YSK: Your Lemmy activities (e.g. downvotes) are far from private
Edit: obligatory explanation (thanks mods for squaring me away)...
What you see via the UI isn't "all that exists". Unlike Reddit, where everything is a black box, there are a lot more eyeballs who can see "under the hood". Any instance admin, proper or rogue, gets a ton of information that users won't normally see. The attached example demonstrates that while users will only see upvote/downvote tallies, admins can see who actually performed those actions.
Edit: To clarify, not just YOUR instance admin gets this info. This is ANY instance admin across the Fediverse.
Well of course. The instance stores all data in a postgres database. How else will it be able to remember anything?
Maybe this is not obvious to non-programmers but you never see everything in the user interface for any system. There are tons of records needed for the system to track everything that goes on.
Since posts are federated, they will exist in the local db as well as on each instance.
It's not that it stores data, it's what data it stores. Your votes construct a very detailed profile that doesn't mean anything to another human but an AI can read it like a very simple book. They don't necessarily need to be so strongly associated with your account thanks to simple technology like hashing.
If you're a programmer, you'd know there are ways to authenticate a transaction without giving away giving aways, or storing, the person who initiated the transaction. It's more difficult to do of course. So it's often not done.
That's not always the case. My username has heritage dating back all the way through to Slashdot, Digg and through Reddit. While you may not know me that doesn't mean I'm unknown or anonymous.
On Reddit I could upvote or downvote as I pleased, without exposing my POV on controversial topics to the general populace. Only commenting would actually out me. That's not the case with Lemmy and making people aware of that is a good thing, imo.
But it's the fact that it's so easy to reverse engineer. You can take that data to build a large profile on each user in your instance (or possibly all instances)
Sure, this can be abused. Build profiles on each user based on what they are talking about and what communities they subscribe to. Then start sending them direct Lemmy messages with ads or links to shitty or dangerous sites.
The fact that anyone can start an instance and get all this info sent to them is a bit unsettling. But we will have to find a way to protect against it.