• boyi@lemmy.sdf.org
    link
    fedilink
    English
    arrow-up
    49
    arrow-down
    4
    ·
    4 months ago

    Lemmy is already a privacy nightmare, in some way. There was a comment showing the screengrab of those peiple who upvoted and downvoted a post. Basically, if you self-host an instance, you’ll have access to these. This can easily be weaponized by certain organizations that want to create profiling of lemmy users, e.g NSA and Intelligence agencies.

    • subignition@fedia.io
      link
      fedilink
      arrow-up
      23
      arrow-down
      2
      ·
      4 months ago

      Lemmy was never designed to be private in that way, nor was ActivityPub. You should expect the things you post publicly on the Internet to be public.

      • boyi@lemmy.sdf.org
        link
        fedilink
        English
        arrow-up
        5
        arrow-down
        1
        ·
        4 months ago

        I expect that for posts but not for votes. Inherently, we don’t want our votes to be public - that kind of defeat the purpose.

        • subignition@fedia.io
          link
          fedilink
          arrow-up
          4
          arrow-down
          2
          ·
          4 months ago

          I’d be curious to know where that expectation is coming from. On average I’d expect a majority of folks have that expectation carried over from Reddit. Another poster somewhere mentioned that there are several other social media platforms that don’t have private voting, and I wonder if the expectations would be different from people who came from those.

          Personally I think the transparency on votes here has been refreshing and am sad to see platforms pushing to make it private. But then, I grew up in a time before Facebook, when it was understood that you used a pseudonym, not your real identity, and needed to be careful about what you chose to share on the Internet. If you had concerns about being judged for a specific opinion or a hobby or whatever, you could just make a separate account for those topics. Kind of like how some folks only keep a Reddit account around these days for porn.

          • LarmyOfLone@lemm.ee
            link
            fedilink
            English
            arrow-up
            5
            arrow-down
            2
            ·
            4 months ago

            Public voting is much more of an political and self-conscious act. There is a reason voting in democracies is private.

            And there is also a difference if I have to deploy special measures to see who votes how, or if it is made very easy to see and use. Ultimately there should be some kind of crypto algorithm that hides how a user voted from activitypub.

            • subignition@fedia.io
              link
              fedilink
              arrow-up
              3
              arrow-down
              1
              ·
              4 months ago

              I have to disagree. It should not be a consequential or self-conscious act if you aren’t using your real identity. (If you are, the expectation that you should be very careful with how you participate remains unchanged. This isn’t LinkedIn and it shouldn’t be trying to be.)

              Commenters on the GitHub issue have put it better than I can:

              An average user absolutely benefits from being able to see who voted on a post or comment and what their vote was. A person noticing that someone is actively down voting their content in a deliberate way empowers the user to have it dealt with. Mods might not [cue in to] that kind of targeted harassment.

              Your vote isn’t private in either case regardless. At most you need to know someone’s birthday, first name, and last name to find someone’s voting record in America (might depend state by state). Someone willing to set up a Lemmy instance to see your votes is also capable of then setting up bots to specifically target you with down votes, which is the more egregious of the two actions.

              People who use the fediverse need to get used to the fact that things are not private here, that’s the point of interoperability, trying to convince them that they have fake privacy is just going to make them feel self entitled and violated when they learn that nothing here is really private, which shouldn’t really be expected as it is a public and decentralized forum.

              I don’t think users are done any favours by pretending they are private as bad actors can already do whatever odious crap they want to and it leads people into a false sense of security. For example someone liking controversial content on an account which can be traced to an identity they may need to keep separate is already taking a massive risk under a false assumption of privacy.

              • LarmyOfLone@lemm.ee
                link
                fedilink
                English
                arrow-up
                1
                arrow-down
                1
                ·
                4 months ago

                For example someone liking controversial content

                On reddit you basically have to sort by controversial today and lemmy isn’t far behind. There is a hive mind today where people jump on the hive mind and hate wagon. And public voting will increase that, the whole idea that we need to watch out for the dissident malicious actor stalking social media attests to that. That is something that needs to be tackled through a kind of automated or extremely efficient moderative response to detect bots and voting patterns of malicious actors. Of course the question is if anything can be done at all against this shift in zeitgeist.

                What is needed would be a way to anonymize voting through some kind of clever algorithm or blockchain or token or something. Or maybe that can’t work or then prevent any protection against bots.

    • RecluseRamble@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      3
      ·
      4 months ago

      If you’re afraid of triple letter agencies you probably shouldn’t engage in social media at all.

      The privacy concerns are about coercion from the user base. The bar to spin up a private instance to get to the voting data is far too high for 99% of the users.