sinnerdotbin

Everyone can see them if they use kbin and I think Mastodon which Lemmy interoperates with (ie. Kbin users often see and engage with posts on Lemmy and vice versa). Sign up to kbin if you want to see yourself.

All admins have access, and a rouge admin could very easily mine it.

I can see an argument for it, but does make you take pause on how you will use that feature doesn't it?

So, obviously an anti Lemmy bias there, and not entirely true, but there are some aspects of federation it can be dangerous to ignore.

There is a different primary privacy focus here, and it provides an extreme level of privacy but places an extreme level of responsibility on the user for their own privacy, more than most places.

There is a distinction to a potential scrape and a system designed to duplicate, often irreversibly at submit.

There are also other things people are often not aware of and the community is not doing a great job communicating. Admins are not doing a great job of protecting themselves either.

For instance many, still don't know votes here are entirely public.

If you understand this all and are comfortable, great. Many do not prepare themselves and would engage differently if they had a better understanding.

For a take by someone who is pro-federation but not ignoring these concerns see: https://lemmy.ca/post/948217

Apologies. It can resonate with some, but can definitely be confusing to others. If you want clarity on anything I am happy to try to answer it plainly.

Hey folks, guy in the cross post. Thanks for doing that @[email protected] , I feel it is an important discussion for people to be a part of across the Lemmiverse.

Seems there is some positive engagement on here, and maybe a couple that are a bit confused. I'm going to assume they aren't just curmudgeons because why would you waste time commenting if you weren't making an expression of interest in good faith, but maybe not ready to fully invest yet?

To expand on the TLDR; many new users are coming from monolith platforms (such as reddit; Meta; etc) into the brave new world of federated platforms (like Lemmy) without fully understanding the difference in privacy principles between these two models. Many, more experienced, users do not understand it fully themselves and they make potentially dangerous assertions, or at least ones that could mislead less experienced users into believing Lemmy behaves in a way that it doesn't.

It's all fine and good to say "Everything posted on the internet stays. Never post anything you don't want public", but in practice, and especially people coming from monolith platforms, they may make mistakes if they are not highly cognizant of some distinctions between the two models of public, social engagement.

If you are certain you'll never, ever have any risk of making such a mistake, the subtle distinction won't matter to you. If you aren't sure (it is very easy to trip up here) you are going to want to be educated on where some of the potential hazards are, and you will want to be very, very, very careful. Like you never have been before.

Even some of the most confident, let's call them, "perfectly private posters", often get a little shook when I inform them their votes are entirely public, when they had previously made an assumption they were not due to familiarity with a monolith platform where votes are private. It seems intuitive that they should be private here, but that is not the case. This is a very prevalent misunderstanding right now, and very eye opening to some.

I much prefer the model of federated because it really gives the user the full control of their privacy to engage to the level they are comfortable with. But it can be very dangerous if not managed appropriately.

I also feel the wider community is not doing a very good job of communicating this, which is validated by the chord it seems to have struck over on Beehaw. But I come with solutions: a haywire, but comprehensive essay on some of the things a user should be aware of. I have also started a project that provides templates for privacy policies so that admins can add accountability to their instances while also protecting themselves.

Anyway, a very complex subject many are still learning to navigate, and not something easily reduced to a tldr; As it is, this version is half the length of the original, and you would have been half way through it by now if you just went to the source.

If you have any questions, I'm here to answer them.

I feel you didn't read the original post. It isn't about expecting privacy, it isn't a criticism of the fundamentals of Lemmy as a minority seem to be taking it (there are many ways I explain how it is more private from being tracked and profiled).

It is designed for your actual traceable information to be kept safe by the gatekeepers, the admins. Users must be highly aware: everything else you do here is public in a way you may never have experienced before.

Don’t hand wave the concern about post/profile/vote/message privacy, explain how the privacy goal is different here and how one might mitigate the aspects they are not comfortable with.

If you want a more in depth write up on the elements you are talking about, take a look at the link that is provided to a policy primer in the original post.

It is about understanding how privacy is maintained on a federated platform.

Many users coming from other platforms do not understand the mechanisms here and how they are different.

Take a look for the comment here about vote privacy (the highest voted comment here) or dozens of the other posts where people are coming to this awareness. Many assumed was private due to coming from a platform where this was.

ceddit and others you have noted historically have broken for a variety of different reasons, and the others are are currently not functioning as the API they used was banned May 1st. Pushshift, which these services often used, had a mechanism to remove sensitive data you accidentally posted or otherwise wanted removed.

Archive.org is not searchable, not indexed in mainstream search engines. Also would be responsive to legal requests. It is hard to get a complete profile history on someone.

All of these external sources require a great deal of extra effort from someone to pry.

The concern to be aware of here isn't that it could be scraped, which yes it can. The concern is that it is duplicated by design, wide and broad, on a platform that somewhat functions as a single entity, the instant you hit submit.

People make mistakes. The Unabomber got caught by doxxing himself with a single phrasing of an idiom. Not complaining, simply saying "be very, very, very, very, very, very, very, very, very careful here"

And ultimately this comes down to different conceptions of privacy, sure, but one of these conceptions is suspiciously impossible to fix yet simultaneously deflective of the other, that other being directly beneficial to companies and any seeking to control mass populations.

Exactly. The privacy goal on federation is different. If people are educated, they can be safer.

You can't eat your cake and have it too.

I’d also argue stalking has more to do with the mental health issues of the stalker than the victim being to blame for how they interacted with the world. We don’t tell a student not to participate in lectures because someone may latch onto something they said and become infatuated. We punish stalkers instead.

If someone is aware and engaging to their comfort level, no matter how open, I would not blame them, the victim, for being stalked. If someone wanted to be cautious, but they didn't know the risks here, I would feel guilty for not educating them on how they can protect themselves.

Idk this is a ramble. I see so many things so often that used to be personal responsibility on online safety, that instead of teaching the skills we make tools. And i feel like not teaching good personal safety and protection is goong to doom any project ultimately.

You can’t fix ignorance without education.

Which is the entire point of my post, to encourage education in this space (which again, again, again, is different than what many are coming from with its own unique set of risks)

I kind of agree with you. There is an argument against showing it to maintain a certain atmosphere on the platform. However given it is freely available to view on kbin and I believe Mastodon (ie. it is entirely public), it surprises many users. Previous assumptions that it is private were maybe incorrectly confirmed by not seeing it here. Perhaps a warning of some sort before you are allowed to cast your first vote.

I appreciate that you are reflecting on how you want to manage your own privacy in this space!

People should be educated enough of the pros and cons as much as possible, although that might mean some would get intimidated and refuse to join.

Bingo. Which would you rather do, talk someone's pants off, or scare them off or otherwise have them caught with them down?

Also love your local domain.

I've had a similar idea. Want to have a race to market? (you'll have a head start, I'm heading into the domain of managing federation block lists next).

This is the beautiful part of an open platform, we can all steer it and contribute all sorts of wonderful solutions.

Unfortunately not that easy. There is discussion on solutions. There isn't any now. Platform currently isn't stable enough to respect mutually federated changes all the time.

Also I did put a disproportionate focus on this no take back component, but the scope is wider than that (see comment below about votes being public when almost everyone coming from a monolith assumes it is private)