![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
osteophageIf you care about privacy on the web, then you should care about how anti-privacy laws have been challenged by Dreamwidth. Its unique role in these legal battles hasn’t been getting any dedicated press coverage, and so it falls to people like us to spread the word: Dreamwidth is proactively going to court against anti-privacy laws and highlighting itself as a positive example in order to show how these laws are predicated on assumptions that don’t apply.
Crossposted to Pillowfort and my personal site.
A Brief Introduction to Dreamwidth
Dreamwidth is an ad-free, open-source, user-funded blogging platform launched in 2009 with a commitment to interoperability and user privacy. Every blog has RSS/Atom feeds, and you can also use your Dreamwidth account as a feed reader for external RSS feeds. Guest visitors can even use an OpenID account to leave comments, subscribe to blogs, and get added to access lists. Access lists allow users to lock down specific posts and grant access to only the people they choose, and the site has no real name policy, location tracking, or intrusive mobile app. As a company, Dreamwidth has never run ads, which means they have no reason to engage in extensive data collection, which is why Dreamwidth is a perfect counterpoint to many of the assumptions baked into bad internet laws.A Brief Introduction to Bad Internet Laws
The bad internet laws that Dreamwidth has been fighting against have imposed requirements for websites to engage in more intrusive data collection on the pretense of consumer protection and child safety. These laws include The California Age-Appropriate Design Code Act (CA), the Parental Notification by Social Media Operators Act (OH), the Walker Montgomery Protecting Children Online Act (MS), the Utah Social Media Regulation Act (UT), and the Protecting Kids on Social Media Act (TN). Laws like these demand that websites should take additional steps to verify the ages of their users, which means collecting legal identification, i.e. the kind of thing that got leaked in the Discord data breach. In other words, these laws are trying to force companies to take measures that would make it easier for hackers to dox you.
Further reading:
- Will California Eliminate Anonymous Web Browsing? (2022) By Eric Goldman
Counterproductively, age-authentication processes are generally privacy invasive. There are two primary ways to do it: (1) demand the consumer disclose lots of personal information, or (2) use facial recognition and collect highly sensitive face information (and more).
- Dear California Law Makers: How The Hell Can I Comply With Your New Age-Appropriate Design Code? (2022) by Mike Masnick
According to the law, I need to “estimate the age of child users with a reasonable level of certainty.” How? Am I really going to have to start age verifying every visitor to the site? It seems like I risk serious liability in not doing so. And then what? Now California has just created a fucking privacy nightmare for me. I don’t want to find out how old all of you are and then track that data. We try to collect as little data about all of you as possible, but under the law that puts me at risk.
- Ready or not, age verification is rolling out across the internet (2025) by Emma Roth
The outcome so far is an assortment of online services handling sensitive user information — a “privacy nightmare,” says Cody Venzke, senior policy counsel at the American Civil Liberties Union. “There is no standardization of how age verification is supposed to take place.” Some age verification platforms promise to erase your data after a certain period of time, like the seven days that Persona says it will keep the information used to verify your age on Reddit. But there’s no guarantee every service will do this, and there are still massive security risks given how common data breaches have become.
- Age Verification Is A Windfall for Big Tech—And A Death Sentence For Smaller Platforms (2025) by Molly Buckley
Proponents of age verification claim that these mandates will hold Big Tech companies accountable for their outsized influence, but really the opposite is true. As we can see from Mississippi, age verification mandates concentrate and consolidate power in the hands of the largest companies—the only entities with the resources to build costly compliance systems and absorb potentially massive fines.
How Dreamwidth Has Fought Back
Dreamwidth has played a unique role in the NetChoice lawsuits against bad internet laws precisely because Dreamwidth is a small company that already takes a hard stance on privacy. Its privacy practices, chronological feeds, and ad-free business model are unanticipated by lawmakers to such a degree that Dreamwidth can counter some of the rationale for bad internet laws just by describing itself. To be clear, those counterpoints aren’t the only applicable criticisms of these laws, just some of the ones that Dreamwidth is in a particular position to advance.
For example:
1) When lawmakers rationalize these laws by asserting that the affected sites are categorically “addictive,” Dreamwidth is in a good position to contradict them because Dreamwidth has none of the usual culprits. Infinite scroll, autoplay, deceptive interfaces, black box recommendation algorithms—none of these things are a part of Dreamwidth. If any given law had banned these specific features, then Dreamwidth wouldn’t even be affected, but that’s not what these laws actually do, and so Dreamwidth can point out that lawmakers are imposing their requirements even where the rationale doesn’t apply. In other words, the stated rationale for many of these laws as pro-privacy consumer safety laws is contradicted by Dreamwidth’s very existence.2) Additional provisions in some laws assume that web platforms can comply by using extensive tracking measures they’re expected to already have, which Dreamwidth does not. For instance, Tennessee wants web platforms to restrict “time spent” for certain users, which is predicated on tracking “time spent” in the first place. Dreamwidth genuinely has no way to do this.
