- cross-posted to:
- comradeship@lemmygrad.ml
- cross-posted to:
- comradeship@lemmygrad.ml
Edit: obligatory explanation (thanks mods for squaring me away)…
What you see via the UI isn’t “all that exists”. Unlike Reddit, where everything is a black box, there are a lot more eyeballs who can see “under the hood”. Any instance admin, proper or rogue, gets a ton of information that users won’t normally see. The attached example demonstrates that while users will only see upvote/downvote tallies, admins can see who actually performed those actions.
Edit: To clarify, not just YOUR instance admin gets this info. This is ANY instance admin across the Fediverse.
You don’t publicly announce it, but the government still knows it’s you who voted. Except in this case the site is open source. Knowing who voted is the only way to prevent vote manipulation.
In the US, all elections are done by secret ballot. The govt can see that you voted, but not who you voted for
Okay, yea, that does make sense. I was thinking of electronic votes, in which case there wasn’t much stopping them from storing that data. But you can get a paper ballet where your name isn’t on it. Regardless, actual voting isn’t a good analogy. You can change your vote on an internet forum, you cannot with a ballet.
Let’s say on lemmy, up or down vote, it reported “Bazoogle has voted” and simply adds a number to the variable without my name tied to it. If I wanted to undo my vote, it wouldn’t know whether to subtract an up vote or down vote unless it knew which one I did in the first place. The only other option would be to try and encrypt the username with some sort of identifier that can’t easily be decrypted. Which might be possible, but is beyond my current knowledge of cybersecurity.
It’s as simple as sharing vote counts but not individual identifiers between instances. Problem solved.
A user doesn’t even have to comment to be doxxed by publicly viewable upvotes. They upvote a post in a community for their local state, then upvote a post about how to get an abortion. The state subpoenas the instance admin and gets their IP and email address.
They could already do that with Reddit. Is that something that happens?
With Reddit that data could be kept between the users and admins.
I do not have any insider knowledge regarding whether Reddit has received requests for user data.
You were saying in the example of the government requesting the data. That’s not any different for reddit or Lemmy. If anything, it would be harder to get from Lemmy since it’s decentralized. And reddit is known to comply with government warrants.
A warrant is still more secure than public access.
Uhm the government knows it’s you who voted but not what