Edit: obligatory explanation (thanks mods for squaring me away)…

What you see via the UI isn’t “all that exists”. Unlike Reddit, where everything is a black box, there are a lot more eyeballs who can see “under the hood”. Any instance admin, proper or rogue, gets a ton of information that users won’t normally see. The attached example demonstrates that while users will only see upvote/downvote tallies, admins can see who actually performed those actions.

Edit: To clarify, not just YOUR instance admin gets this info. This is ANY instance admin across the Fediverse.

  • Distributed@lemmy.world
    link
    fedilink
    English
    arrow-up
    10
    ·
    edit-2
    1 year ago

    This was my thoughts as well. I understand the need for an audit trail.

    Would be very easy to build up an interaction graph with this data that could be used for fingerprinting. If this is an issue for you, though, just browse without signing in/interacting

    Was just thinking about this more though, and unfortunately there can also be rogue instances that allow bot users to be created and interact with other instances posts, so this issue could still persist.

    • plumbercraic@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      14
      ·
      edit-2
      1 year ago

      Could replace the usernames with UUIDs, and keep the username-UUID map back on the source instance? Then you get an audit trail, but not associated with user identity. There’s also no guarantee that people don’t use bob_jones as their username, and this is Personally Identifiable Information, which brings up some GDPR stuff too.

      • Muddybulldog@mylemmy.winOP
        link
        fedilink
        English
        arrow-up
        11
        ·
        1 year ago

        The problem with that is that every interaction that any user has with a post or a comment would require calls back to the home instance in order to lookup those usernames. That’s a LOT of extra load

          • plumbercraic@lemmy.sdf.org
            link
            fedilink
            English
            arrow-up
            4
            ·
            1 year ago

            Yeah I just meant for the votes. If you make a comment with your username it’s pretty clear you consented for the input and the username to be visible side by side.

      • shagie@programming.dev
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        Source instances can be seized ( https://kolektiva.social/@admin/110637031574056150 ).

        UUIDs aren’t “invested” enough. Interacting with a name rather than 08d86062-730b-4081-8c4c-b28bca1713b6 or c4e1261a-087a-448d-bd3f-5c3d8ab28aab is desirable.

        GDPR will be interesting in the fediverse as once it’s out there it is really hard to remove/redact on all the other servers that the post has been federated with. It is a problem akin to sending an email to a mailing list and then asking everyone on that mailing list to delete that email… and forward that deletion request on to anyone they forwarded your email to and ask them nicely to do the same.