• Mario_Dies.wav@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    212
    arrow-down
    4
    ·
    11 months ago

    As for funding, the servers are supported on a donation basis, with no big corporations behind them. This leads to a problem concerning user data and privacy, as there isn’t a single accountable entity behind the network.

    Bit of a weird take now, isn’t it?

    • Otter@lemmy.ca
      link
      fedilink
      English
      arrow-up
      94
      arrow-down
      1
      ·
      11 months ago

      I think both things are valid points, but it’s worded in a weird way

      A more explicit pro/con would have been better

      No big corporation that controls everything

      • Pro:
      • Con:
    • Blaze@discuss.tchncs.deOP
      link
      fedilink
      English
      arrow-up
      50
      arrow-down
      1
      ·
      11 months ago

      It’s kind of fair, to be honest, and the “no big corporation” seems more like a pro than a con

      • JustEnoughDucks@feddit.nl
        link
        fedilink
        English
        arrow-up
        35
        arrow-down
        2
        ·
        11 months ago

        Eh, it is a con when there are problems, service problems, bugs, etc…

        My instance have had a few of them and for a while our 1 admin was unavailable.

        It is difficult or impossible to get it resolve because there is no contact point, nobody hired to fix issues that need immediate triage, etc… which can result in longer outages or bugs on specific instances.

        I’m not complaining. This is a fantastic service that is being offered completely free from actual altruistic incentives, unlike corporations. There are a few downsides though.

        • Blaze@discuss.tchncs.deOP
          link
          fedilink
          English
          arrow-up
          13
          ·
          11 months ago

          Definitely, that’s why I always prefer instances with at least two admins, and a Matrix room for status updates

          • Turun@feddit.de
            link
            fedilink
            English
            arrow-up
            1
            ·
            11 months ago

            That’s great and all.

            But feddit.de just became usable again after more than two weeks of being basically unusable - because the 19.0 and 19.1 releases of Lemmy were buggy and there was no downgrade migration possible on the database. No big corporation would break their product for two weeks like this.

      • Mario_Dies.wav@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        15
        arrow-down
        1
        ·
        11 months ago

        Yeah, true. It seems like that is a pro that greatly overshadows the cons. Like someone else pointed out, it’s just worded weirdly in the article.

        • Kecessa@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          10
          arrow-down
          4
          ·
          11 months ago

          Kind of funny how the privacy crowd is big on Lemmy but it skips over the fact that all of its Lemmy data is hosted on the machines of people that have no accountability…

          • NovaPrime@lemmy.ml
            link
            fedilink
            English
            arrow-up
            7
            arrow-down
            1
            ·
            11 months ago

            You’re always free to spin up your own server and host it if you’re concerned about the way your data is being handled. Not something you can do with the corporate alternatives

            • Square Singer@feddit.de
              link
              fedilink
              English
              arrow-up
              6
              ·
              11 months ago

              But as soon as you interact with literally anyone (or anyone interacts with you) your data is still replicated on other servers.

              • TORFdot0@lemmy.world
                link
                fedilink
                English
                arrow-up
                7
                arrow-down
                1
                ·
                11 months ago

                Your posts are all public and discoverable by web crawlers even if your instance didn’t federate at all. That’s kind of the point of activityPUB

                  • TORFdot0@lemmy.world
                    link
                    fedilink
                    English
                    arrow-up
                    1
                    ·
                    11 months ago

                    ActivityPub does not have support for private messages. Services that try to shoehorn a direct message as “private” are misusing the protocol. You could configure client-side encryption but thats outside the scope of ActivityPub

              • Hubi@feddit.de
                link
                fedilink
                English
                arrow-up
                3
                arrow-down
                1
                ·
                edit-2
                11 months ago

                No personally identifiable information or private account information is transmitted between instances. The only thing that is synced is the content of your posts, reports and up- and downvotes. And all of that serves a purpose and is shared willingly.

            • Kecessa@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              4
              arrow-down
              1
              ·
              11 months ago

              And only post on your own instance and talk with users of your own instance… Might as well just send emails to your friends at that point…

          • Mario_Dies.wav@lemmy.dbzer0.com
            link
            fedilink
            English
            arrow-up
            5
            arrow-down
            2
            ·
            11 months ago

            I may be naive, but even though I don’t personally know my admin, this is a person who has a stellar reputation, and who I’d trust far more than some massive corporation that has to abide(1) by some anemic laws

            (1)if it finds it profitable to do so

    • Square Singer@feddit.de
      link
      fedilink
      English
      arrow-up
      49
      arrow-down
      1
      ·
      11 months ago

      It’s actually not wrong if you look at it in another way.

      • Big tech will abuse your data, but it will do within legal constraints, and there is actuall (though weak) accountability of these companies due to the legal system.
      • On federated services like Lemmy, instances are hosted by anonymous individuals. Most social media laws don’t apply to them, and their legal accountability is basically zero.
      • Lemmy, for example, does not comply with GDPR. There is no legal notice, no privacy contact person, no banner asking whether you are ok with the fact that your data is sent to unknown servers in random nations, no nothing. Private messages aren’t even encrypted, so any admin can read them without issues.
      • There is no way to actually delete your data, as the GDPR requires. Deleted posts are only marked as deleted and you can see their plain text content by just pressing the “reply” button in any of the apps. There isn’t any kind of guarantee, that your post will be deleted on other instances. If federation has problems, the post will remain on other instances and is now permanently undeletable by the user.
      • There are no moderation standards. Some instances will delete nazi content, some basically require nazi content. And some instance admin might even edit your posts to say something completely different. It’s all possible and in the hands of random people on the internet.
      • Hobbyist-run services are much worse when it comes to availability and reliability. If something happens while the admin is on holiday, nothing will get fixed. If the admin runs out of money, doesn’t care anymore or even dies, the instance with all it’s content and users is just gone.

