Lemmy devs are considering making all votes public - have your say

Rimu@piefed.social to Fediverse@lemmy.world – 805 points –
github.com

Probably better to post in the github issue rather than replying here.

https://github.com/LemmyNet/lemmy/issues/4967

860

Hard no from me

I don't want some nutjob with too much time stalking me because I upvoted something about climate change or downvoted some bigoted shit. We all know those fuckos are out there

Voting on Reddit-like platforms is soft moderation by a community, and if you disincentive that, the whole model kinda falls apart IMO

Your votes are already public. It’s a matter of (a) do we want to make it slightly easier for the people who aren’t technically inclined to see them too (b) do we want people acting with the awareness that they’re public.

(a) doesn’t have a clear answer to me. The answer to (b), though, is clearly yes.

Your votes are already public.

People say this all the time, but it's not really the case.

I don't think privacy is a binary thing that one either has or does not - there are degrees of privacy. Currently what we have is mostly private, requiring either technical skill or admin access to circumvent. This is a pretty high bar which 99% of people would not be able to reach. You're proposing removing the bar entirely because it is not high enough.

requiring either technical skill or admin access to circumvent.

What if some troll sets up a website that indexes/publishes this data? What technical skill would be required then?

The data is public and ignorance is not bliss. People need to be made aware of this. If this will lead to people being more careful about what they post online or how they interact with a public social media service, then all the better.

They'd get defederated.

  1. You don't need to be federated to read people's activities...
  2. Even if there was some type of "authorized fetch" involved, one could bypass it easily by writing a bot on LW to get the data. Then what?

Ok, yeah, theoretically.

But we're talking about putting voting info into the UI for anyone to see. Not highly motivated and skilled bad actors.

And the "we should not make it available for the public at large because it will lead to abuse" is also theoretical.

Anyway, I'm already on record saying that I don't like the voting system and that we should get rid of it altogether. Voting on content used to be about collective curation, not a constant popularity contest.

I'm also on record saying that we need to stop relying on systems that only give us the illusion of privacy and depend on the software developers for culture shaping.

If making the vote public gets people to be exposed to these fundamental issues of the current design, and leads us to search for better solutions, then I'm all for it.

It's not theoretical to se how people consistently behave when there's less friction for toxic behavior. You should look into it if you're not already aware of the very predictable negative outcomes that stem from removing those frictions.

3 more...
12 more...
13 more...

It's not quite that simple. As far as I'm aware, it's difficult to fetch from another instance "after the fact" what all the votes are for a particular user or comment; you have to be signed up to receive updates on it, and then after the fact you can go hunting around in your own instance's DB and see what all the votes were (or your UI can do it, if it's supported).

But, yes, there are instance softwares that will do it, and no one's defederating from every one of those instances (nor I think should they). Someone posted a link to an mbin instance breaking down the votes for this post. Votes are not private.

I ran curl "https://mbin.grits.dev/u/mozz/outbox?page=1" -H 'accept: application/activity+json' and I could see your outbox. Apparently mbin does not put Like/Dislike activities in there, only your comments/posts/notes.

In a world where ActivityPub is only used in server-to-server, this would be fine. If we ever get to a (IMNSHO, better) scenario where we have more clients talking AP directly, then this will not work, and mbin will have to add those as well.

All of this to say:

  • the debate about "what Lemmy devs are doing" vs "what mbin is doing" vs "what PieFed is doing" should be seen as tremendous conflict with the idea that "The good thing about the Fediverse is that we can all talk with each other, regardless of where we are".
  • There is no sane way to square this peg into a round hole. Privacy and "Social Media" are inherently incompatible. The advice about not putting anything online that you are not willing to ever be made public is evergreen, and anyone that does not follow it will eventually have to learn it the hard way.
4 more...
4 more...
17 more...
18 more...

How is the data public? I’m asking in the most technical sense?

This informs an issue I’ve had lately with a group of three people or bots following along my comment chain (All my comments, for a while, were dropping consistently to -2 score in all contexts).

It’s my understanding that votes are not public. Am I wrong?

Every comment/post/vote made in a community is sent as an activity to the community's subscribers.

All votes are public, they're literally broadcast to the Fediverse writ large. You vote on something on your server, your server then tells the server owning the thing you voted on and that server then tells anyone who is interested (subscribers on other servers). That way everyone knows that this comment was voted on, but that information is indelibly tied to you - an entity on the Fediverse.

Lemmy devs just chose not to a) show that information in a UI (plenty of other software out there does) and b) not inform people that was the case. Which leads to the whole point of the thread, hiding this from users merely gives a false sense of security.

24 more...

You're proposing removing the bar entirely because it is not high enough.

Incorrect. I said that I see no obvious answer as to whether to remove the bar -- that's the (a) part. What I'm proposing to do is definitely to educate people about the existence of the bar and the fact that they shouldn't be voting on porn, or contentious political topics from an account with their real name, or etc etc like that.

More than 1% of the currently active Lemmy users are actively running a server (it's 1.4%, 649 active instances out of 45k MAU), so I think the number is definitely less than 99% of people who wouldn't know how to do it in the first place (or find an mbin or Friendica server or etc).

The broader point about it being fairly difficult / fairly rare to have the knowledge, I can agree with, but I wasn't saying necessarily that we should make it easier for the 98.6% of people to do; just that everyone should be aware that it's possible so they can make their voting decisions with that knowledge in mind.

You say that, but you simply have to be using something that isn't Lemmy and that information is there (doubly so if you're an admin on any of these systems)

People say this all the time, but it's not really the case.

Except that it is, people with the skills already bridged that gap for everyone.

https://kbin.earth/m/fediverse@lemmy.world/t/267356/Lemmy-devs-are-considering-making-all-votes-public-have-your/favourites

Hmmm I see a bunch of my friends have not upvoted my post. I will contact them to ask why not and ensure that they do.

2 more...
2 more...

I agree with the general point that privacy isn't a binary thing, but I don't think the bar is nearly so high, as it simply takes opening the post in the right kbin(/mbin?) instance. This requires neither technical skill nor admin privileges.

36 more...

