1. 1
  1.  

  2. 3

    Interesting solution, though I think the problem here is that most of these social media giants provide API access via OAuth authorization schemes (insofar as I know, this is the only way most of these bots could possibly post on social media) allowing non-humans to post on behalf of the human. This largely isn’t for nefarious purposes either–think of all of the cross-app integrations that exist out there that post an update to your Facebook whenever you’ve met a personal running goal or something similar.

    So provided a human has generated personal access tokens or OAuth-authorized credentials, a non-human would be able to act on the behalf of the human and post any content it wanted to.

    1. 1

      Thinking about the use case of automated users (non-nefarious bots), one approach would be to label those accounts explicitly, like Slack does when you use a Slack bot.

      1. 2

        I haven’t been on Facebook in awhile, but if I remember correctly this is already implemented in Facebook.

        Near the time stamp there (used to be) a string that linked back to a website for an app-originated update.