Hi again mateys!
As most of you are probably aware, since the development of Lemvotes Lemmy votes are no longer private for users.
The way lemvotes works right now afaik, is it uses an admin level account to collect voting data from all federated instances, thus enabling the identification of every voter. This method effectively bypasses the guardrails the developers put in place to keep this info more restricted.
However, the developer of lemvotes has recently developed an "opt out" for instances that don't want their user data collected in this way. So now we have a choice of whether or not to continue. For total transparency, I asked the developer to create an opt out because I wanted to give our users the option to choose that path without defederating from the lemvotes instance.
I think there are (at least) two schools of thought on this topic, which I will attempt to succinctly summarize below:
-
Votes should be kept private to users as they were only ever meant to be viewable by instance admins. Making votes public to everyone via lemvotes, when users have a reasonable expectation of privacy when it comes to voting, is a betrayal of user trust. It also leads to arguments and a lot of unnecessary drama, caused by users trawling though each others' vote histories.
-
It's good that voting is transparent and that users have the same tools available as admins to conduct their own investigations into other users. This creates a level playing field and helps hold everyone accountable for their voting patterns.
So now you have some of the context, I'd like to ask our community what are your thoughts on lemvotes... is it a social good or a bad idea?
Personally, I quite like it from an admin perspective - it's a handy tool, and a pretty cool project. But I also have an expectation (mainly from other forms of social media) that users' votes should be kept private from other users, so I still think it's problematic from that perspective.
Proposal: To opt out of lemvotes, so that our users' voting data is kept (at least somewhat) private.
- To vote FOR the proposal to succeed, upvote the post.
- To vote AGAINST the proposal, downvote the post.
This will be a simple majority vote. Similar to the last governance topic, I have no clue what the instance sentiment is towards lemvotes, so let's find out! Feel free to add your comments below.
The fact anyone on db0 would advocate for 'transparency' in the name of surveillance makes me believe either I chose the wrong instance or you did.
Sure, that data is available to admins, but this approach will naturally lead to a chilling effect that directly opposes this instance's supposed principles. I understand the why here, but cannot fathom, with how often data is misconstrued by the malicious in the modern age, anyone would operate or advocate for such a service.
Who surveils who here, though? I can be surveiled but also surveil the surveiler myself, as long as the person is on an instance that hasn't opted out. And isn't viewing people's old comments a pretty similar sort of "surveillance"? The difference comes mainly from how we're used to the reddit model where comments are public and votes are private...
Lemvotes has been available for many months, yet there's been no "chilling effect" on anyone's behaviour, as far as I see.
As someone pointed out this is already public information for anyone using kbin and mbin. Blocking tools like this doesn't really change that, or even make it harder to see. People are saying without it you would need to make your own instance to see who voted, but given kbin and mbin exists this is probably false and misleading.
Votes being public is an inherent part of the protocol and the software. There isn't much that can be done without redesigning both of those things. Even then it would probably be a case of votes per instance, not fully anonymous voting. Doing that could potentially create moderation problems as well.
I feel like this would be better served as a discussion around ActivityPub then and not just Lemmy - and not just ancillary softwares based on Lemmy like Lemvotes
Maybe the whole question is just, should an instance show votes. As in, if an instance truly wanted their votes to be anonymous on activitypub, it couldn't happen. So those who are not wanting to have their up/down votes seen, should be opting out of up/down voting. While those who don't care / want their votes to be seen, should be up/down voting.
That data is available to admins of any instance. Anything federated. That's an impossibly large number of instances to keep track off over information leaks, especially since votes are saved permanently so any leak of any instance would retroactively expose all votes again.
This is not even starting to touch on other activitypub software interpreting votes as inherently public and showing them as such. On mbin, anyone can see votes.
In practice this data simply is irrevocably public until lemmy itself hides it on the protocol layer. Right now, it can't even be properly obfuscated.
This is exactly why I think we should push for Lemmy as a whole resolving the issue, instead of dealing with vote trackers as they crop up.
What's the chilling effect? What kind of power does anonymity of voting (even if that were available on lemmy) confer, considering that comments can't be anonymous?