I woke up today, to a public comment in a Lemmy community asking a series of tagged accounts why they had downvoted certain posts
I thought that reactions to posts and comments are anonymous and now I don’t really know what to feel about Lemmy any more.
In this case I had downvoted a poster because of its design, but was confronted publicly for being racist because the person assumed that I downvoted the message on the poster
EDIT: changed the title from “How” to “Why” because it broke rule nr 5 about it being a support question
Why is that concerning? The whole system was meant to be transparent
Not the OP, but i find it concerning because this enables creating a very detailed profile of a users interests, political alignment, medical issues, sexual orientation etc. Even if they never post anything! We should all know by now that there are bad actors actively using this kind of data in the worst ways imaginable. In the US this can already have life threatening consequences (ICE raids etc…)
This is not a good privacy oriented design and it exposes users in a dangerous way.
EDIT: About lemvotes.org. I like this site because it makes it obvious how dangerous this really is. For example I accidentally upvoted a really disgusting NSFW post misclicking on my phone. This will forever be visible to the world. I’m a documented pervert now. Good job.
just upvote and downvote a bunch of random things then your profile has been salted.
So don’t interact. What you read isn’t stored, but if you interact, it should be public.
I agree that it’s dumb you don’t have a “my votes” page where you can remove that. But you can go to said post and just remove your vote.
So in a niche community we are now promoting that people don’t interact with said community if they care about their privacy at all?
Not at all. I’m saying you should interact and stand behind your interactions.
For example, you downvoted my post, which is fine. You also replied, which is also fine. Why is it bad that one isn’t on your profile (but it is public) and the other is openly visible in a list on your profile?
Interactions are by default public, otherwise there’s no point to interacting. I’d go one further and say that having the voting information public but not visible by default is by far the worst option.
I constantly misvote by doing a gesture not exactly right on my phone. I wouldn’t judge anyone by their votes.
Which is why you shouldn’t put all your interests in one account.
Have one account for memes and shitposts, then another for bringing down the patriarchy and kinky stuff. OK, so maybe 3 accounts
Is this an alt to your handsolo kink account
No, this is the alt for my “Princess Lay-uh” kink account.
This is just ridiculous.
It’s only ridiculous because you’re used to pouring your entire life into Facebook or Google’s servers.
If you’re disturbed by it being public, I think you should be just as disturbed by it being in the hands of data farmers and merchants.
The fact of the matter is, nothing you do online is private—and on the spectrum of “how private is it,” social media platforms are traditionally designed to put you at the near zero end of it. So separate your concerns if you want any illusion of separation from your actual life.
You made assumptions about my social media use that are wrong. I don’t interract with them because I don’t like the way they are run and the data they gather will for sure be used against me. I interact with the fediverse because it doesn’t start from a point of abuse, but it can very clearly be abused and I would honestly prefer that this particular information would not be available in any way since it is the most frictionless but also the most potentially exposing way you interact with this platform.
At least when pouring my shit into Big Tech I can be reasonably sure that it disappears into the ocean of other data they have, and it’s exceptionally unlikely that someone with the access to do so would actually look into me specifically.
That any unhinged individual on the internet can pull out more information than strictly necessary about my online history is a completely different threat model. I understand that the federated model requires some level of data sharing to keep track of posts but I would kind of have expected that the instance that “owns” the post would be the only instance that needs this info.
On the other hand, I’m sure that absolute privacy like completely hidden post history to some extent will help bad faith actors with troll farms and bots so I don’t fucking know.
Piefed alliviates some of these issues.
To be fair OP isn’t the only one that finds it concerning. Kbin/Mbin had tons of complaints about its public voting until the Mbin devs decided to cave and hide downvotes. Piefed also tried to implement private voting before, but gave up because of their halfhearted approach not working out.
I personally like public votes. It’s great to see who upvoted me, especially if it’s someone I recognize. While I miss being able to see downvotes, because sometimes I do feel like asking for feedback from downvoters on where I could do better.
That said, there’s an issue of consent there imo. So I do understand the complaints. While a receiving instance is technically free to do with the federated vote what they want, the user never really consented to that. It’s like if an instance made private messages public. Theoretically it’s allowed to, but that doesn’t mean people would be happy about it.
To be 1000% clear, the voting agents on piefed worked just fine. They scrapped it because of forum politics. A few terminally online admins got real mad they couldn’t stalk user votes and threatened to defederate, even though they could easily just ban the voting agents if they wanted. They made up a completely absurd and roundabout premise that they needed to be able to preemptively ban people based on votes in case they might make a “harmful comment” in the future. The fact that this was the primary concern indicates that the functionality worked as intended.
Hopefully someone integrates the same functionality into an app. Honestly I’d take a swing at it if I had a bit more time.
I had expected reactions to be encrypted, as it’s not a build in feature of Lemmy itself. If it was, I feel like it should have been visible, just like the modlog. There must have been a reason why the Lemmy devs don’t show a list of who up votes or down votes
Assume that everything you say and do online is public, unless explicitly stated (and proven) otherwise. The advantage of Lemmy (and Reddit in principle) is that your account is anonymous, it is not linked to your person. So you have some freedom to be who you want to be without repurcussions in your daily life.
If it would be encrypted, it would open up for vote manipulation. There are plans that mods will see who upvotes in their communities. Create multiple accounts on different instances if you need more privacy, separate personalities for different topics.
Isn’t that manipulation too?
If someone has a problem with your alt they can ban it. If votes would be encrypted they would have to defederate the full instance where they come from.
Create separate accounts for privacy not for vote manipulation