ATProto’s Structural Risks for Marginalized Communities

Bluesky’s pitch to marginalized communities is appealing: build your own PDS, control your own moderation, escape the failures of centralized platforms. But “build your own” is not the same as “build safely.” The architecture creates specific vulnerabilities that aren’t obvious from the marketing, and communities considering this investment deserve to understand what they’re actually signing up for.

This isn’t an argument against building on ATProto. It’s a structural risk assessment. Flourishing is possible - but flourishing without protection is vulnerability, and visibility without institutional backing has historically been dangerous for marginalized communities.

What ATProto Actually Gives You

Technical autonomy:

• Ability to run your own infrastructure

• Control over moderation policies

• Reduced dependence on a single corporate entity

• Flexibility in how your community operates

What this enables:

• Tighter moderation than mainstream platforms allow

• Community-specific cultural norms

• Escape from the algorithmic feed if you choose

• Proof that alternatives are technically possible

These are real benefits. The protocol does what it claims on the technical level.

The Business Model Problem

Before examining what ATProto doesn’t provide, it’s crucial to understand that Bluesky itself has no sustainable revenue model. As of October 2025:

• The platform generates no meaningful revenue beyond custom domain hosting

• It’s running entirely on venture capital: $13M from Twitter initially, $8M seed round, $15M Series A

• Daily active users are down 40% from their March 2025 peak

• Promised monetization features (subscriptions, creator payments) remain unimplemented

• CEO Jay Graber initially stated Bluesky wouldn’t “enshittify the network with ads” but is now openly considering advertising

This matters because communities are being asked to invest labor into infrastructure built on an economically unstable foundation. The “sovereignty” pitch assumes Bluesky will maintain the protocol indefinitely, but venture-backed companies without revenue models eventually face hard choices: pivot to extractive monetization, get acquired, or shut down.

If Bluesky collapses or pivots toward the monetization strategies it currently rejects, communities that built on ATProto inherit that instability. You’re not just taking on moderation and legal liability - you’re betting your infrastructure on a company that hasn’t figured out how to pay its bills.

What ATProto Doesn’t Give You

Institutional protection:

• No corporate legal team defending you when targeted

• No trust & safety infrastructure backing your decisions

• No financial resources for infrastructure under attack

• No institutional pressure on harassers’ hosting providers

Liability dispersal:

• You absorb all legal risk for your moderation decisions

• You’re responsible for compliance with state laws

• You handle takedown requests without legal counsel

• You face liability for user-generated content on your infrastructure

Unlike on a centralized platform like X, where a corporate legal team provides a (flawed and unreliable) buffer, a PDS operator absorbs all legal risk directly. And unlike some federated protocols where an instance can limit its visibility, ATProto’s design prioritizes global data availability through the firehose, making true isolation functionally impossible.

Resource asymmetry:

• You’re running volunteer labor against coordinated attacks

• Bad actors can spin up attacking infrastructure cheaply

• You’re visible in the firehose with limited defense tools

• Scaling moderation costs falls entirely on your community

The Historical Pattern

Self-sufficient marginalized communities have repeatedly been targeted precisely because of their visibility and success:

• Black Wall Street (Tulsa, 1921): Thriving Black economic community destroyed by white mob violence. The state did not intervene.

• Rosewood (1923): Prosperous Black town razed. Again, no protection.

• Online patterns: Marginalized communities that build visible alternatives attract coordinated harassment campaigns that platforms rarely adequately address.

The lesson isn’t “don’t build” - these communities mattered to the people who lived in them, and their flourishing had value even though it ended in violence. The lesson is: visibility without power to defend yourself is exposure, and exposure has historically been weaponized against marginalized communities.

The Likely Trajectory

If a marginalized community builds a successful PDS:

Phase 1 - Flourishing: The community grows. Moderation works. People feel safe. This is real and valuable.

Phase 2 - Visibility: Success attracts attention. The community becomes a cultural hub, producing content that spreads.

Phase 3 - Targeting: Bad actors organize. Mass reporting campaigns. Coordinated harassment. Doxxing. The firehose (the public real-time feed of all posts across the network, scrapable by anyone) makes every post visible and weaponizable.

Phase 4 - Escalation: Harassment jumps from platform to infrastructure. DDoS attacks. Hosting provider pressure. Legal harassment. Payment processor blocks. Real-world threats.

Phase 5 - Abandonment: When operators request help, the response is “you have sovereignty.” Bluesky core says “we don’t control your moderation, that’s the point.” All liability and labor remain with the marginalized community.

