I don’t think that site would be problematic. After all, we’re just talking about custom interfaces to analyze public data.
A big part of the solution is that users should have an awareness that their activity is public. Every once in a while someone gets burned not knowing that anyone can view what a specific Twitter user or Instagram user liked (like politicians liking risque thirst trap photos).
Another is easy alts and throwaways, with tips to avoid correlations:
Don’t use the same verified email address
Don’t reuse usernames, including across platforms
Try not to use the same instances, such that instance admins can see whether login activity is coming from the same place, unless you absolutely trust that the admins won’t analyze your data OR inadvertently leak their records.
Be aware of the techniques used to correlate users: analysis of timestamps, linguistic/grammatical quirks, etc.
This is a public place, so people should be aware that this is a public place. That means they can still find this useful space, as with many other public places, but should be aware that the more they do on this platform, the easier it is to correlate with a real life identity.
Thinking about this some more, I don’t mean to put everything on the user.
The platform itself, through its design and architecture and settings, should also do stuff to make super detailed analysis more difficult:
Don’t log unnecessary metadata, such as views/visits, clicks, scrolls, time spent on specific posts, etc. Information that is never observed/logged can’t be shared/published.
Don’t share unnecessary information with other instances. For example, with an update to the protocol, an instance might be able to hide which local users voted for what in local threads, while maintaining the proper count internally of what the vote totals are, who has already voted, etc. Non-local users would have to have their votes publicly known, though.
Make the public nature of each action obvious. Make votes more obviously public through the interface (perhaps by allowing people to view who upvoted or downvoted). Make people’s comment history and like history easy to view within the native interface, so that people understand that the information isn’t private to begin with.
Commit to deletion in a public, auditable way. Let instance administrators know that being a good citizen on the fediverse requires adherence to norms about privacy and deletion, and have watchdogs publish stats on how long it takes for an instance to delete a comment or vote or whether it retains edit/delete history.
That last point is completely impossible. Don’t forget that I don’t have to run the official lemmy software on my instance. I can make changes: for example, I can add a feature to my instance like “log every post in a separate, local database before deleting it from lemmy”. Nobody else but me will know this feature exists. Or (to be AGPL compliant) have a separate tool to regularly back up my lemmy database, undoing deletions.
As for the second point: I’d say making local votes private and non-local public will be worse for privacy due to causing confusion.
Nice play, I already wondered why the page does not load.
So the two biggest issues seem to be:
Voting is public (but invisible to users who are thus oblivious about it)
Post/comment history is public, entirely
I’m not sure if (1) can be changed regarding the ActivityPub protocol, but I would appreciate it. There is at least a communication issue since most users probably expect votes to be anonymous.
A shallow research made me hope something like zk-SNARK could be a solution. Voters must be able to identify themselves (to revoke or change their votes later), but servers must be unable to track individual users across multiple votes. A lesser, but still desirable achievement could be to make it impossible to track individual voting behavior across multiple servers.
Agree to @[email protected] about (2). It should be possible to restrict how much of my post history others can see. On the other hand, crawlers and scrapers could still gather the data from browsing publicly available posts and comments, and reconstruct individual post histories. This would then resemble (1) again; users expecting some privacy when they actually have not.
Even if this was real, I think it’s irrelevant. If you make a public post, then that’s what that means, it’s public. What happened to the saying that once uploaded to the internet, it’s there forever? I always thought this was common knowledge. To prevent these things, it shouldn’t be possible by design. That’s why in Lemmy and Mastodon, the fact I can click anyone’s username and see their entire post history is insane to me. Why there no option to make that private, and why the hell is it public by default?
The same people crying about possible data scraping are the same ones who see zero issue with all your profile data being completely public to any possible random internet query.
Wait… the Lemmy logo is a Lemming?? I’ve spent the last 6 days thinking it was a gerbil. And this whole thing was referencing the Lemmiwinks episode of South Park.
I was thinking yay that sounds like an awesome data visualization platform, that would be great. Until I got to the “just kidding” part.
You are right, all this information is readily available. And we would be really naive if we think that no one is collecting this yet.
You, or someone else, should build this, such that it is clearly visible for everyone what data is available. And not just visible to the select few who builds their own closed data mining systems.
This would be a pretty bad idea. Not only are companies going to steal all the data from that site, but its going to lead to people going through every user’s history to block people who don’t have the same “color politics” as them. Its going to lead to hyper echo chambers, even worse than other social platforms.
