What’s stopping me from doing this? Here we go:
I’m going to start an instance and federate with everyone who will allow it, which is most instances including this one, I believe.
Then I’m going to feed all that data into my new website, called Open Lemmy Stats, where anyone can query the user data ive accumulated. The homepage will be ripe with insights, leaderboards and all kinds of data on prolific users.
Additionally, I’ll display a snapshot/profile of a random user by feeding that users data to GPT4 to make inferences about the user’s political affiliations and display the results.
Worst of all, I’m not going to out my instance for everyone to know it as the one to defederate. In fact, I’m spinning up a few instances that will host innocuous communities that I plan to mod and support to give my instances cover for their true purpose: redundant fediverse datastreams for my site, Open Lemmy Stats.
I’ll also have a store where anyone can buy my collected fediverse data for a handsome sum.
Just kidding I’m not doing any of this. But someone absolutely will or already is working on it. They’ll make a good bit of money too, I’d bet.
This is inspired by a recent post on youshouldknow@lemmy.world where someone highlighted what kind of data instance admins have access to, even for users not on their instance.
I wanted to share this to start a discussion that I find interesting. I’m interested in your thoughts, or to hear more on why this may or may not be possible and if it is, maybe some ideas how to fix that? because obviously such a site would be problematic, but no doubt popular for oh so many reasons.
Edit: typo, I called admins adminis. Corrected.
Edit 2: wanted to credit the post I was referencing from YSK, here it is - https://lemmy.world/post/1033769
Nice play, I already wondered why the page does not load.
So the two biggest issues seem to be:
I’m not sure if (1) can be changed regarding the ActivityPub protocol, but I would appreciate it. There is at least a communication issue since most users probably expect votes to be anonymous.
A shallow research made me hope something like zk-SNARK could be a solution. Voters must be able to identify themselves (to revoke or change their votes later), but servers must be unable to track individual users across multiple votes. A lesser, but still desirable achievement could be to make it impossible to track individual voting behavior across multiple servers.
Agree to @mojo@lemm.ee about (2). It should be possible to restrict how much of my post history others can see. On the other hand, crawlers and scrapers could still gather the data from browsing publicly available posts and comments, and reconstruct individual post histories. This would then resemble (1) again; users expecting some privacy when they actually have not.
I’d go the other way: make these things officially public, so people know they are, and then aren’t taken by surprise.
Private voting can be tricky in a federated setting, because I could have a malicious instance that boosts my posts (I can have it with public votes too, but then it’s easier to detect). Truly private posting history is outright impossible, as you said, due to crawlers.
The way to privacy is to make sure not to dox your account, perhaps alternate 2-3 accounts if it’s really important to you.
This has a lot going for it. Simple to implement and to understand. Not much potential for bugs, and not much potential for damage in case of bugs.
I still don’t like it. Not sure how much of that is ‘being used to / habits’, and how much is actual value worth striving for.
Feels like rationally there is a clear winner, but I still have to come to terms with it in acceptance. Good on OP to open this discussion.
I think it has a lot of value. I don’t really see the point of anonymous upvotes in the first place.
I am with you. We could just make all the votes public. I don’t see why votes are worse than comments? Or maybe I misunderstood everyone, but ppl talk like it is. It is good to inform everyone so they know. Many needs to learn how to surf the net. Also I think if ppl feel more responsible will they also act with care
I can imagine a hacky way to anonymise voting would be to have a pool of fake user accounts on your instance. When someone on the instance clicks to up/downvote, a random fake account is used to make the vote instead. This would then kind of work like a vote tumbler and keep the voting anonymous but still work with activity pub.
Maybe activitypub is actually a bit crap and we should all be using something better like nostr though?
From what I understand kbin’s interface shows who upvotes/downvotes