(b) will just lead to fewer up and down votes, i.e. less engagement. That in turn could lead to slowly bleeding out.

44 more...

I agree with you. I remember arguing about this a year ago when people first discovered votes were public on Kbin. I don't want to obsess over who up- or downvoted me and I don't want anyone else doing that either. Discussions are healthier when voting is anonymous (or at least obscured as is currently the case).

If bots become such an overwhelming problem that all regular users need access to voting records to better report all the bots I'll maybe revisit my stance. But right now the gains seem dubious.

68 more...

No, votes should not be displayed public.

Blocking those who downvote creates further polarisation, echo chambers and an environment more hostile to discussion and honest exchange.

Following those who upvote creates personality cults and nepotism and devalues the content.

environment more hostile to discussion and honest exchange.

"Voting" and "discussion" are separate things. The old forums did not have voting but still had polarization, personal attacks, hellthreads, etc.

The problem is that Reddit/Facebook turned "voting" from a tool meant to measure "quality" (e.g, this post is relevant to the community, this comment does not add to the discussion) into a tool to measure "popularity" (I agree with this, so I vote up. I don't like this, so I downvote).

Either get rid of voting altogether, or let's bring back a culture where "votes" are meant to signal quality.

Redditors did that, rather than reddit I'd argue. Still the same result of becoming a far less useful heuristic though.

Not really sure how to "fix" a system like that, which depends on the masses to do something correctly. They... don't.

10 more...
12 more...
16 more...

I think people misunderstand. I too would prefer privacy, but theres a big BUT.

Due to how the federation works, anyone who is tech savvy enough can already see votes. One way is to run an instance.

This change doesn't lower privacy, it aligns expectations with reality. A false sense of privacy, which people obviously show here in the comments, is way more dangerous.

I accept if a dozen people can see my votes.

That's not what you're saying.

Ultimately I'm not invested in this decision. If the instance wants to watch people vote then people stop voting truly or at all.

Except, if you're using anything other than Lemmy at this point that information is already about. The Likes/Dislikes are considered public information by the protocol. Lemmy devs probably just didn't get around to building out the UI for that before the Reddit APIcolypse.

If anything, Lemmy devs should work on methods to obscure user identities, not expose them.

One of the biggest issues with the fediverse is very specifically how much user information can be exposed outside your home instance. As has been pointed out in this thread, it is very easy for rogue instance admins to set up quiet data mining instances.

It seems like it should be relatively straightforward for certain activities, like votes and telemetry, to be anonymized/tokenized for the purposes of federation, since that information all propagates outward from the home instance anyway.

5 more...
5 more...

I read about that. In my opinion is that what should change, if possible. There are good reasons why votes a secret in democracies.

That would be great. I'm not sure how to solve the problems that arises though. If i can send an anonymous vote to an instance, what stops me from sending 100?
Maybe there's some smart cryptographical solution here that alludes me, but it seems hard, if possible.

7 more...

Then again, private votes would be private for mods and admins too. So no more moderating vote brigading or downvote abuse or anything like that.

5 more...

There are good reasons why votes a secret in democracies.

Because voters only receive a voting ballot after they identify themselves as a real citizen with a real passport?

1 more...
14 more...
20 more...

I think it's a bad idea. It's just going to start harassment and witch hunts when someone gets a downvote they don't like. Stalking is going to be a thing, people are going to aggregate all the votes you've done to make assumptions about you to then bully you. Once public, sources outside Lemmy will start gathering and cross referencing data about you.

In the US, when you vote, the vote is private to protect the person. Making votes public will only empower those that would abuse it. It very well could end Lemmy due to massive bulling, harassment, and the decline of activity.

i already have had multiple weirdos harass me on lemmy for not being leftist enough. i've blocked dozens now, and really kills the experience to have some crazy people go around and brigading your comments because you disagree with their political viewpoint slightly.

way too many people take the internet comments/points WAY too seriously...

I agree. I already tend to get tossed into a category because I don't agree with a majority of the user base. If people can get categorized more by how they vote, and lemmy users are already pretty savvy, I can see a scenario where people get tagged.

Exactly. We need counter views. One of the problems with any type of social media has been echo chambers and the lack of healthy debate/conversation. People have forgotten how to have a civil debate/conversation with someone else. And people tend to act like, if you don't 100% agree with me, than not only can we not be friends, but you're actively an enemy. That shouldn't be the case. We do not need everyone to agree on everything, it should be acceptable to have a different opinion.

With everything public, we're going to have no healthy conversation since people will use previous votes (up or down) against someone. One of the issues is, an up/down vote by itself doesn't give much insight into anything. It's not like the vote itself is quantified. We already see people try this with digging into post history to make assumptions of someone and bring it up as "evidence".

9 more...
9 more...
22 more...

Boy oh boy, it sure is a mystery why democracies have people vote privately

The only thing worse than public voting is public voting that's falsely advertised as private.

You only get to vote privately because the system can still verify that each person only gets to vote once.

There is no such mechanism on the internet. Anyone can make multiple accounts and vote multiple times.

2 more...
9 more...

The last thing I need is people knowing I upvoted a nsfw post, so nope thanks.

Most clients make having multiple accounts super easy.

Not that I'd know anything about that 🫣

But they know already, if they are on mbin or run their own instance.

8 more...

I rather not. If it does happen, I’ll just rss Lemmy and stop using my account. I like Lemmy the way it is because there’s not much focus on votes and more on actual discussion.

Every single one of your upvotes on lemmy is already public due to how the protocol works, it's just currently obscured by a bit of work to get them (have to run your own instance, assuming there already isn't some online tool to easily look them up)

Making them publicly and easily visible would only remove the illusion of privacy we currently have, not actually make your upvote logs less secured in any way

For me, personally, it’s more about the focus of votes vs actual discussion. I’m worried it would turn the tides and make people much more focused on the votes than actual discussion. It might make it echo chamber-ish.

I recently disabled showing votes on my side (through Voyager app). Even if I get downvoted a hundred times over, if I just get a respectful discussion with links to (trustable) sources. I’m all alright with that.

Have you SEEN the drama that happens in this place? I feel like this is just asking for weird nobodies to harass anyone who quietly disagrees with them.