I think it would be better if this data is obfusicated even from instance admins. Does this present a bigger challenge in identifying malicious users? Probably, yes. However, it protects the Fediverse first and foremost from the vampire companies stealing consumer data, and protects the Fediverse from becoming the loudest echo chamber on the planet.
Differing opinions, viewpoints, and politics are important to genuine discussion. These “color politics” don’t have to even be part of the discussion to influence what people say. I don’t know about you, but being in a thread where people only ever agree with me and offer no alternative ideas is not a place I want to spend a lot of time in. Because who knows, maybe my ideas are wrong, and I might (shudder), change my mind.
Hey, I completely agree with you, in that the most interesting discussions are among groups where I don’t agree with everyone. This is where I learn and grow as a person.
But in saying that, aren’t you also saying that some people, like you and me, would not use such a database to filter out the users we do not agree with?
And would it not be a logical conclusion to make, that people who likes to build and stay in their echo chambers, would not be more inclined to listen to different opinions just because they don’t have a more efficient tool to sort out people they disagree with?
What I am saying is, all information that is technically available will be collected and analysed. Better make a public and open platform showing everything, such that everyone can see exactly what can be collected and surmised from the already public information, than to keep users blind from what information they actually leak publically.
Hey, I completely agree with you, in that the most interesting discussions are among groups where I don’t agree with everyone. This is where I learn and grow as a person.
But in saying that, aren’t you also saying that some people, like you and me, would not use such a database to filter out the users we do not agree with?
And would it not be a logical conclusion to make, that people who likes to build and stay in their echo chambers, would not be more inclined to listen to different opinions just because they don’t have a more efficient tool to sort out people they disagree with?
What I am saying is, all information that is technically available will be collected and analysed. Better make a public and open platform showing everything, such that everyone can see exactly what can be collected and surmised from the already public information, than to keep users blind from what information they actually leak publically.
I’m very curious to see how (actual) websites / ways to access this data will change how Lemmy not only deals with this as a potential security issue, but how it will change the culture of Lemmy and they way people interact on here
Obviously I’m concerned with the ramifications as well, but I’m also very intrigued how things will go
I think it would be good to have some kind of a concept of “trust levels” between federated instances where the default level isn’t full trust. Then the amount of information that gets shared depends on the trust level.
Things these days should be designed with the fact that there’s bad actors out there, some driven purely by greed, some driven to specifically cause problems either for individuals (trolls) or society in general (troll farms). And it isn’t always clear who is who.
Nope, it’s an absolute nightmare. The post basically outlines how you could feasibly exploit data across a majority of the Lemmy network without much effort at all.
With a bit more effort you could also link the Lemmy accounts to the users email, as becoming an admin is as simple as hosting your own instance and getting users to join.
Boom you have a business case of profiling people on Lemmy and selling those profiles to advertisers, stalkers and perverts alike.
I appreciate the illustration (and even warning) here. I predict things like this will just lead to more people having throwaway accounts. Now instead of just having throwaway accounts for posting shameful stories, you’ll also find people with their “commenting” accounts separate from their “voting” accounts.
The more I see kbin users calling people out for downvoting them, the faster I expect the votes to just become gamed instead of natural. Anything that’s used to draw attention to the way people vote will make this worse.
We’re in the early stages, but as soon as we start seeing communities that ban users based on their voting records, people will just find other ways to obscure things, which will make it even harder for instance admins to address massive misuse of the voting system.
I think the biggest concern is getting all participating instances to agree on how to handle the issue.
We’ll start to see more fragmentation of the Fediverse as different instance owners have different views on what should be done. But many of the measures to fight this will only work if all participating instances do the same, whether actively, or by using a new version of the federation standard. Some instances may think the way is to be more transparent, while others may think the way is to obscure the votes more. Now you’ll have the “transparent” fediverse and the “obscure” fediverse with fundamental disagreements with each other on the way things work.
It’s interesting times ahead. Personally, I don’t think federation is the simple answer to all our social media woes like some folks around seem to think. There’s a lot that needs to be addressed, which will be uncovered as more companies like Meta try to get in on it.
That sounds kinda fun! I would volunteer my data for science and curiosity. It reminds me of buzzfeed quizzes, I input some data and then it tells me who or what I am. It’s mildly entertaining. Perhaps it could even go as far as influencing peoples’ opinions of themselves and their worldviews.
