (“Anything posted on your profile can be removed at any time… it is your profile after all,” promises FetLife), means that when you tell FetLife to delete an image, the image should first be removed from Amazon S3, then from Fastly, then finally from FetLife. Failing to do things in this order — like, say, the image is deleted from Fastly first, then Amazon S3 — would result in Fastly fetching the image again, effectively cancelling the deletion process. Deleting the FetLife copy first and then other two would disable a user from trying again if either of the subsequent deletions on Amazon S3 and Fastly failed.
(In the case of videos, which seem to live only on FetLife and Amazon S3, the order is the same, only without Fastly: delete the video from Amazon S3, then let FetLife know the video is gone.)
Unfortunately, it seems that the only place deletion is occurring is on FetLife itself. The consequence of this oversight, as far as we can tell, is that the image or video will remain on Amazon S3 for all time, and on Fastly until the cache expires, which is set by FetLife to be a little over eight years (see the HTTP headers serving the image for the cache persistence — Cache-Control:max-age=252460800, public. This refers to your browser cache as well as Fastly’s, as you can see on their API docs).
This means that any non-FetLife URLs people retain of images (which you can get by inspecting the element in-browser and grabbing the URL, or by right clicking on any thumbnail in FetLife and modifying the last chunk of the URL from _60.jpg to _720.jpg) will remain live for effectively eternity. This also means that if Fastly or Amazon S3 were compromised or subpoenaed, your supposedly deleted images would be right there for the taking.
In this regard, FetLife has grossly violated user privacy. The good news is that fixing this problem should be fairly straightforward (all it takes is a single API call to Amazon S3 and Fastly to delete an item). The more challenging part will be for FetLife to identify images and videos which are still sitting around in Amazon S3 and Fastly despite having been deleted FetLife, and remove those.
That the site doesn’t take measures to protect user content and has shown incompetence (or negligence) in regard to user privacy, all the while prohibiting victims from warning others about predatory behavior, creates an environment where it is nearly impossible for members of the BDSM community to take care of themselves and one another. By enabling FetLife to continue espousing a code of silence, allowing the spinning of self-created security issues as “attacks,” and not pointing out how disingenuous FetLife statements about safety are, we are allowing our community to become a breeding ground for exploitation.
FetLife, please address these issues and think of your users. You have done great things for this community, we don’t deny that. We want to stay and play! But we can’t do it safely until you address these issues.