The only privacy setting I can encourage on any social media site is don't share private stuff about yourself and never link to your account from other accounts

Technical question: How would posts federate if private?

The admin of Blahaj is openly interested in exposing trans people's alt accounts and outing them on their mains. And somehow it's the biggest trans instance. We need a community and admin reaction in favour of defederating people who do that.

There's a grim tragedy in how many people in this comment section have either succumbed to defeat or actively seek to advocate against privacy.

The comments can mostly be boiled down to:

• My data is online already, and I give up
• Your data is online already, and you don't deserve control over it
• I have nothing to hide and nothing to fear (and you should too)

You will find Fediverse types are far more cynical and antagonistic to privacy than people on other platforms.

Bruh what? If you’re repeatedly making new accounts because you don’t want people reading your post history you’re doing something wrong.

What you're describing is an issue with all of social media. While your concerns are valid, I don't see your arguments as privacy issue. I honestly prefer post and comment history being transparent and accessible. It's much like Reddit and this format fits much better with an open forum style of platform.

Don't post private information and it's a non-issue.

Also, can't you just delete posts and comments like on Reddit?

What irritates me many times when I enter Lemmy is that instead of my Nick at the top right, someone else's Nickname appears for a moment, before changing it to mine. This is a sign of an open account sharing channel, which is quite serious and should be fixed quickly. Security at Lemmy is apparently non-existent.

To me, it's an issue of personal responsibility.

Lemmy is, like a lot of Fediverse platforms, about as private as it can be. There's no trackers, you're not forced to use real names or any other identifying information, no adverts follow you from site to site, no browser fingerprinting and no instance owners are trying to sell your data.

Beyond that, what you choose to say on Lemmy is your responsibility and yours alone.

I remember a little while ago a thread with someone from kbin gloating that they could see what everyone was voting, and accusing the people upvoting comments they disagreed with of being bigots in a vaguely threatening way obviously intended to produce a chilling effect, and people found this surprising because that information is not public on most instances.

I basically agree with the people saying open info is just the nature of posting on a public forum and of federation, but there could be improvements, even just in awareness of what is and isn't private.

If you don't want to share information on a public forum, then don't.

While I think most of us forum users are, I get the impression that the biggest proponents of activity pub and the fediverse as a whole aren’t even seeing privacy as even relevant. It’s a lot of talk of businesses having their very own instances to interface with the public rather than needing to rely everything on the whims of Facebook, twitter, LinkedIn, etc. Nothing with regards to the implications for surveillance, identity theft, spam, privacy or security.

Right now, we’re relatively under the radar because the fediverse hasn't really hit the mainstream yet. But I think it will, and once it does, everything we’ve ever posted will just get slurped up by data trawlers and the flood of spam will be inevitable. We’ll be juggling social media accounts just like we do with emails.

I don’t know if this is relevant, but I’d like to someday have my own kbin instance hosted on my own personal server exclusively for family. I imagine the instance being able to federate content from bigger instances, allowing members to follow people they like on microblogs or participate in federated forums from this privately maintained instance. But if anyone wanted a thread or magazine to be available to users from outside the instance, they would have to specifically opt-in to that option when creating it, and it would only apply to that one thread or magazine. Any other instance would just see our humble little family instance with only that one thing to federate. The rest of the instance would be an ecrypted enclave specifically for family accounts, and completely invisible to the fediverse.

On Lemmy any comment you post gets federated out to other servers, so it's available to anyone who sets up a server. So by design it is not possible to control who gets to see or archive your comments. I could set up a server to permanently archive every comment it sees, and if your server sends me your comment it goes into my archive. Probably people are already doing this for data mining. It's not clear that you could bolt some kind of privacy control on to this architecture, which is fundamentally designed for sharing.

Lemmy has many privacy problems that have nothing to do with public comments you make. For example, the "hide posts that you have already read" option requires that the server track what posts you have read. There is no public activity involved in reading a post. So the Lemmy server should not track that info. If that feature is to exist at all, it should be implemented purely on the client. The same can be said about subscriptions, and for that matter about voting (server should discard voting info after a brief interval for abuse detection). The Lemmy software in many ways naive about this stuff.

If you're not running your own server privacy policies are not even worth the pixels they're presented on.

Literally, you're just taking a random person's word for it (whoever the admin is). A website is a black box, you have no idea what's going on on the back-end.

The only way to be in complete control of your user data is to run your own server and be literally the only user on it.

Even then, any public comments you make are, you know.... public.

I have a feeling that you might be misunderstanding what the actual purpose of lemmy is. lemmy has taken quite a few design decisions from Reddit which is exactly the same way. Both platforms are public places where all content is shared. Anyone using them needs to be aware of that fact. Mastodon might be a better fit for you as it is more focused on individuals rather than public communities.

The way I see it, community-based social media is a public forum, where every post / comment is public (Obviously less applicable on an individualized platform like Instagram). Everyone has an inherent right to privacy, but not when they're using a platform like Lemmy. Twitter and Facebook are fundamentally different platforms. You can't expect privacy while using lemmy, so use a different platform to post private content.

When you have privacy settings, what you really have is a lie.

It starts out with good intentions, like those in this post, but eventually everyone forgets that the platform still sees your posts and does not give a shit about selling them.

I would rather acknowledge from the very beginning that this entire system is not private, so there is never such a misunderstanding.

Everyone should post and comment with caution, just like you use caution with what you say in public places.

It gets weird fast, because before privacy controls in the Lemmy source code mean anything, we need trusted third party verification of a server's patch level, and security controls.

That can be done, and I think Lemmy has a shot at getting to that point, but it'll be awhile.

In the meantime, I suspect the Lemmy developers are hesitant to add and advertise features that you can't be sure are actually correctly enabled on your instance.

But yeah, let's not let perfect be the enemy of moving toward better.

Edit: Assuming you completely trust your instance admin, we could start adding some basic privacy to actions taken on your home instance.

But as soon as the user starts interacting via federation, all bets are off - because the federated instance may he malicious.

I think we might see one or more "trusted fediverse" groups emerge in the next few years, with instance admins making commitments to security controls, moderation, code of conduct, etc.

So, in theory, the lemmy software could start implementing privacy controls that allow users to limit their visibility to whichever part of the fediverse their instance admin has marked as highly trusted.

But even then, there's risks from bad actors on highly trusted instances that still allow open signups.

Anyway, I totally agree with you. It's just a genuinely complex problem.