If this passes then I'm outta here.

Please be aware that votes are effectively already public, just not shown in the Lemmy UI.

I was unaware of that. I thought it was only accessible to instance admins, and I think that's how it should be.

In Lemmy, only admins and mods can see votes. But most other ActivityPub implementations show votes freely and there's nothing in the protocol that makes votes private. Votes are inherently public - they are only hidden behind a curtain that is very easy to get around in Lemmy.

I mean, this starts to get moot if no one is aware doesn't it. You might dismiss the design as merely artificial obscurity, but if no one is pulling up the data, then the obscurity is working. The "curtain" you cite isn't trivial for the vast majority of users, which is what this is all about. Starting an instance and extracting the desirable data is a pretty tall hurdle where just the effort alone is prohibitive and enough to give someone a chance to calm down.

You don't need to start a whole instance to find votes, you just need a user on any of the services that show votes publicly.

Also, if someone is getting angry about downvotes in a bad way, moderators should just step in. People should learn that votes is just part of the system and accept them.

2 more...
2 more...
4 more...
4 more...
4 more...

Why would this encourage harrassment? It would just expose harrassment.

There are bots that exist solely to downvote specific users and instances. If you and JacobRimJob downvote each other every time you see each other and eventually argue about it until it devolves into passionate lovemaking, tbats not what harrassment is.

It would also expose upvote bots promoting propoganda.

It would encourage harassment the same way comment history does: someone goes looking for it, sees it, and attacks the person over it.

5 more...
5 more...
14 more...

I was really confused seeing this post, because I always assumed that Lemmy votes were public. Because how else are instances going to sync them? And indeed, the API exposes them completely, this change will just make it easier.

Then I was really confused when I saw so many comments being against it. A lot of "I'll leave if votes become public" in here. That's a lot of people who somehow assumed Lemmy was private. Aren't we all supposed to be Linux nerds in here?

Aren't we all supposed to be Linux nerds in here?

No! :) The most Linux I use is a Steam Deck.

I feel votes should be visible to admins but otherwise anonymized and private, or else I fear vote-harassment could become a forever-problem on Lemmy. As a woman who has been harassed on Twitter and Reddit in the past, I strongly urge the Lemmy community to embrace privacy on this issue. If there's any way to make votes more private between users, we should do it.

If we don't and users get harassed, they might leave. Lemmy needs more women. And you all are great but Lemmy also needs people who aren't Linux nerds! Lemmy needs diversity.

If there’s any way to make votes more private between users, we should do it.

I very much agree with your diversity sentiment, but this part is just not possible right now. The underlying protocol (ActivityPub) just has no mechanism for private votes.

2 more...
5 more...

Aren't we all supposed to be Linux nerds in here?

After the meltdown that occurred when Reddit ultra monetize their API Lemmy acquired a lot more casual users. Especially when makers of Reddit apps switched over to making Lemmy apps instead.

4 more...
11 more...

Not everyone has a github account and can comment or vote there.

But, agree. Don't think any good will come from making votes public. Any pro/con should be measured against who it benefits. If it's mods or devs, there are always alternatives

If it's end-users, consider the edge-cases and the repercussions of malicious actors having access to those individual preferences.

1 more...

I'm seeing lots of comments here saying that server admins can already see vote data, and therefore it is not private.

But from my point of view, having a handful of people able to extract voting data using their position of trust on the lemmy network is very different from broadcasting voting data to everyone on lemmy. And although you can argue that it is possible to create a new server and federate and blah-blah-blah to view votes; that argument sounds to me like "don't bother locking your front door, because that type of lock can be defeated by a lock-picking tools."

And even aside from all that discussion about who can access what; there is another key point that I think is overlooked: Making voter information public makes it 'normal' thing to monitor and discuss. Currently there is an expectation that people won't look at or discuss that information (even if they hypothetically could get access). But by making it public, the expectation then is that everyone will look at that information. That would create a change in tone and meaning of votes and discussion around votes.

using their position of trust on the lemmy network

Being a lemmy admin is not a "position of trust" - anyone can fire up a single-person instance for themselves and be a lemmy admin. You can also just view a post on mbin to see votes.

Not only admins can see the votes, but anyone on Fediverse (except regular Lemmy users) can see them.

Security through obscurity is prone to failure when it is used by itself. If people want their votes to actually be private then another method of securing their privacy should be created.

We aren't talking about security though. We're talking about what information should be presented on lemmy.

Let me put it this way: have you personally ever tried to see who upvoted or downvoted a particular lemmy post? And if you did, did you talk about what you saw?

My point is that currently basically no one sees the data. The expectation is that no one is looking. And it is not socially acceptable to discuss who is voting for what. But if the votes were changed to public then everyone would see it, the expectation would be that it is common knowledge, and so obviously it will be discussed. Is that what we want on lemmy?

Your first comment expands on both privacy and security. There is no privacy without some type of security.

Now to answer your questions: Yes and yes. Users from c/all were downvoting posts from a small community I'm a part of because they don't agree with. I couldn't see the posts from small communities that are important to me because of that. Now we have the possibility to sort by "scaled", which fixes that. Sometimes there are discussions that are very relevant as to who is voting for what. But that discussion has nothing to do with privacy, which was your first point and went unacknowledged on your second comment.

1 more...
2 more...
2 more...

I would hate to have to deal with "why did you downvote me?" comments, but I'm also not sure I would have the self control to abstain from leaving such a comment myself.

I think that making vote identities easily accesible to every user runs the risk of increasing harassment and decreasing discussion quality.

downvotes your comment leaves

I disagree with the decrease in discussion quality. Votes inherently create echo chambers. We have low effort conversations where we all downvote someone whose opinion is different and it makes them feel whatever kind of way, and they act accordingly. Whether it be leave, lash out, or discuss. If it wasn't built in and someone wouldn't already know I would say it is a bad idea, but since it will exist, making it so people learn to be civil is probably best.

I don't want votes to be public, but they already are, so.

Someone can easily host a website to leak this information and people should know, instead of believing they are private

2 more...

This would probably escalate a lot of arguments that break out in comment sections.