      So there are very real risks attached to a hobbyist-run service with no legal accountability and no transparency at all.

      We all know the downsides of Big Tech though, so it’s everyone’s personal choice to figure out which disadvantages hurt them personally more.

      • guy@lemmy.world
        link
        fedilink
        English
        arrow-up
        17
        arrow-down
        1
        ·
        11 months ago

        That’s a bit misleading to say like that. Go to the website, scroll to the footer and click on “Legal”. Your instance, feddit.de, has a legal notice, with a privacy contact person, mentioning you can request data erasure, and detailing where your data goes. Mine, lemmy.world, has a number of in depth legal documents attached there.

        However, yes, other instances they are federated with might not take it as seriously though, and if all your data is going there too, then that’s a hole in your data privacy.

          • a Kendrick fan@lemmy.ml
            link
            fedilink
            English
            arrow-up
            3
            ·
            11 months ago

            I imagine that this calls for a feature that can erase your data on every other federated server. If the activitypub protocol can send data from one server to another, it should be able to delete it or find a way to disable viewing said data.

            • mob@sopuli.xyz
              link
              fedilink
              English
              arrow-up
              8
              ·
              11 months ago

              Giving servers the ability to delete each others shit would be interesting to watch when an online war breaks out

              • Square Singer@feddit.de
                link
                fedilink
                English
                arrow-up
                1
                ·
                11 months ago

                That already exists. The person who created a post or comment can delete it. But it only works sometimes, since federation is constantly not working correctly.

            • Hazzard@lemm.ee
              link
              fedilink
              English
              arrow-up
              1
              ·
              11 months ago

              Eh, that’s a mixed bag. Absolutely, one could setup shared delete requests, to federate a delete request, but it would be a bit of a lie as anyone could simply… update their instance to simply ignore delete requests.

              For now, simply not having a delete feature is a more honest to the realities of the fediverse. There’ll never be a “true” delete, even if they do eventually support one that’s “good enough”.

        • Square Singer@feddit.de
          link
          fedilink
          English
          arrow-up
          1
          ·
          11 months ago

          There are two issues with that:

          • The GDPR notice on feddit.de is not GDPR compliant, and the link isn’t even visible on mobile.
          • If you request deletion, they can’t guarantee that the data is deleted on federated servers. They can send deletion messages, but federation is constantly not working correctly, other instances can decide themselves whether they do delete stuff, and if an instance is unreachable for a while, the deletion message will be dropped.

          Lemmy, or even ActivityPub are designed to be non-GDPR compliant. (Probably not on purpose, but the way it works makes it basically impossible to be GDPR compliant.)

      • Plopp@lemmy.world
        link
        fedilink
        English
        arrow-up
        11
        ·
        11 months ago

        Very much this. Plus, how easy will instance admin Joe Schmoe fold under external pressure to give access to certain groups, government bodies etc? And how well have Joe Schmoe implemented good security practices on the server and related things? Etc.

        • Square Singer@feddit.de
          link
          fedilink
          English
          arrow-up
          1
          ·
          11 months ago

          That happens if you don’t have an actual legal team… I am sure they are doing their best, but if you don’t have a lawyer, you can’t do legal texts.

    • the post of tom joad@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      13
      arrow-down
      2
      ·
      edit-2
      11 months ago

      there isn’t a single accountable entity behind the network

      Yeah, Instead of a single entity i know will never be held accountable for selling my data and storing my information in an unencrypted txt file, there are unknown entities! Like the Simpsons (d’oh) quote says, “It could even be a boat!”

      The illogic reminds me a bit of Google’s new targeted ad privacy settings where your “privacy” is google’s pinky swear that they alone are profiting from you.

      When you see takes this weird do you wonder as i do whether it is intentionally worded to push some kind of narrative (though i don’t really know what that would even be in this case), or is it written by someone so deeply in the tech bubble world that they are wildly out of touch? I don’t know.

      Edit: Family Guy

    • Dandroid@dandroid.app
      link
      fedilink
      English
      arrow-up
      8
      arrow-down
      1
      ·
      edit-2
      11 months ago

      I think it is a valid point, though. How do GDPRs even work on Lemmy? Do you need to submit one to every instance that your instance is federated with? What about transitively federated instances? Sometimes when you delete something, the delete action doesn’t get federated. That’s kind of terrifying. If you post something personally identifying without realizing it, then try to delete it, you might not be able to.

      Imo, it’s something to keep on mind when posting on Lemmy, but not a reason to not use it.

      • Mario_Dies.wav@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        6
        arrow-down
        1
        ·
        11 months ago

        Someone recently reminded me of the privacy issues here on Lemmy. Not so much concerned about my admin, but the inability to delete content was a big concern for me when I was first deciding on a new platform after leaving reddit at the end of June 2023. Sometimes I forget.

        It is a good point, and I somewhat regret making that comment. It just was worded oddly in the article.

        I used to spend a lot more time on raddle, but my addiction to fresh content is real, and there’s just a lot more here than there. Perhaps I should “be the change” and all that noise.