Your instance knows
- Your IP address
- Your E-Mail (if provided
- Your password (salted of course)
- Your session type (browser, app, etc)
- Your interactions (posts, comments, saved, upvotes, downvotes, etc
- Your social graph (following and followers, etc)
Everyone in public knows
- Your session type (optional)
- Your interactions (posts (if set public), comments, saved (depending on service), upvotes, downvotes, boosts, etc)
- Your social graph (may be optional depending on service)
How is session type made available in the federation? I wasn't aware that was shared on the protocol.
Im not sure, but on mastodon for example you will often see tusky, or web, etc at the bottom of post details. https://digitaldarkage.cc/@shortwavesurfer2009/110691099097120908
Nope. It's public. Assume everybody has a copy of everything sent over ActivityPub.
Permanently Deleted
I concur.
The services/platforms/networks on ActivityPub, for the most part, serve as a public forum. I don't expect privacy in that context and others shouldn't either.
I personally believe we shouldn't conflate the two (private/public spaces) and have private End-to-end encrypted messaging via an alternate platform/service to ensure people don't mix them up - maybe something like Matrix, since that's also federated and self-hostable. But that's just my opinion.
Only your instance host could monitor your personal metrics and fingerprinting. These are what are so invasive with big tech.
Everything you post here as content is public and can be scraped you should assume everything will be mined for data.
They can't see your IP, dwell time, votes, what you read, what you didn't read, and most importantly they can't inject content into a structured echo chamber and observe how you react.