I fear this, too, but I'm not sure what that'd look like. Would people tag someone who downvoted them and act like they're entitled to an explanation? That would probably(?) earn a block from me.

Edit: never mind, that's exactly the kind of thing that happens, it seems.

1 more...
4 more...

I’ve already seen admins go through the federated votes on their instance to call out anyone who disagrees with them.

I don’t have a strong opinion either way but I don’t think it will be healthy for discourse to unlock that power for everyone

1 more...

Lemmy is already a privacy nightmare, in some way. There was a comment showing the screengrab of those peiple who upvoted and downvoted a post. Basically, if you self-host an instance, you'll have access to these. This can easily be weaponized by certain organizations that want to create profiling of lemmy users, e.g NSA and Intelligence agencies.

Lemmy was never designed to be private in that way, nor was ActivityPub. You should expect the things you post publicly on the Internet to be public.

5 more...
7 more...

What a horrible fucking idea. You are want this place to be an even bigger echo chamber than it already is? Yes, let's allow the majority of one opinion brigade people's histories to further ostracized them!

Admins, for smart people, can be fucking idiots.

This is why they need to make this change, right now theres a false sense of privacy. If I really wanted to see your votes right now, all I need to do is to set up my own instance.

11 more...

The protocol fundamentally exposes them. Absent protocol changes, if someone hasn't already, sooner or later they'll just make a website to look them up.

2 more...

Votes already are public to all server admins (I can see exactly what you voted for in communities my instance knows about).

16 more...

Absolutely not.

This will like lots of other people say start witch hunts and people will absolutely develop bots and websites which scrape all that information and classify all users based on that. Like those Reddit sites where you can search for a user and see where they are active and all that. But this will be worse.

This data is already public. You can just create a kbin account and see who's voting. Anyone wanting to scrape it already can, the only difference proposed is the Lemmy client showing it.

4 more...
4 more...

Seems fine? Voting was, at best, only slightly anonymous anyway because other platforms that get the AP action will happily tell you exactly who did what when even if the Lemmy UI doesn't.

And, honestly, if you don't want your fake and nearly anonymous internet name associated with doing something, eh, maybe that's a sign you shouldn't do it?

10 more...

Probably for the best if downvotes remain less easy to access, at the very least. There's a myth that people who are suicidal will "find a way even if you take away some of the easier methods", which is explicitly false. If you take away the easy option, you are directly reducing the harm that easy option might have caused. https://gizmodo.com/why-have-people-stopped-committing-suicide-with-gas-5959303

If the admins take away the quick and easy option for seeing who downvoted your passionate comment, the mods are directly reducing the number of people who go on rants about downvotes and targeted vitriol.

It has nothing to do with privacy; this is a public forum that by it's very nature, requires that all activity be easily available to all the sites you federate with. There is not privacy in that.

This is about the type of community that forms around the software. Do we want to encourage, and make easily available, the list of people who disagree with you? Or do we want to to put minor barriers around that to help keep the number of people who do that low?

2 more...

Hard no. I'll move on like I did a year ago from Reddit, and I was on that site for 14 years.

Just from a political/nation-state viewpoint, it would needlessly expose information to make it easier for countries and political parties to keep some kind of "social score" and decide when to do something to you. China already does this kind of stuff.

We need to make it easier for everyone/anyone to do this? Think about all of the super-divisive issues at hand. People can already get a sense of your views from your responses, and that should be it.

State/nation actors can easily track this information without an UI setting. Just set up any software that uses activitypub and subscribe to any AP group (i.e, Lemmy community) that you want to get up votes/downvotes (Like/Dislike activities).

6 more...

Votes are already public, lemmy just doesn't let you see them in the interface.

9 more...

I say no. Privacy.

Comments say they're already basically public. I don't know anything about that, but it's probably better to merely have a camera in your toilet than have a camera in your toilet that livestreams 24/7.

But I don't have an especially informed sense of how to run a platform so maybe there's a bunch of crap I'm not thinking about.

4 more...

No, as it would create a lot of excuses for targeted harrassment and just increase toxicity

9 more...

What will this accomplish other than facilitate brigading?

It is information provided to the instance runners, mods, and other fedeverse platforms such as mastodon. It inherently tracks such to know if a user has previously liked/up voted an entry.

So you may have a conversation on here, and some users will know who is downvoting, some will only know who's upcoming, and some will know none

2 more...

Aren't they already practically public, given the federation?

Yup. Host your own instance and you could even write a browser plugin to make them visible to every user.

It should actually be made more private.

How? The ActivityPub protocol has no support for private votes. Also, private votes would be private for mods and admins as well, which would make downvote brigading and vote manipulation very hard to detect and moderate.

Hmmm ... is it not really possible at all? Just riffing here ... the identity of a voter isn't necessary, just a means to ensure the uniqueness of a voter so there's no duplication etc. So ... could a hash of the voter's ID be distributed with the vote to prevent duplication?

Hmmm … is it not really possible at all?

In ActivityPub, no, not at the moment.

How would you verify that such a hash is coming from a real user? What if an instance sends 1000 fake hashes as votes? Also you could still correlate hashes and figure out who is behind the hash by looking at voting patterns of that hash.

5 more...
5 more...
5 more...
5 more...

VOTES ARE ALREADY PUBLIC.

If you are using Lemmy because you want privacy, you've already missed the boat, everything is wide assed open for datamining and advertising fingerprinting.

I'd hoped for an open system with open APIs and open implementations that allow everyone equal access to the system and bring equal accountability.

If people just want Reddit style fiefdoms with no real public accountability possible, then make a blackjack and hookers fork.

I'm really not interested in a system that bakes in more authoritarian secrecy and control, which could very well be an unexpected outcome of backlash to how this has been presented.

1 more...

Many people in this thread seem to not realize that votes are essentially public already - this is only about whether the Lemmy UI should make it a bit easier to see the votes. They can already be seen quite easily if you know how.

However, there is an easy solution to this problem. This is clearly a controversial decision, so don't make a choice for everyone. Make it an option. Any admin can decide for themselves whether their instance should allow users to see votes.

That also means that users can decide to go to instances where the votes are hidden or public.

