Is Bluesky safe?

If you’ve been keeping up to date with the latest Twitter happenings, you might have heard about the latest alternative: Bluesky Social. 

The social media platform was founded in 2019 by CEO Jay Graber and credits Twitter co-founder Jack Dorsey as a co-founder and board member. 

The app has already amassed more than 50,000 users despite operating on an invite-only/waitlist basis at this moment in time. 

We’ve taken a closer look at Bluesky to get a better understanding of just how safe the social media platform and Twitter rival is for those looking to join.

Is Bluesky safe? 

Bluesky is built on the Authenticated Transport (AT) Protocol which is an open-source framework for building social apps. The AT Protocol creates a standard format that allows users to take their identity, follow list and data with them when they move social platforms. 

Bluesky compares the protocol to a passport, smartphone and property rights, allowing people to relocate cities without leaving their belongings – in this case, their data – behind and to remain contactable with friends and family. 

The AT Protocol is a new creation built by Bluesky, meaning it’s difficult to say how safe it is at this point. 

The social media platform itself is also still quite exclusive as you need an invite or a spot on the waitlist to sign up. This also makes it tough to determine the safety of the website (though the idea behind the waitlist is to limit the number of spammers and bad actors attempting to register, which is of course a good thing). 

Bluesky’s terms of service have recently been brought into question as highlighted in this report by Mashable. 

Namely, people are concerned about the fact Bluesky requires its users grant the platform and its licensees “a worldwide, perpetual, royalty-free, non-exclusive right and license to use, reproduce, publicly display, publicly perform, modify, sublicense, and distribute” content posted to Bluesky Web Services. 

BlueSky Terms of Service gives Jack a 'perpetual' & 'irrevocable' license to all your content (posts, name, likeness, pics)

BlueSky can delete your account for any reason, but may refuse to delete it if you ask

You can't screenshot BlueSky

All disputes = individual arbitration pic.twitter.com/mHxYkuA4EM

— Ashley M. Gjøvik (@ashleygjovik) April 27, 2023

CEO Jay Graber has since issued an explanation for the broad terms of service, stating that Bluesky had requested a standard social media terms of service from its lawyers ahead of the beta release and that the reason the platform requires rights to user-generated content is to do things like post screenshots of user content in app stores. 

“It was not my intent for the legalese to end up so confusing and unfriendly,” tweeted Graber. “We’ve already been working on a second pass over the past few weeks.”

When it comes to potential data breaches, Graber also addressed Twitter user @ashleygjovik’s concerns that “BlueSky’s Privacy Policy says that there’s no such thing as good InfoSec and if anything happens to your data because they don’t care, it’s 100% not their fault”. 

“We said ‘no system is 100% secure’, which is true,” responded Graber. “And we say we may try to reach you by multiple means, including by email, by the app, or even by mail if we could,” reassured the CEO.