Update: Thanks mateys for participating! Our instance was really split down the middle on this vote - 49% in favour, 51% against.
After reading all the comments, it honestly seems unlikely to me that private voting will ever be a viable option for Lemmy in any meaningful way, because voting data gets federated out all across the fediverse, so I think on balance the best way forward is just to accept that reality and work under the assumption all votes are public. At least then nobody is lulled into a false sense of security.
Having said that there’s an argument to be made for both sides and I don’t think there’s a “right” answer necessarily. Its more down to personal preference about whether you want/expect private (to the users) voting, or you want to embrace public voting. But until Lemmy can guarantee the privacy of user votes then simply pretending they are private seems like the worst of both worlds.
We might revisit the topic of public/private voting again down the road if Lemmy’s developers provide privacy enhancements in that area though.
Cheers, Unruffled.
Hi again mateys!
As most of you are probably aware, since the development of Lemvotes Lemmy votes are no longer private for users.
The way lemvotes works right now afaik, is it uses an admin level account to collect voting data from all federated instances, thus enabling the identification of every voter. This method effectively bypasses the guardrails the developers put in place to keep this info more restricted.
However, the developer of lemvotes has recently developed an “opt out” for instances that don’t want their user data collected in this way. So now we have a choice of whether or not to continue. For total transparency, I asked the developer to create an opt out because I wanted to give our users the option to choose that path without defederating from the lemvotes instance.
I think there are (at least) two schools of thought on this topic, which I will attempt to succinctly summarize below:
-
Votes should be kept private to users as they were only ever meant to be viewable by instance admins. Making votes public to everyone via lemvotes, when users have a reasonable expectation of privacy when it comes to voting, is a betrayal of user trust. It also leads to arguments and a lot of unnecessary drama, caused by users trawling though each others’ vote histories.
-
It’s good that voting is transparent and that users have the same tools available as admins to conduct their own investigations into other users. This creates a level playing field and helps hold everyone accountable for their voting patterns.
So now you have some of the context, I’d like to ask our community what are your thoughts on lemvotes… is it a social good or a bad idea?
Personally, I quite like it from an admin perspective - it’s a handy tool, and a pretty cool project. But I also have an expectation (mainly from other forms of social media) that users’ votes should be kept private from other users, so I still think it’s problematic from that perspective.
Proposal: To opt out of lemvotes, so that our users’ voting data is kept (at least somewhat) private.
- To vote FOR the proposal to succeed, upvote the post.
- To vote AGAINST the proposal, downvote the post.
This will be a simple majority vote. Similar to the last governance topic, I have no clue what the instance sentiment is towards lemvotes, so let’s find out! Feel free to add your comments below.
Not having enough surveillance seems adversarial to db0 values, or maybe I’ve misunderstood the community.
How would you fix ActivityPub for db0 then? Seems like we need to start talking about that more than whether people can spin up their own instances
this is an anarchist/GLOSS/pirate instance; freedom of information is tied closely with anarchism and the hacker ethic.
for me: it’s less about whether this type of information should exist (it shouldn’t) and more that i reject privileged information conceptually. i don’t think this type of information should just be available to admins and people with the technical resources and expertise.
i would prefer (in my uneducated opinion) that this information only be visible to the user (on their own posts), community moderators (in their own communities) and admins (on the voter’s home instance), and anonymised elsewhere (for example, only showing a source instance).
but since that is not how it works, then i would rather have access to the same level of information that anyone else has over me. i also feel more in control of my own data when i have access to my own voting history. thus, i think that’s why there’s a sentiment that there is a different approach to this problem, and it won’t end with just blocking one tool.
That would also be my preference. It’s a shame we can’t have that in Lemmy without that info leaking out all over the place.
Good points, and I agree with your conclusion.
@[email protected]
That would make vote manipulation incredibly easy, and impossible to prove, since there would no user names shown. If there are suddenly a whole bunch of votes from accounts that have been created 2 minutes ago, that’s very obvious. If only a number is shown with no user list, how would you prove anything?
your preferences cause real world harms to individuals we should be trying to mitigate.