This approach leaves the choice to the individual, rather than forcing the choice on everyone.

It's confusing enough understanding how federation works for the less technically inclined. I don't think we should also expect them to figure out which instance is privacy-conscious. Privacy of votes should be baked into Lemmy. Even kbin users shouldn't be able to see it.

If users want to advertise their approval/disapproval of posts they can use public comments in tandem with private votes.

Privacy of votes should be baked into Lemmy. Even kbin users shouldn’t be able to see it.

This is impossible. The underlying protocol, ActivityPub does not have the concept of private votes. It is not up to Lemmy to decide. You'd need to revise the protocol for this and good luck with that.

ActivityPub can't evolve? Is there some insurmountable technical blocker?

I suspected this would be an issue and have avoided voting on controversial posts. But if everyone did as I do, there would be no open discussions about pressing topics.

It is possible that ActivityPub could add this feature. But it's not certain you'd even want that. Private votes would mean private for admins and mods too, so no more analyzing votes to look for down vote bots or manipulation or down vote brigading and all that stuff. Votes could lose all meaning. Admins and mods are unlikely to say goodbye to those moderation tools.

Even if it could be added, it's probably years away.

Fair points. I'm warming up to the idea of making votes public so that people don't have a false sense of privacy. I wish votes were actually private, but maybe it's not a big deal if your account can't be easily traced back to you in real life.

3 more...

Evolving ActivityPub is not easy, any additions to the protocol take a lot of time and discussions between the various implementers.

3 more...
6 more...
6 more...
6 more...

On multiple occasions a moderator has reached out to me and informed me an account existed purely to go through my comments and downvote me. I assume this is a common occurance and we could combat it better if we could see the votes.

I worry though that public votes will enable unstable people to stalk people. Vote the wrong way? Why, I'll just create some bot accounts to constantly downvote you, and I'll harass you with replies to every comment you make, reminding everyone that you vote against the grain and shouldn't be trusted!

3 more...
5 more...

likes and votes should be anonymous and user names should only be displayed for comments.

Votes are public in the underlying protocol - mbin users and lemmy admins can see votes. They are not anonymous. This is only about whether votes should be displayed in Lemmy.

5 more...
5 more...

This would be a catastrophic mistake. Please don't.

Please be aware that votes are effectively public already, just not shown in the Lemmy UI.

I'm well aware that they can be viewed from other platforms and by admins. But I don't agree that this makes them effectively public.

By that logic, everything is effectively public. Why should I be reluctant to share my age, weight, income, DNA? All of that information can be publicly available for someone who takes the time to sample a piece of my hair, check my birth certificate, etc. It's not illegal or impossible for someone to obtain that information.

But there's a whole world of difference between something being theoretically accessible via workarounds, and being displayed prominently for all to see. As a result of human nature, I think that allowing people to easily check votes on any post would cause a great deal of conflict.

Also, there are currently plans underway to build more privacy into the fediverse.

6 more...
6 more...
6 more...

Idk if I trust that some powermod won't send me to hell if I vote against something they strongly believe in, akwardtheturtle style

Mods of communities can already see votes in communities they moderate. Admins of instances can already see votes on all content.

3 more...
7 more...

Yes, and there's no genuine argument otherwise.

If you want Lemmy to grow and not be completely overrun with bots posting propaganda and signal boosting extremism, showing votes is the only way forward. It's the only mechanism by which independent parties can discover and expose things like "every post and comment by this account is upvoted by these 20 other accounts that have never posted and whose names follow the same formula".

The privacy you're mourning never existed in the first place and it can't exist on any platform. For Lemmy, it's required for federation. On sites like Reddit, you have privacy from other users, but not from the company or anyone they sell that data to.

Since true privacy isn't an option, it would be far better to be open about that lack of privacy. This thread is already riddled with people who thought their votes were private, rather than just inconvient to look up. That's far more dangerous and deceptive.

This needs to happen, regardless of the ill-informed tantrums it may cause. If you want to upvote pornography without it being used against you, create accounts that are strictly for pornography and properly compartmentalize your accounts.

8 more...

Considering making votes public, not considering making mod actions inform the user they occur.

I can see where their priorities are.

Making votes something mods can see is one thing but public is whole other can of worms.

Edit: Spleling

Asymmetrical visibly of votes is more problematic than letting everyone see them

I understand that this information is already basically public but there is a thin barrier to the average nitwit user accessing such information and going in a rampage screwing with people who have downvoted them. I'll say this, if they make it more public I think I will just simply stop voting. I will continue to use Lemmy but only as a passive user.

I don't even run with votes enabled(I can vote but can't see scores) on my clients, but like yeah this will definitely make me second guess any type of interaction with voting for both directions because I don't want to become a target for harassment. It defeats the purpose in my opinion of having the system in the first place if someone can't truthfully vote the way they want.

2 more...
2 more...

Nah. Votes are already visible to people using other applications than Lemmy, so let people use those if they want to see how people voted. It's fine as-is.

2 more...

What's the benefit?

Like, what's the actual user experience gain from seeing someone else's votes? Is it just so the average joe can profile users, like for identifying bots or whatever? That's not rhetorical, I'm genuinely curious, as I don't see what I'd gain from this as a Lemmy user.

Bit as I see it, I really have no desire to do this. Maybe if I was a a pseudo mod on a spammy community I guess? But comments are already a decent indicator.

Yeah, I'll be honest, never have I took a look at somebody's likes on Twitter or Mastodon.

2 more...
2 more...

Should be a server setting, just like how some servers can choose to show combined votes or separate up/down votes.

1 more...

If I can't vote privately then I don't vote.

They should put the rest of the nails in this coffin. Go full clique.

If I can’t vote privately then I don’t vote.

Then you should not vote on the fediverse at all, since votes have been public since the beginning. The Lemmy UI just doesn't let you see the votes.

Your votes already aren't private, they're simply not easily accessible (by the average user). I won't get into the technical details but the short version is that every instance owner who is federated with your instance already knows how you've voted. Someone could make a website right now that collects votes and shows how someone has voted or who upvoted/downvoted a post or comment. It's already public information.

