Edit: obligatory explanation (thanks mods for squaring me away)…

What you see via the UI isn’t “all that exists”. Unlike Reddit, where everything is a black box, there are a lot more eyeballs who can see “under the hood”. Any instance admin, proper or rogue, gets a ton of information that users won’t normally see. The attached example demonstrates that while users will only see upvote/downvote tallies, admins can see who actually performed those actions.

Edit: To clarify, not just YOUR instance admin gets this info. This is ANY instance admin across the Fediverse.

  • Mikina@programming.dev
    link
    fedilink
    English
    arrow-up
    28
    ·
    1 year ago

    If I understand it right, due to the federated nature where each server has to sync with other servers, any admin from any instance (that is not defederated) can read this data. Which may be a pretty big problem from Lemmy. One of the main selling points is that you’re on instances where you are not the product, but it looks like that all an advertising company that collects and sells user data for profit needs is to just quietly set up an innocent looking Lemmy instance for quarter of a cost, and just get call the data served to them from all other servers. For free.

    That’s actually way worse that just giving your data to one company that sells it later, because you at least know who has it.

    I don’t know what’s the extent of data that are shared between instances, but I think you can create a pretty good picture of someone from their upvotes

    • mac12m99@feddit.it
      link
      fedilink
      English
      arrow-up
      6
      ·
      1 year ago

      Are you sure that every server can see any other server upvotes? As I know, upvotes are only from your home instance, which means only your instance admin can see that

      • Mikina@programming.dev
        link
        fedilink
        English
        arrow-up
        5
        ·
        1 year ago

        I’m not sure, but I’ve seen it mentioned in other comments, for example here.

        The post at the screenshot appears to be this one, by @cantstopthesignal@sh.itjust.works to Lemmy Shitpost@lemmy.world, but this screenshot from the database is posted by @muddybulldog@mylemmy.win to You Should Know@lemmy.world, which appears to be admin on a different instance.

        • mac12m99@feddit.it
          link
          fedilink
          English
          arrow-up
          0
          ·
          1 year ago

          The votes might be the one from his instance (I’ve no time to check right now), as I’ve understanded, upvotes and down votes are instance specific, so, this means for the same post: Instance a show 10 upvotes Instance b show 5 (The post is in instance a) Which means a admin know who are the 10 people but can’t know who are the 5 from instance b, and instance b admin know who are his 5 people and not the 10 from instance a. (I might be wrong, if it’s the case please correct me)

    • PagingDoctorLove@lemmy.world
      link
      fedilink
      English
      arrow-up
      7
      ·
      1 year ago

      I’m not worried about upvotes or downvotes being seen by anyone, but I am very worried about other personal info being seen by any admins. I have a very real, very scary stalker, and if all they had to do was create an instance to see my private information…

      To be clear, I know that’s not what’s currently happening, but it feels like a bit of a slippery slope when pretty much anyone can become an admin and things aren’t super secure yet.

      I’m kind of regretting giving my email to sign up, now. I just don’t know enough about this stuff to know whether or not that’s a valid concern.

      • Dave@lemmy.nz
        link
        fedilink
        English
        arrow-up
        7
        ·
        1 year ago

        It’s almost certainly fine. Emails are not shared to other instances.

        However, when you go around the internet giving your email address to random sites, eventually you’re gonna hit the wrong site and at the very least end up with a bunch of spam or having your email sold to advertisers. It’s a good idea to use an email privacy service - basically when you sign up for things like newsletters or random sites you generate a new random email, then if anyone emails that email it gets forwarded to your actual email address. Some of the services even let you reply to the email and they make it look like you relied from the alias.

        We’re on different instances and links can be funny at the moment so I’ll copy a recent post I did:

        You don’t need to provide an email address to sign up at most of the big instances. I think lemmy.world is the exception. Even your instance lemmy.ca does not require an email address.

        If you really want to provide one, you could use a service that does email forwarding. Some examples are https://simplelogin.io (owned by Proton Mail), and Firefox Relay (Owned by Mozilla, makers of the Firefox browser). These both have free tiers. There is also https://duckduckgo.com/email/ from the people who make the privacy focused search engine DuckDuckGo. That one I believe gives you unlimited new randomised email addresses for free. Very low attachment size limit but great for something like Lemmy.

        You install an extension in your browser then you can generate emails whenever you need.

        Personally I pay for Firefox Relay, which has a small free tier (I think 5 emails) but the paid version is $10 for a year which I think is worth it.

        • PagingDoctorLove@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          ·
          1 year ago

          Thank you, that’s very reassuring! I was able to go in after the fact and delete my email from my account, though I’m not sure how much good that will do. I’m definitely going to look into those, the Firefox relay in particular sounds pretty user friendly. I don’t know when I lost my tech savvy, but it’s getting harder and harder to keep up with things these days.

          Speaking of which, does Lemmy remind anyone else of irc? The organized chaos has been giving me deja vu and I think I just realized why…

          • Dave@lemmy.nz
            link
            fedilink
            English
            arrow-up
            3
            ·
            1 year ago

            I’m pretty sure editing the email removes the record. In general, editing updates the database with the new value while deleting things marks a record in the database as deleted (e.g. so a mod can un-delete something that was accidentally deleted by a mod). Editing the email adress to remove it should just clear that field in the database. Of course your instance will have backups, but they won’t keep them forever.

            I don’t know when I lost my tech savvy, but it’s getting harder and harder to keep up with things these days.

            Things are moving faster and faster these days! I’m not sure that anyone keeps up with everything new.

            Speaking of which, does Lemmy remind anyone else of irc? The organized chaos has been giving me deja vu and I think I just realized why…

            You’re not the first person to make that connection!

    • Obi@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      9
      arrow-down
      1
      ·
      1 year ago

      Ok, so they create profiles based on what I upvote and downvote with my Lemmy account, and then … what? How would they use that information, they can’t advertise to me here, and they can’t match this account back to anything else, so what’s the end game?

      With that said I do hope the Lemmy Devs keep working on furthering the platform and all the privacy aspects of it (e.g. full delete, don’t leave the username).

      • dwindling7373@feddit.it
        link
        fedilink
        English
        arrow-up
        10
        ·
        1 year ago

        You being a real person has value for a company beyond the specific identity you have.

        Properly aggregated upvotes and downvotes are a paradise for testing and building models that then reach you not as a single entity but on the bulk. Think election campaigns that, say, take advantage of a newfound correlation between people that like cokes and the NBA and being sensitive to the rhetoric of a self-defense war.

        I’m pretty sure that’s the whole Cambridge Analytica - Trump thing anyway.