I don’t really have a problem with this. If I did have a problem with it, it’s quite easy for me to stop using Lemmy, along with any federated platform. But I’m not going to stop buying groceries just because the data collected on my shopping habits can infer what brand of cheese I prefer and how often I eat cheese.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]
A community to talk about the Fediverse and all it’s related services using ActivityPub (Mastodon, Lemmy, KBin, etc).
If you wanted to get help with moderating your own community then head over to [email protected]!
Rules
Posts must be on topic.
Be respectful of others.
Cite the sources used for graphs and other statistics.
Nice try Zuckerberg
I don’t think that site would be problematic. After all, we’re just talking about custom interfaces to analyze public data.
A big part of the solution is that users should have an awareness that their activity is public. Every once in a while someone gets burned not knowing that anyone can view what a specific Twitter user or Instagram user liked (like politicians liking risque thirst trap photos).
Another is easy alts and throwaways, with tips to avoid correlations:
This is a public place, so people should be aware that this is a public place. That means they can still find this useful space, as with many other public places, but should be aware that the more they do on this platform, the easier it is to correlate with a real life identity.
removed by mod
Thinking about this some more, I don’t mean to put everything on the user.
The platform itself, through its design and architecture and settings, should also do stuff to make super detailed analysis more difficult:
That last point is completely impossible. Don’t forget that I don’t have to run the official lemmy software on my instance. I can make changes: for example, I can add a feature to my instance like “log every post in a separate, local database before deleting it from lemmy”. Nobody else but me will know this feature exists. Or (to be AGPL compliant) have a separate tool to regularly back up my lemmy database, undoing deletions.
As for the second point: I’d say making local votes private and non-local public will be worse for privacy due to causing confusion.
Does the instance owners read your DMs? Does Reddit read your DMs? You never really know.
Jokes on them. I already know what’s in my DMs. /j
Just post everything in public and never have to worry about it in the first place.
Nice play, I already wondered why the page does not load.
So the two biggest issues seem to be:
I’m not sure if (1) can be changed regarding the ActivityPub protocol, but I would appreciate it. There is at least a communication issue since most users probably expect votes to be anonymous.
A shallow research made me hope something like zk-SNARK could be a solution. Voters must be able to identify themselves (to revoke or change their votes later), but servers must be unable to track individual users across multiple votes. A lesser, but still desirable achievement could be to make it impossible to track individual voting behavior across multiple servers.
Agree to @[email protected] about (2). It should be possible to restrict how much of my post history others can see. On the other hand, crawlers and scrapers could still gather the data from browsing publicly available posts and comments, and reconstruct individual post histories. This would then resemble (1) again; users expecting some privacy when they actually have not.
Nothing is stopping you. Apart from laws that regulate data collection maybe. IANAL.
Even if this was real, I think it’s irrelevant. If you make a public post, then that’s what that means, it’s public. What happened to the saying that once uploaded to the internet, it’s there forever? I always thought this was common knowledge. To prevent these things, it shouldn’t be possible by design. That’s why in Lemmy and Mastodon, the fact I can click anyone’s username and see their entire post history is insane to me. Why there no option to make that private, and why the hell is it public by default?
The same people crying about possible data scraping are the same ones who see zero issue with all your profile data being completely public to any possible random internet query.
The problem is that it is not immediately clear to a user that their voting history is public as an average user cannot view that information.
Wait… the Lemmy logo is a Lemming?? I’ve spent the last 6 days thinking it was a gerbil. And this whole thing was referencing the Lemmiwinks episode of South Park.
I was told it was a lemur…
Capitalists gonna try and capitalise. I’ve seen lots of people try and create services like this for mastodon.
Great post BTW.
removed by mod
I was thinking yay that sounds like an awesome data visualization platform, that would be great. Until I got to the “just kidding” part.
You are right, all this information is readily available. And we would be really naive if we think that no one is collecting this yet.
You, or someone else, should build this, such that it is clearly visible for everyone what data is available. And not just visible to the select few who builds their own closed data mining systems.
This would be a pretty bad idea. Not only are companies going to steal all the data from that site, but its going to lead to people going through every user’s history to block people who don’t have the same “color politics” as them. Its going to lead to hyper echo chambers, even worse than other social platforms.
I think it would be better if this data is obfusicated even from instance admins. Does this present a bigger challenge in identifying malicious users? Probably, yes. However, it protects the Fediverse first and foremost from the vampire companies stealing consumer data, and protects the Fediverse from becoming the loudest echo chamber on the planet.
