Privacy

31790 readers

247 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

105

Privacy Concerns on Lemmy: A Call for More User Control (github.com)

submitted 9 months ago by ChasingEnigma@lemmy.world to c/privacy@lemmy.ml

93 comments fedilink hide all child comments

I've been grappling with a concern that I believe many of us share: the lack of privacy controls on Lemmy. As it stands, our profiles are public, and all our posts and comments are visible to anyone who cares to look. I don't even care about privacy all that much, but this level of transparency feels to me akin to sharing my browser history with the world, a discomforting thought to say the least.

While the open nature of Lemmy can foster community and transparency, it also opens the door to potential misuse. Our post history can be scrutinized by creeps or stalkers, our opinions can be nitpicked based on past statements, and we can even become targets for mass downvoting. This lack of privacy control can deter users from actively participating in discussions and sharing their thoughts freely.

Even platforms like Twitter and Facebook, often criticized for their handling of user data, provide some level of access control. Users can choose who sees their timeline: friends/followers, the public or nobody. This flexibility allows users to control their online presence and decide who gets to see their content.

The current state of affairs on Lemmy forces us into a cycle of creating new accounts or deleting old posts to maintain some semblance of privacy. This is not only time-consuming but also detracts from the user experience. It's high time we address this issue and discuss potential solutions.

One possible solution could be the introduction of profile privacy settings, similar to those found on other social media platforms. This would give users the flexibility to choose their level of privacy and control over their content without having to resort to manual deletion or account purging.

I believe that privacy is a fundamental right, and we should have the ability to control who sees our content. I'm interested in hearing your thoughts on this matter. How do you feel about the current privacy settings on Lemmy? What changes would you like to see? Let's start a conversation and work towards making Lemmy a platform that respects and upholds our privacy.

you are viewing a single comment's thread
view the rest of the comments

[–] SnotFlickerman@lemmy.blahaj.zone 5 points 9 months ago* (last edited 9 months ago) (1 children)

I don't disagree on those points, but I think it's the nature of Lemmy being decentralized that makes all those things necessary.

server should discard voting info after a brief interval for abuse detection

What if the server has not federated out the votes yet? Some of that stuff can get backed up in a queue. There's definitely a possibility that votes could get "lost" on the way. Hell, that already happens, and that's with a system that tracks them.

Servers have to keep a lot of this info to pass to other servers. If I upvote something on Lemmy.blahaj.zone, it doesn't mean that upvote has been federated outward to hundreds of other servers yet. I would assume this is part of how Lemmy is able to keep things "organized" between all servers.

In other words, a lot of the privacy complaints come from technical limitations of how Lemmy works. Lemmy, by it's decentralized nature, has to transfer tons of data back and forth between all Lemmy instances.

However, there are technologies that are trying to work around this kind of technical limitation. You might be interested in something like Veilid. I'm not sure about the details of putting together a Veilid-based social-network, but I'm willing to believe it's possible.

[–] solrize@lemmy.world 2 points 9 months ago (1 children)

I don't see anything in your post that indicates any reason to track what posts a person has read. That should not be tracked at all. Reading posts should be completely anonymous.
I don't see why voting necessarily has to track who casts the votes. But, because untracked voting can be abused so easily, I can understand deciding to retain the info for let's say 24 hours. Hopefully that is also enough to handle those propagation issues.

Really, imho, server instances shouldn't have a web interface at all, just an API. Web apps would make API calls to the server and reformat the response for use by the browser. The API call to read a post should not require any identifying info or require the user to be logged in. Read tracking and subscriptions should be handled by the client, and in the case of a public client (web app shared by many users), the private user info should be encrypted in case of a server breakin or seizure. The encryption key would be based on the user password and transformed to a browser cookie when the user logs in, so it is never stored by the web app. With most people using mobile clients these days, alternatively, the info can be kept completely on the client device and maintained by the mobile app.

[–] loki@lemmy.ml 4 points 9 months ago

Good features. If you make a fork, people would be interested in trying it out.