YSK: Your Lemmy activities (e.g. downvotes) are far from private

Muddybulldog@mylemmy.win to You Should Know@lemmy.world – 2772 points –
i.imgur.com

Edit: obligatory explanation (thanks mods for squaring me away)...

What you see via the UI isn't "all that exists". Unlike Reddit, where everything is a black box, there are a lot more eyeballs who can see "under the hood". Any instance admin, proper or rogue, gets a ton of information that users won't normally see. The attached example demonstrates that while users will only see upvote/downvote tallies, admins can see who actually performed those actions.

Edit: To clarify, not just YOUR instance admin gets this info. This is ANY instance admin across the Fediverse.

1099

You are viewing a single comment

For as much as I love Lemmy, its obvious that it is an early software. Mark my words, that’s not the last privacy threat it will experience.

While I think Lemmy is great, I honestly have a somewhat bad feeling about how some of it could play out in the future. As far as privacy and data-slurping, I mean.

What privacy threat? How is your privacy suddenly exposed by your like or dislike on the post as opposed to this comment?

Essentially you're giving away a lot more info about yourself than you might realise. If someone who takes an unfriendly interest in you wants to, they can probably find out a lot more info about your habits, likes, dislikes, interests, political views, waking hours, etc than just what you've publicly commented!

You don’t even have to comment to get profiled by upvotes. I’ve never commented or even subbed to a local community, but in the past I had occasionally upvoted.

If it was just the home instance’s admins having access to it that would be normal. Having it be completely public empowers doxxers of both the malicious and marketing types.