Differing opinions, viewpoints, and politics are important to genuine discussion. These “color politics” don’t have to even be part of the discussion to influence what people say. I don’t know about you, but being in a thread where people only ever agree with me and offer no alternative ideas is not a place I want to spend a lot of time in. Because who knows, maybe my ideas are wrong, and I might (shudder), change my mind.
Hey, I completely agree with you, in that the most interesting discussions are among groups where I don’t agree with everyone. This is where I learn and grow as a person.
But in saying that, aren’t you also saying that some people, like you and me, would not use such a database to filter out the users we do not agree with?
And would it not be a logical conclusion to make, that people who likes to build and stay in their echo chambers, would not be more inclined to listen to different opinions just because they don’t have a more efficient tool to sort out people they disagree with?
What I am saying is, all information that is technically available will be collected and analysed. Better make a public and open platform showing everything, such that everyone can see exactly what can be collected and surmised from the already public information, than to keep users blind from what information they actually leak publically.
Hey, I completely agree with you, in that the most interesting discussions are among groups where I don’t agree with everyone. This is where I learn and grow as a person.
But in saying that, aren’t you also saying that some people, like you and me, would not use such a database to filter out the users we do not agree with?
And would it not be a logical conclusion to make, that people who likes to build and stay in their echo chambers, would not be more inclined to listen to different opinions just because they don’t have a more efficient tool to sort out people they disagree with?
What I am saying is, all information that is technically available will be collected and analysed. Better make a public and open platform showing everything, such that everyone can see exactly what can be collected and surmised from the already public information, than to keep users blind from what information they actually leak publically.
I’m very curious to see how (actual) websites / ways to access this data will change how Lemmy not only deals with this as a potential security issue, but how it will change the culture of Lemmy and they way people interact on here
Obviously I’m concerned with the ramifications as well, but I’m also very intrigued how things will go
I think it would be good to have some kind of a concept of “trust levels” between federated instances where the default level isn’t full trust. Then the amount of information that gets shared depends on the trust level.
Things these days should be designed with the fact that there’s bad actors out there, some driven purely by greed, some driven to specifically cause problems either for individuals (trolls) or society in general (troll farms). And it isn’t always clear who is who.
Yeah, trust is a critical part of socializing
I’m a data nerd even though I’m still noob so this sounds amazing
Nope, it’s an absolute nightmare. The post basically outlines how you could feasibly exploit data across a majority of the Lemmy network without much effort at all.
With a bit more effort you could also link the Lemmy accounts to the users email, as becoming an admin is as simple as hosting your own instance and getting users to join.
Boom you have a business case of profiling people on Lemmy and selling those profiles to advertisers, stalkers and perverts alike.
removed by mod
That’s a fucking cute as hell illustration. I’d wear that
removed by mod
I appreciate the illustration (and even warning) here. I predict things like this will just lead to more people having throwaway accounts. Now instead of just having throwaway accounts for posting shameful stories, you’ll also find people with their “commenting” accounts separate from their “voting” accounts.
The more I see kbin users calling people out for downvoting them, the faster I expect the votes to just become gamed instead of natural. Anything that’s used to draw attention to the way people vote will make this worse.
We’re in the early stages, but as soon as we start seeing communities that ban users based on their voting records, people will just find other ways to obscure things, which will make it even harder for instance admins to address massive misuse of the voting system.
removed by mod
I think the biggest concern is getting all participating instances to agree on how to handle the issue.
We’ll start to see more fragmentation of the Fediverse as different instance owners have different views on what should be done. But many of the measures to fight this will only work if all participating instances do the same, whether actively, or by using a new version of the federation standard. Some instances may think the way is to be more transparent, while others may think the way is to obscure the votes more. Now you’ll have the “transparent” fediverse and the “obscure” fediverse with fundamental disagreements with each other on the way things work.
It’s interesting times ahead. Personally, I don’t think federation is the simple answer to all our social media woes like some folks around seem to think. There’s a lot that needs to be addressed, which will be uncovered as more companies like Meta try to get in on it.
That sounds kinda fun! I would volunteer my data for science and curiosity. It reminds me of buzzfeed quizzes, I input some data and then it tells me who or what I am. It’s mildly entertaining. Perhaps it could even go as far as influencing peoples’ opinions of themselves and their worldviews.
I don’t really have a problem with this. If I did have a problem with it, it’s quite easy for me to stop using Lemmy, along with any federated platform. But I’m not going to stop buying groceries just because the data collected on my shopping habits can infer what brand of cheese I prefer and how often I eat cheese.