1 more...
10 more...

Gathered some thoughts here

Potential positives:

  • Any admin can already review voting activity, but some people don't realize that. This change would make it less surprising
  • it would make it easier for non-admin users to study voting activity and find abuse
  • it would make it consistent with other platforms that we federate with, which can already see votes

Potential downsides:

  • People will report voting activity that they don't like, even if it's not malicious.

    • Admins will need to set up rules on what activity they will act on (and also take action against people that spam bad reports).
    • It would also help to have automated tools to review voting activity since it's hard to do that manually.
  • It's another option for abuse, similar to bringing up past comment history

Both could be dealt with but it would make moderation somewhat harder

Likely bad:

  • Mods and admins can ban people for upvoting content in communities they aren't in charge of. This might work on a small scale, but I'd caution against it because it often misses nuance:
    • it's very easy to accidentally vote on something while scrolling (unless there is a consistent pattern)
    • even if the community is seen as "bad", the post might be good (ex. it could be calling out the community)

Bad

  • it lowers the barrier for other types of abuse, such as tracking vote activity for advertising, approximating when a user is asleep, etc

This is an interesting conundrum.
On one hand it would help locate foreign agent bots/bad faith actors faster and recognize vote manipulation by bot farms.
On the other it will lead to even more account-stalking problems, user drama, and would further enable vote dogpiling if you see certain known users voted a certain way.

I'm inclined to say no. They are already "public" if one wants to put in the effort to admin a standalone instance or run alts on multiple services they can see if they care- I personally don't really care

This is one of the downfalls of a distributed system. You basically need public votes. Without it, instances lack critical information about the validity of votes. You don’t have a centralized system with back door access to monitor and maintain things.

15 more...

I think they should be public. They’re already accessible for mbin posts and anyone administrating a lemmy instance. It should be clear to all users that their votes are already not private.

Someone could make a lemmy instance just to get voting behavior and make a website with cool graphs and stuff today and the only thing that could stop them is defederation. If Lemmy gets popular, this is just an inevitability.

Imagine if a large instance decided to do that today. Imagine if lemmy.world released lemmy.world/votes. Would people defederate just for that? Remember: Mbin already displays scores and I don’t think anyone has defederated over it.

Might as well put it on the interface so everyone understands it isn’t private. Rip off the bandaid.

Exactly. If private votes were intended, Lemmy servers would have had voting privacy setting where the vote is federated as @privacy-vote-{sha256sum userid & postid}@instance.foo instead of the actual voter's username.

3 more...
4 more...

One of the things I liked back in Kbin was being able to see who upvoted. Some people were lurkers who didn't comment, but it was still nice to always see them take an interest in the material. Felt more like they were a regular in the community.

1 more...

Votes are already public. This isn't a change

Yeah. Just look from a kbin instance, or if you host your own instance, you can run a Postgres query to find them there's a dropdown in the web interface to see who voted on a post/comment.

6 more...

I am kind of afraid that if voting becomes more public than it already is, it will lead exactly to more of the kind of "zero-content downvote" accounts mentioned in the ticket. Because some people are just wildly irrational when it comes to touchy subjects, and aint nobody got time to spend an eternity with them dismantling their beliefs so they understand the nuance you see that they don't (If they even let you). So it kind of incentivizes people to create an account like that to ensure a crazy person doesn't latch on to the account you're trying to have normal discussions with.

But I understand that they can technically already do this if they wanted to. So perhaps it will be fine as long as we fight against vote viewing being weaponized as a community.

Yeah I didn't realize votes were essentially public already. This will 100% change my voting patterns. The problem is, I'm an idealist who still follows old school reddit voting guidelines of "this adds to the conversation" or not..so I upvote stuff I don't agree with as long as it is well thought out, well said, or at least civil and trying to have a good conversation. When I remember to, I also tend to downvote vitriolic nonsense or pithy nothing comments even if I agree with the values, because I don't think it helps anyone to have annoying angry echo chambers. That's like...the entire Internet right now, and Lemmy is already bad enough with that. It doesn't need to get worse by making sure everyone is voting in lockstep lest they get brigaded (which there are no inherent protections against).

1 more...

If a website could be sure none of their users are malicious/bots and all of the users are perfectly rational and virtuous then public or private voting wouldn't matter either way. That being nearly impossible, why not a reputation based system like Stack Exchange? Only when an account meets certain requirements they can vote.

To boot, on the website tweakers.net one can actually vote -1, …, +3.

  • +3: “Spotlight comments are of such high quality and substantive value that they clearly stand out above the rest”
  • +2: “Informative and interesting comments that are a useful addition to the discussion in an on-topic thread or the information in the article”
  • +1: “Nice on-topic responses with knowledge that is common knowledge”
  • +0: “Comments that do not contain a relevant contribution, but are posted with good intentions”
  • -1: “Flamebaits, trolls, misplaced jokes, unnecessarily hurtful comments and other comments that violate our terms and conditions or house rules”

[Posted this comment on GitHub.]

7 more...

The fact that the devs even considered this is a bad sign, IMO. How out of touch does one have to be to think this is a good thing in any capacity?

Disagree. They showed their arguments, and those seem pretty valid to me, even though I disagree. IMO being open, transparent and promoting community discussion is a good sign.

How so? Most social media shows who liked stuff, it does make sense to consider it for lemmy.

2 more...

Yes. The act of voting a comment up or down shouldn't be much different to hitting reply to that comment.

Upvote/downvote systems do exist to overcome those "+1" "-1" posts on old forums. You are not voting for the legislative elections. You are just interacting with another person comment/post in a way that does not require writing. If post comments, are not anonymous, upvotes/downvotes shouldn't be anonymous as well.

1 more...

If they are shown to mods and admins then all the positives from the list are already included no?

What do users have to do with detecting „patterns” and bad accounts?

1 more...

Guarentee you will start witch hunts by making the votes more accessible. But if you want every user to be able to do that then go ahead. My ability to keep myself occupied here is already not that large, maybe some witch hunts are what we need to drive engagement up /s

1 more...

Let's create separate accounts for voting and for posting so to improve anonymity and freedom of expression.

