The guarantee is that the AT protocol doesn’t work that way. They literally could not, technically. You own your data, the entire protocol is built around that basic fact.
It's like insisting blockchain transactions are immutable when Etherium issues updates all the time to reverse transactions that happened due to hacks.
This is a really, really bad read. The point is that the data is built on the foundations of an enduring protocol, right now, and that if BlueSky were to pull some shenanigans it would be trivial for a user to pick up and move. The protocol provides a built-in incentive not to pull shenanigans.
Honestly, so many of the comments here are, but what if?? The what-if scenario is built-in to the design and is in fact more resilient than other protocols like ActivityPub.
I think it's important to note that 1) The AT protocol is nowhere near complete, and as far as I can tell account portability is not actually implemented yet and 2) There are no third party sites that use AT! Even if account portability existed, there's nowhere to go.
But if account portability existed and worked, imagine this scenario: Larry Ellison wakes up one day and decides that Elon is having so much fun that he wants a social media site too. The minute the sale is announced, all the account portability APIs are disabled, and the website switches to a hard login wall. They start aggressively throttling and banning users that look like scrapers. They send a DMCA takedown to archive.org, who obliges and removes the wayback copies. They disable viewing followers and following so you can't even get your graph out. Now what?
The problem of trusting someone else to host your social media page is that you have to trust them. If your answer is "Jack wouldn't sell the company", then I can't help but note that he sure sold Twitter to Elon. If your other answer is "Larry Ellison would never do something unethical and customer-hostile" then uh...
That would have to happen soon, and if it did, you'd be right. The vision of a decentralized social web would die again, and one billionaire would make another even richer. Some moaning would be had on the Internet, but the world would continue to spin.
But, if the AT protocol even makes it another ~6 months without that happening, it will become impossible. You won't need to "trust" anyone to host anything, and if you want you'll be able to take your data and go somewhere else. That's the vision, and that's so far exactly what the folks at BlueSky have been building.
So no, the answer isn't "Larry and Jack wouldn't do those things" the answer is, "They'll have to act very quickly and in ways that are completely out of character for them, not to mention the staff at BlueSky would have to all sell their souls which is also completely out of character for them as well."
But yeah, if you're a cynic I guess everything is on the table.
they could change the protocol going forward if they wanted but all of the data currently posted on the protocol from the past would still be migratable to another PDS who supports the "old" fork of ATproto. I don't think they could change all the data you already posted with a future protocol change, that's not how it works.
The DAO fork is nothing like you describe, and was a singular incident in the first major smart contract.
BTC had a similar fork in its early days to work around a bug that actually minted illegitimate coins, yet maxis sweep that under the rug.
But you knew this, you knew what the DAO fork was. You know when it happened. You knew it was the first major smart contract. You know the context it happened in. You know the community overwhelmingly supported it. You also knew it hasn’t happened since, yet you still went out and lied.
