I think most of us are aware of the shady history of Reddit when it comes to respecting privacy (and if not, here is but one example: https://techcrunch.com/2023/09/28/reddit-is-removing-ability-to-opt-out-of-ad-personalization-based-on-your-activity-on-the-platform/)
I’m wondering what you feel are the pros and cons of Lemmy in this regard?
On the one hand, Lemmy is structurally very different. There’s no single corporate entity building detailed behavioural ad profiles, most instances run minimal (or no) tracking, and you can choose an operator whose logging, retention, and analytics policies align with your risk tolerance.
Hell you can roll your own (yes, with black jack and hookers).
In theory, that alone removes a huge chunk of the surveillance-capitalism model that platforms like Reddit depend on.
On the other hand, your posts, comments, and votes are not confined to one database - they propagate across multiple servers, each with their own admins, logs, and retention practices.
Deletion is best-effort, not guaranteed. You’re effectively trusting a network of operators, not just one. I dunno whether that makes it better or worse.
Any deep thoughts on this conundrum?
PS: I’m leaning towards “don’t say anything you wouldn’t in a court of law” model these days. If its online - and you don’t own the infra - there’s always a risk.
Public posts publish here.
You want private messages? Get a chat app.
PS: I’m leaning towards “don’t say anything you wouldn’t in a court of law” model these days. If its online - and you don’t own the infra - there’s always a risk.
You should assume everything you say online is being captured by govts. Encrypt everything you can, use a no log VPN not based in 15 eyes, use OS and browser with sandboxes/containers
Lemmy lets you sign up and use it without a lot of the linked identifiers that reddit requires, that can be tied to your real identity (so they can serve you targeted ads). These include things like IP addresses, your email address, browser or device fingerprint, phone number, etc.
The other privacy concern I can think of, is middle-men capturing passwords and text input, and IP addresses. As long as your server isn’t using cloudflare (unfortunately many lemmy servers are), and you aren’t using a closed-source app or web UI (unfortunately many users are), you’re likely safe.
Of course the other comments are correct that this is a public platform that’s distributed, so we have to assume nefarious agencies are scanning it, so you shouldn’t say anything that could tie your account to your real identity. Its also probably a good idea to create new accounts every so often if you’re the type of person who tends to leak that info.
There is no flawless solution , that being said there is such thing as worse and even worse … to me Reddit is “even worse”. I’m only accountable for what I post and what I “vote” on and there I’ve got no problems. It’s nice to know here if there are trackers it’s not necessarily baked in. LLMs maybe reading what it can see but those LLMs aren’t determining how and what I’m doom scrolling. That’s what would bothers me.
And while I’m sure there are bad actors probably willing I still think the fediverse is to small to really garner a ton of effort to extort much of anything.
Can people actually be held accountable to what they write as thoughts and opinions, anonymously? Are you talking about online surveillance in the US?
It certainly seems to be trending in that direction, no? A lot of the “best” ideas do tend to get crowbarred out of the US.
OTOH, with the EU pushing to divest itself of American software and policies, perhaps there’s still some wriggle room.
OTOOH, because of the nature of the Fediverse, something like this can happen in theory:
- You use a German-hosted instance → primarily subject to EU/GDPR
- Your posts replicate to instances in other countries (including the US), which you don’t directly control (unless you self-host and block that)
- Those servers operate under their own local laws
- End result: your reposted data and meta data may now fall within the American legal domain.
Even if no trackers (which there are) Lemmy is federated so you cannot just delete your stuff and sleep over it. However if you need to be careful, you can solely use Lemmy over Tor. It’s not private but can be anonymous.
I think I recently read that Lemmy devs are working on private upvotes / downvotes (yes even they can be tracked) but it seems it’s tricky with federation.
So, generally Fediverse is not private and cannot be private due to its nature. If you have a threat model, you should use it with Tor.