I have been considering building it into PieFed, if votes became public. There would be a pool of 1000+ bot accounts which will vote on behalf of anyone who wants it. When a vote is cast one of the proxies would be randomly chosen to federate the vote instead.

7 more...
8 more...

I don't see how that's much different from making a comment, it's not election, how is voting on a comment/post different from voicing your opnion with a comment?

Do I prefer the completely private option? Yes, but if the alternative is that some people can see and others can't, I prefer that everyone can see it.

I could go either way, but I don't think "other platforms have public voting" doesn't seem all that convincing. Who cares? I don't care who voted on what, and I doubt most others do either.

While there are workarounds, leaving it as is at least weeds out the majority of trolls who aren't technically inclined enough to go pull up A to see how B voted on C.

It is baffling to me how many people want to copy Reddit voting system, including hiding voting history, despite having left Reddit. The entire voting system over there is a huge part of the toxicity problem.

Downvotes should be removed, all votes public. Accountability changes peoples’ behavior and I can tell you that before kbin.social went down you could definitely see the difference.

This is clearly an unpopular opinion and I will be downvoted like crazy for it, but it is so exhausting watching forum after forum make the exact same mistakes.

Without downvotes, you get Twitter where even obvious rage bait drowns out everything. Downvotes aren’t perfect, but they’re much better than not having them.

1 more...

Downvotes can be useful in certain contexts, like when you visit a thread and are looking for factual information, such as the answer to a tech question. I don't want to accidentally follow someone's bad advice because the bad advice didn't have any downvotes nor any responses as to why it was wrong.

It's not perfect, but voting is a quick, often effective method of fact checking.

It’s more of a vibe check than a fact check. But I think it’s definitely useful for the network to self moderate since mods are pretty much entirely voluntary on Lemmy.

Just to give a concrete example, there are a couple blatantly political posts on !fediverse. Do they belong there? Absolutely not. But by the time I saw them days later, the damage was done and they were already taken care of by downvotes. Should I really mod remove a week old post with 50 downvotes? The discussion there about why it didn't belong was fine, and didn't need to be hidden further.

I'm against making votes visible. I don't want to make myself a target because I don't vote with the hivemenind.

Automatically removing downvoted posts is a bad idea, because you basically can censor any post when you have a couple of people.

I didn't switch from reddit because of the voting system, I switched because my app stopped functioning.

We don't have to be contrarian.

The problem with seeing people's votes is you don't have context for why they voted that way. Did they upvote because they agreed, or because they thought it was an engaging counterpoint in an interesting discussion? Maybe they just thought it was funny or wanted the thread it was part of to be more visible. Someone looking at your votes could choose whatever perception they want if they decide to go after you for it.

11 more...

You can't have accountability and anonymity. There are people that post, not just upvote, garbage all day long. There's also plenty of occasions where people have been shamed for past posts in completely unrelated threads. I don't disagree with those things being public, otherwise we might as well use Pastebin, but we don't need one more way to judge people. It's also the simplest of acts. I've upvoted right-wing posts before but not because I agree but because they were making valid points and not resorting to personal attacks or demagoguery.

20 more...

Maybe make it possible for a server to only share aggregate votes on a given post?

Like a proxy vote, where only the server knows who it belonged too.

I actually like the idea of being able to see how many upvotes/downvotes came from specific instances much more than seeing the actual users. It would cover some of the positives mentioned in the github discussion:

-Could help fight bot and multiple-account voting (if we assume that people who make multiple accounts do it on the same instance)
-Could help identify voting-patterns from specific servers (obviously)

And then if something looks suspicious, the admins can already see who voted, so they could check out whether some user is abusing the mechanics.

I find that this approach might be worth talking about, but making user votes visible to all seems very unnecessary.

Sure, but then you're trusting the server not to just lie about the totals.

I mean, that's already true and why the federation model is used in the first place. If another instance can't be trusted, you can disconnect your own from it (extremely easy if you self-host, if you are a standard member of a larger instance it might require convincing)

1 more...
1 more...
2 more...

absolutely a horrible idea. please for the love of god don't do this, it will only lead to people getting dunked on for how they upvote/downvote.

I think they should focus more on getting rid of bots, and get a little less ban happy on the people that are calling out bots or bullshit.

I'd love to see what mod removed content or banned someone.

4 more...

You know what this feature is really useful for? Seeing who upvotes spammers to preemptively block them. Admittedly, I haven't had much of a use for that aspect since kbin.social died, but it was neat while it lasted.

Sorry, what's an upvote spammer and why are they undesirable?

Op is talking about accounts that upvote spam content. For the most part those accounts will be the spammer's alts that will be posting spam when the current account gets banned. Blocking them while they are still being used for vote manipulation means you wouldn't have to see their spam in the future.

1 more...
1 more...
3 more...

While I don't necessarily think that votes should be made public, it would be nice if you could see your own votes. There have been a few times I wanted to find a post that I had seen, but didn't save, and I couldn't find it.

If you are on Android, Voyager shows what posts you upvoted and downvoted in the profile page.

I agree, would be nice if this was standard in web version.

Boosting a Lemmy post in Mastodon shows up as an upvote in Lemmy. So the two concepts seem to be coupled in the activitypub substructure. I don't see how upvotes would be secret then, as I don't think it's possible to boost something privately on Mastodon.

2 more...

I was of the assumption they were private. Please make them private then because I want no one looking at my votes

They can't be completely private because instances have to share how many upvotes each post has. That's a limitation of the fediverse, since everything is spread across many independent systems, data has to be exchanged across them.

As of now, they're semi-private because end users can't easily see who voted on a post/comment unless they manage an instance themselves.

3 more...
4 more...

Absolutely braindead consideration by the devs. I'll be quitting Lemmy if/when this is pushed through. Unbelievably stupid.

Please be aware that votes are already public, they just aren't shown in the UI. Other apps than Lemmy show the votes.

8 more...
9 more...

Baked in visibility of votes and blocking that only works one way makes Lemmy (and anything based on ActivityPub) less functional from an end user standpoint. Wish I knew a decent, somewhat popular alternative that implemented these features

1 more...