Phase 6 - Outcome uncertain: Maybe the community survives through extreme defensive measures. Maybe operators burn out. Maybe the infrastructure collapses. Maybe it becomes a cautionary tale that Bluesky points to as “proof that communities can experiment.”

This isn’t guaranteed. But it’s structurally enabled by how ATProto distributes responsibility while concentrating vulnerability.

Strategic Considerations If You Build Anyway

Understand what you’re betting on:

• That your community can handle coordinated attacks with volunteer labor

• That visibility won’t trigger escalation beyond what you can manage

• That Bluesky won’t change terms in ways that undermine your sovereignty

• That your hosting providers won’t fold under pressure

• That you can maintain this indefinitely without institutional support

Defensive strategies:

• Don’t make yourselves maximally visible

• Maintain redundancy and exit plans

• Build coalitions across instances for mutual aid

• Don’t pour all resources into infrastructure you don’t control

• Keep community organizing capacity independent of the platform

• Have legal consultation available before you need it

Honest questions to ask:

• What happens if we’re targeted by a sustained harassment campaign?

• Can we afford the infrastructure costs if we need to scale moderation?

• Do we have legal resources if we face takedown demands or lawsuits?

• What’s our exit strategy if this becomes untenable?

• Are we building with the assumption of support that won’t actually be there?

The Techno-Solutionist Fallacy

ATProto’s architecture embodies a common tech ideology: that social problems can be solved through clever protocol design. This treats governance, trust, and safety as technical challenges - design the right incentive structures, build the right filtering tools, and human coordination problems resolve themselves.

But moderation isn’t a software problem. It’s human coordination requiring resources, judgment, and institutional capacity. Protocol design can’t route around the need for contextual judgment about harm, the costs of infrastructure at scale, the labor of handling harassment, or the power dynamics that make some communities vulnerable while protecting others.

This is the core delusion: treating “humans as the problem domain” rather than the focus. When developers see social dynamics as bugs to engineer away, they build systems that look elegant on paper but collapse on contact with actual communities. ATProto’s “build your own” pitch assumes architecture can substitute for the expensive human work of maintaining safety. It can’t.

The Core Problem: Governance Without Economic Substrate

The deeper issue is that ATProto distributes governance responsibilities - moderation labor, legal liability, infrastructure costs - without providing the economic foundation that makes governance sustainable.

Effective community governance historically requires one of three models:

1. Bounded scale with mutualist funding - Small communities where members pay dues to compensate moderators and cover infrastructure costs

2. Cultural filtering that limits growth - High-trust enclaves with barriers to entry that keep communities small enough for cultural norms to do governance work

3. Ephemeral structures - Temporary communities that dissolve before moderation burdens ossify into permanent cop-work

All three models work by constraining scale as a feature, not a bug. They reject the growth imperative that makes extractive economics necessary.

ATProto tries to promise decentralized governance while maintaining growth assumptions. This creates an impossible contradiction:

• Growth economics demand expansion

• Expansion makes cultural governance impossible

• Distributed infrastructure requires resources no one is providing

• Communities inherit sovereignty’s costs without sovereignty’s capacity

The result: unpaid cop-work in a system that can’t admit what it’s demanding. Communities get responsibility without resources, governance duties without institutional support, and sovereignty that exists only on paper.

“Exit as empowerment” only works if exit comes with the power to defend what you’ve built. ATProto gives you tools to leave, but not tools to be safe once you’re gone. It treats sovereignty as a technical property when it’s actually a political and economic one.

The protocol enables marginalized communities to build their own infrastructure. It does not protect them from the forces that have historically destroyed such communities. And it provides no economic model to sustain the governance work that infrastructure requires. That’s not a flaw in the code - it’s a feature of building “neutral” systems in a non-neutral world while refusing to fund the institutions neutrality would require.

Conclusion

This isn’t an argument against building on ATProto. Flourishing has value even when precarious. Perhaps especially when it’s precarious. Community autonomy matters. The technical capability to run your own infrastructure is genuinely empowering in some contexts.

But “build your own” is not the same as “be safe.” If you choose to invest in ATProto infrastructure, do it with clear eyes about what you’re getting and what you’re not. The protocol won’t save you from the dynamics that have historically mattered most to marginalized communities.

Build, but don’t mistake autonomy for safety. And don’t expect protection from the center when visibility makes you a target.