3) These laws are evidently written with large corporate behemoths in mind, but they do not actually constrain their scope accordingly, an oversight that can be highlighted by pointing to Dreamwidth. So when the state of Ohio, for instance, threatens a $10,000 fine for allowing a 15-year-old to use a website without that website detecting their age, detecting their location, confirming their full legal identity, identifying their parents, and collecting parental permission, we all know that Facebook could absorb a fine like that without batting an eye, whereas Dreamwidth can point out that a $10,000 fine “would exceed our net profit for 2022 by day 19.” In other words, operating in Ohio at all under these conditions would pose an existential threat to Dreamwidth and not to Facebook, even though Facebook is leagues more predatory.
To cap things off, let me quote from one of the Dreamwidth site announcements:
As we mentioned in our year-end roundup, most of these laws proclaim to be “data privacy” or “child protection” laws, but if you actually look at them, they’re backdoor censorship and deanonymization bills that threaten the privacy, safety, and anonymity of everyone who exists online. Dreamwidth is excellent proof that these laws are pretextual. As a service that accepts no advertising, does no data brokering, and has incredibly strong privacy and security features, if these laws were actually what they say they were, they shouldn’t affect us at all: we would be able to comply with them without having to make a single change. Instead, the way these laws are written will require us to collect more information about our users than we want to collect, and require us to make it impossible for people to browse or register for the site without identifying themselves (often by forcing people to submit government-issued ID).
—In which we level up our fight for your digital civil rights
For reference, here is a (not necessarily comprehensive) list of lawsuits where Dreamwidth has gotten involved:
- Netchoice LLC v Bonta (5:22-cv-08861) N.D. California and its appeal, NetChoice, LLC v. Bonta (23-2969), 9th Circuit
- Netchoice LLC v Yost (2:24-cv-00047) S.D. Ohio
- Netchoice LLC v. Fitch (1:24-cv-00170) S.D. Mississippi and its appeal, NetChoice v. Fitch (24-60341), 5th Circuit
- NetChoice LLC v. Reyes (2:23-cv-00911) D. Utah
- NetChoice LLC v. Skrmetti (3:24-cv-01191) M.D. Tennessee
- NetChoice LLC v. Miyares (1:25-cv-02067) E.D. Virginia
Spread the Word
I’m writing up this information because Dreamwidth’s legal advocacy work has been largely underrecognized. I have not seen a scrap of mainstream news coverage out there that delves into the unique role that Dreamwidth has played in the NetChoice lawsuits, and in a tech news landscape that inspires so much resignation and despair, I think people deserve to know about how Dreamwidth is putting up a fight. Not only does Dreamwidth refuse to engage in intrusive tracking, it’s proactively participating in lawsuits against state governments that try to force its hand. For all that many lawmakers are trying to make the web worse, Dreamwidth is leveraging itself as proof that a better web is possible.
Note: guest comments are screened. This means that if you submit a comment without an account, it will not be published until manually approved.
no subject
Date: 2025-11-24 03:15 pm (UTC)no subject
Date: 2025-11-25 02:01 am (UTC)no subject
Date: 2025-11-25 02:36 am (UTC)appreciate you writing this up, more people need to know about it! i bet she'd like to read it too. :)
no subject
Date: 2025-11-25 03:23 am (UTC)On the subject of news, please let me know if any new developments cross your feed that should be added to this post! I don't have a Bluesky account and can only stand the place in limited doses.
In the meantime, please share this post with anyone who might not already know about Dreamwidth's role in these cases. I won't object to you sharing it with rahaeli too, if you're so inclined -- but if you do that, maybe throw in a link to the Good Web Graveyard as well while you're at it. Helps put DW's longevity in perspective, I think.
no subject
Date: 2025-11-26 12:46 am (UTC)Copy that with sharing the post around, will do!
Re: passing along digital rights news - so this is funny; technically it's anonymous but I started a site meant to be a resource site primarily for kink artists but with a very strong focus on digital rights in general (https://erocreativeresources.org/)
You might get a lot out its (simplified) rss/news feed that i've been updating with the "big hits" of what rah mentions and similar. I still need to fix the css this weekend, but you should be able to pick up on the html and it should be RSS-able)
https://erocreativeresources.org/news/tegalog.cgi (html news feed)
https://erocreativeresources.org/news/tegalog.cgi?mode=rss&; (rss)
if it doesn't fit your use case, totally cool, but thought i'd mention it!
i thiiink bluesky also has a rss option; and just checked that rahaeli has hers open to that alternate too.
no subject
Date: 2025-11-26 01:53 am (UTC)no subject
Date: 2025-11-26 03:19 am (UTC)no subject
Date: 2025-11-27 10:21 pm (UTC)Thank you for putting together this excellent post.
no subject
Date: 2025-11-28 05:23 am (UTC)no subject
Date: 2025-11-30 06:05 am (UTC)I shared your neocities post on Mastodon. People should know more about DW fighting the good fight.
no subject
Date: 2025-11-30 03:23 pm (UTC)no subject
Date: 2025-12-02 09:17 pm (UTC)Yuppers! 10-4! Eye-firmative!