So Mr Mullenweg's response to this isn't just absolved by a statement likely drafted in collaboration with a PR agency. It's easy to see when you're doing damage control.
Even though Mr Mullenweg's comments may not reflect the trans & LGBTQI+ folks that work at his companies, he still should be held accountable for his actions and the harm caused.
This incident was so bad it was even reported on by TechCrunch, a subsidiary of your former parent company Yahoo.
Your CEO should NOT be following users off site and disclosing potentially private information about users of the platform. That is a huge red flag and violation of user trust and privacy.
At the moment, according to your own statistics for press, you have 135 million monthly active users. The EU's DSA legislation defines any platform larger than 45 million monthly active users as a Very Large Online Platform. That means that the platform has specific procedures amd reporting it must follow. Whilst Tumblr hasn't yet been specifically named as a VLOP, you meet the threshold for classification.
Here are parts of the legislation that you're not currently complying with:
Notice & appeals process: at the moment, when tumblr deletes an account, you just delete it without warning, and often our friends end up messaging us like "are you okay? noticed your account disappeared?". Contacting tumblr to ask if the account has been deleted often results in silence. Even Mastodon has a better built-in notice and appeals process!
Transparency Reports on Moderation Decisions: Currently Tumblr doesn't appear to publish any aggregate information regarding moderation decisions, nor the type of content being moderated against. In my conversations and experiences, you spend way more time policing queerness and adult content, than you do dealing with detrans content being published to the trans hashtag, which leads your recommendations system (which also must be opt-out under law) to push detrans content into the feeds of trans users.
Repository of all ads served on the platform: to my knowledge you don't have this, and additionally your ads very often do not comply with your community guidelines. I regularly get ads for violent content on my blog, despite opting out of seeing violent content. If a user opts out of seeing violent content, that should apply to advertising as well. Community Guidelines that are not equally enforced for both people using the service and advertisers using the service aren't community guidelines, they're reasons to ban people from the service.
Something that may also be worth doing is updating the site's rules following GLAAD's guidelines on Targeted Deadnaming, Misgendering, and Promotion of Conversion Therapies. Additionally, IFTAS, the non-profit that does trust & safety advice for the Fediverse has a good write up on these policies (disclaimer: I'm an advisor to IFTAS).
On the note of Community Labels, these are currently, from my experience, mostly used as a way to placate Apple, and to ban queer blogs which often feature sexual content as we connect with our communities that are ever so fractured in offline society. That hopefully isn't the intent of this feature.
If you want to encourage users to adopt community labels, you need to facilitate a culture of trust around them. If you want blogs that post content not suitable for children, then you need to do it in a way that doesn't carry harm, stigma or marginalisation, unlike your predecessor's at Yahoo & Verizon.
I'd suggest the following changes:
Allow blogs to mark themselves as adult-only spaces.
Restore images to the notifications on current "nsfw blogs"
Restore tagging and search within these blogs such that users can make full use of the platforms features (e.g., default adult blogs out of recommendations & site-wide search to other non-adult blogs, but keep them searchable from the blog itself and findable by other adult blogs.
Restore the ability to tag our friends that are tagged as adult blogs (very often this is broken)
Add functionality that notifies users when a post of theirs is potentially missing a community label, this encourages building the community you want to see.
Expand content labels further to cover other harmful or traumatising content (e.g., gambling, addiction, anorexia/EDs, political content, etc)
Restore the ability for adult blogs to have avatars and header images, if these blogs aren't available to non-adult audiences, there should be no problem here. Obviously, you may want to prohibit explicit pornography from this media from being allowed (we had a similar policy on Switter.at)
Allow blogs to require follow requests & to block empty blogs or blogs with no title from following them — often these are throw-away accounts of children trying to access adult content.
Basically, make the platform features that help build the community you want to see. Build tools that help build trust after over a decade of trust being eroded by the previous owners. Help blogs and people stay safe whilst using your platform.
One part of content moderation is punitive actions, which are all too commonly the only part of content moderation that very large online platforms focus on, but the other part is setting and promoting community standards and giving users the tools to accurately label their content & control who can see their content.
When you moderation features are used to police adult blogs, this results in a disproportionately larger impact to the LGBTQ+ community, who are often much more comfortable discussing and sharing their sexuality and material related to it. For instance, two women kissing in gifs, who may be naked but aren't explicitly so, does that need a mature or sexual community label to it?
Finally, please remember: You cannot have freedom of expression without prohibiting some expression (see the paradox of tolerance)