@osma

Hey Osma There are lots of uses that I'm still exploring. I could see us using this like Foursquare, Yelp, geocaching, and even local cityguides and journalism.

Hopefully we can find the right balance of features that can cover many.

@osma

Regarding location privacy, this only requires *A* location, not *YOUR* location. So, you could always just type in an address you want to share.

I'm working to build in something for people to use the location services on their device to look up their exact location, but this would be something users would opt-in to for every post.

But to show up on a map, SOME kind of location will be required. Otherwise, you'd be better off posting from Mastodon, and not Atlas.

@osma And regarding Identity: This will be its own server with a separate identity/account from your daily Mastodon ID. Although you could always link the two with rel=me tags, I don't have an easy way for you to use this to post from a remote server.

But interestingly, @julian has been championing the use of the ActivityPub API for more sophisticated emote interactions. Perhaps in the future we'll have a way to do this.

@julian @osma

This. If you're posting on a mapping site, you need to include SOME location. Otherwise, you're better off just using Mastodon. Or... NodeBB

@mradcliffe @julian @osma

This is exactly right. And, it's the way Atlas currently works. You can just type in any address you want to share. You don't have to be there to do it.

I'll eventually add a widget where users can share the geolocation data from their device, but this would be opt-in for every post, and never required.

@osma @julian I've seen headlines like this in the past.

It's hard to account for every crazy thing people will do with the tools we make. But I'm planning to make it so you explicitly choose to look up your actual location with every post. I'll have to get into the actual code to see what's possible, but I believe this will be enough control that it should avoid accidents like these, yes?

Let's keep talking about location and privacy. It's important that we get this right.

@DePemig Thank you Gilles I'm adding this to my bookmarks.

@phil Yes, I think it could be. I know *about* geocaching, but am not really familiar with the details. Do you have any suggestions on where I should start researching?

Popularity requires convenience. Convenience invites mistakes. A system design could try to minimize the cost of those mistakes. One of those design decisions could be to detach location from identity - which is why I asked about your thoughts on that.
@benpate @julian

@benpate @osma @julian

Somewhat relevant, I believe mastodon's argument for not supporting age verification is that they don't collect location data and so there's no way for them to determine if their users are somewhere where age verification applies. I don't know how well that works on legal grounds, but probably worth thinking about if you're building social apps that require geolocation

@ben Ha! I'd have figured the exact opposite

Even as someone who'll never stop whining about how hard it is to get ActivityPub going, 3D graphic and Augmented Reality seems (to me) like another level of work altogether.

So, if you happen to know someone who could take a list of addresses and map it into a 3D space...

Let me know if you're interested in this? I could easily give you a JSON file of annotations tied to your current location.

@osma @julian

Yes. Great point. And UX and privacy are both top concernse of mine.

So, #Emissary's default registration options ask for very little information: name you want to use, public-facing username, and an email address where you can receive notifications.

This should be enough to provide anonymity for those who require it, while still allowing them to build trust and reputation with their community via this new identity.

Interesting point. Age verification laws around the world are going to make everything a lot more tricky.

Though Mastodon's argument doesn't make sense to me: IP addresses inherently map to location data, so we all receive *some* location, whether we're listening or now.

I don't have a good solution for this, right now.

It'll probably need to be baked into new user registrations, which admins would need to choose in some way.

Do you have a solution you'd recommend?

@tom @osma @julian

@benpate

cool. I am doing funded work for taxiteam and menschys and for redaktor (CMS) and Public Spaces Incubator (EBU and Public Broadcasters), fulltime, anyway

About places.pub - did post the code to federate OSM a long while ago https://gist.github.com/sebilasse/ca76c60955e5414cff2c253f1cd89af4
this snippet comes with a bunch of other modules.
An OSM to JSON-LD proxy like places.pub is super nice but what we need in taxiteam is a bit more.
Our database is a consolidated cache of OSM and wikidata knowledge but organized as hierarchical Collections, both political-administrative as well as by geohash.
So, if you are down to Country "DE"
https://gist.github.com/sebilasse/9b4c50bfabad43879c9c43c3adbe9ca1 it is a Collection of Federal States with its own id (2nd file).
With ActivityPub, we have the ability to define these hierarchies starting by Collection Q2 having the M49 regions as items with ['Collection', 'CollectionPage'] and that goes down to e.g. country/state/adm3/city/district/suburb/"hood" …