Maybe a model where upvotes and downvotes can per instance be federated either publicly or aggregated? So an instance admin could choose to bundle together the vote totals and push them to other instances and it would just show the total number of votes on comments and posts by people on their server rather than the individuals. And if a federated server acts up and sends bad vote totals, the instance could be blocked for it as a trade off.

The underlying protocol, ActivityPub has no support for aggregated votes.

if a federated server acts up and sends bad vote totals, the instance could be blocked for it as a trade off.

How would you detect this? It seems very hard.

4 more...
4 more...

I think the best way to think about this is in terms of "affordances" of the platform and the balance of their merits. "Affordances" just mean the actions and behaviours enabled by the platform's features (a jargon-y but useful word I've seen others use in these discussions).

Broader principles like privacy are important too, but I think can easily lead to less productive and relevant discussions, in part because many of the counters or complications will come down to the actual affordances.

The biggest affordance is obvious: more polarisation & abusive/antagonistic behaviour

From what I've read so far, I think everyone shares a pretty clear understanding of what public votes will lead to ... a more heated and polarising dynamic, with potential abuse vectors opening up, and less honesty and openness in voting. And I think most share a distaste for that scenario. Either way, I do, and I'd encourage others to think about how it's likely result of public votes and with the internet being the internet, is unlikely to be pleasant or fruitful.

Specific people having access doesn't decide the matter

While others have access to vote data, namely admins of instances, mods (for their communities) and members of platforms that make votes public like k/mbin, I don't think this is decisive.

It's about the behaviours that are being enabled and the balance of behaviours and how they interact to form community dynamics, with the fediverse itself being an important factor. An admin or mod having access to votes is part of making their job easier, which is a good thing. It's power and responsibility. And the moment they violate the bounds of their role by "doxing" someone's voting data, that'd obviously be a bad thing, but with countermeasures we can take. We can leave their instance or community and our instance can defederate from them ... their account can be blocked and possibly banned by admins. On balance, this seems stable and fair enough to me.

In the case of other platforms, like k/mbin, that's definitely more tricky. But again, defederation is always a possibility here if it becomes problematic enough (however dramatic that could end up). This is just the nature of the fediverse, that platforms will differ on things like this. Again, if people start abusing that information from other platforms and instances, blocking, banning are options, as is the nuclear option of defederation with any such instances (which is a core balancing feature of the fediverse).

As it presently stands, k/mbin are a minority of users on the threadiverse and so whatever their platform choices are don't really affect the rest of the threadiverse.

In the end, you can only make the best platform that you can. That k/mbin do something we don't want to do isn't a good reason for following suite. If anything, it's a good reason to stick with what we prefer and continue to make the argument with them on their choices.

Privacy and transparency are relevant but not decisive

I agree it's an issue that it seems votes are private when they aren't. Again, I come back to the balance of affordances, and I think they're better as they are than with public votes. However misleading the privacy situation is, it can be handled by being more transparent with users by providing warnings etc.

Ultimately, the privacy problem on the fediverse is not going away any time soon ... it's the nature of decentralisation, and this should maybe be made more clear to more people! But making a better platform is a real problem in front of us right now and I think it's better to focus on that than how the general issue of privacy or consistency with privacy is best served.

Other platforms aren't that relevant

I think I saw someone mentioning in the GitHub dicussion that other platforms expose vote data. While true, many of those would be microblogging platforms (mastodon, twitter, bluesky etc), where, again, the balance of affordances becomes relevant. A "vote" there, normally called a "like" is a personal action between user accounts that are likely to follow each other with such being the core mechanic of the platform. On aggregators like lemmy/reddit, the core mechanic is making popular posts so that your content gets to the top of the feed (roughly anyway). While there's a lot of overlap, there's more angst here around what gets voted on and what doesn't and less inter-personal accountability and bonding. Posts and discussions are more public affairs and less conversations between people.

Technical can of worms

I wonder if making votes public would create the need or desire for enabling more post-specific options for users, such as making a post that can't be voted on or that doesn't provide public voting data?

What about the children!!

In the end, my bet would be that at the scale that lemmy is at, it won't make too much of a difference if votes were made public. I think some would definitely encounter more unpleasantness and some would definitely find voting a more stressful affair, but we're cosy enough that we'll cope. Going forward though, public voting for an aggregator feels dangerous and hard to undo. Yes, it could be technically removed, but if a culture is established that is accustomed to it and become desensitised to the negatives, they'll probably want to hold on to it.

2 more...

I thought they were already???

Like how/why wouldn’t they be public? Even if the data isn’t readily accessible via a gui it’s gotta be somewhere so that federation works. Unless you’ve been thirsty in your main it shouldn’t be a problem?

Am I missing something?

4 more...

Already had one person today mention my down votes .

It didn't validate their argument at all and without context it can be interpreted in any fashion to make it seem malicious

So, federated network advantages here: you can always modify your instance's hosting code to patch this out, at least for the users on your instance.

What you cannot do is prevent other federated instances from publishing the votes submitted to content on their instance. But if you're accessing that content through your local instance, they can modify the upvote button to pop up a dialog saying something like: "The instance that hosts this content has elected to make usernames visible for upvote/downvote. Would you still like to vote?"

Personally: In many ways I don't mind. I'm on the internet with my real name. I don't mind being accountable for my behaviour online. I might be a little more cautious about upvoting something controversial or NSFW, but largely it wouldn't change my behaviour.

They simply want to police it better to suit their agenda

Based on the comment, it seems there's more opposition toward visible downvote than upvote, so maybe dev should just make upvote visible and not downvote?

There's more talk about how bad visible downvote is and no one seems to talk about the upvote lol.

This is how it is in mbin. Well, over at the instance I'm using at least.

I find it amusing sometimes, because I can see whether posts have been liked from Mastodon or other services. Gives some insight into how interconnected we really are.

I guess over at Lemmy you can't currently tell if your post is boosted by a Mastodon user. Sometimes they are, and in theory they can kind of live a life of their own from there on. It's fun to be able to see when it happens.

My posts and comments are already exposed, so it seems like it would make sense to make votes public as well. I think it contributes to the general spirit of the platform.