🧵 1/3

@benpate

The hoods have then all the street addresses, relations, boundaries like places.pub (with icons cached static etc. pp).
So, you know all the administrative parents from any address -
but what makes it really special is that any taxiteam instance could add info to any address (just as with your annotated places …).
As said, described it just very briefly in https://github.com/w3c/activitystreams/issues/582
It includes federated _reverse_ geocoding too but Lat/Long would not be cool for this, so we use geohash for the Service Actor.
https://en.wikipedia.org/wiki/Geohash https://geohash.softeng.co/

Let's see a practical example:
A new fair taxiteam forms in any city to "FCK UBER". They install an instance and choose a geohash they would like to geocode.
E.g. the square for Hamburg and some other cites.
These might overlap, it doesn't matter cause geohash is strictly hierarchical too.
We do also have a server for all Germany by default, anyway:
The instance once fetches the cache of needed infos up to street addresses.
🧵 2/3

@benpate

Then it once sends an Update to all attached taxiteam machines meaning „Hey there, we are new and geocode ["u1"]“ (or ["u1r","u1w","u1x"]) then the network knows.
Now any taxidriver can add infos, warnings etc. directly.

Next time when a user clicks on a map, we once decode Lat/Long to geohash, if your own instance doen't have it, it can ask the best suited option (e.g. serer proximity, load or trust).
As smaller the instance area is, as more detailed infos about em places ith might have
User now knows "You clicked on Fischmarkt Hamburg but unfortunately the area is currently flooded. Flashflood warning, go away" -
well, or maybe " … and your cab arrives in 1 minute" or "… cool exhibition nearby" or whatever.

Sorry if I got either too complicated or short
We have frequent team mmetings, next is Saturday but I am also looking forward to the dev meeting with @reiver re. https://digitalcourage.social/@reiver@mastodon.social/115317680720978044

🧵 3/3

@benpate
no idea, I imagine a lot of my answers involve fixing the laws themselves haha.

Bluesky offloads some of that responsibility to the PDS (i.e. I can tell my PDS that I'm an adult and it'll tell Bluesky that I'm verified) so (very) long-term I think I'd like that sort of service provided by the C2S server, so clients wouldn't have to think about it.

But yeah, I'd assume you'd have to implement it during the registration process and have admins use a method of their choice for verifying age (and optionally let them turn it off entirely if they can confidently say that nobody from XYZ location will ever be using the site)

@osma @julian

benpate@mastodon.social you may want a way to gain consent before allowing posting of a location + mentioned people. The other thing you may want to do is have moderation UI that allows searching for all notes for a specific location, and potentially banning the usage of certain locations in notes. i.e., if you see a doxing, then your mods can prevent that location from being tagged, and delete the note. If a person is tagged as at a certain location, they should need to accept the tag before that shows up in the Note.

You could also do things like limit posts being added within a certain region to a certain radius (based on geoip).

tom@tomkahe.com said in I'm excited to show off #Atlas - a social mapping server for the #Fediverse.:
> Somewhat relevant, I believe mastodon's argument for not supporting age verification is that they don't collect location data and so there's no way for them to determine if their users are somewhere where age verification applies. I don't know how well that works on legal grounds, but probably worth thinking about if you're building social apps that require geolocation

Yeah, this justification just doesn't pass scrutiny. Mastodon does collect the user's recently active IP addresses, and from that you can use geoip to resolve to a country/state. This could also all be handled by a FASP.

In other words, Mastodon could indeed implement age verification, the only remaining question is: what would that gate access to?

@thisismissem

Agreed, even if they didn't collect/save IP addresses, I don't think you could get around it just by telling a court you didn't want to collect that data. I imagine they'd just tell you that you need to collect it.

(looked up the source so I'm not just randomly attempting to quote things from memory https://techcrunch.com/2025/08/29/mastodon-says-it-doesnt-have-the-means-to-comply-with-age-verification-laws/)

The social nonprofit explains that Mastodon doesn’t track its users, which makes it difficult to enforce such legislation. Nor does it want to use IP address-based blocks, as those would unfairly impact people who were traveling, it says.