Update: Thanks mateys for participating! Our instance was really split down the middle on this vote - 49% in favour, 51% against.
After reading all the comments, it honestly seems unlikely to me that private voting will ever be a viable option for Lemmy in any meaningful way, because voting data gets federated out all across the fediverse, so I think on balance the best way forward is just to accept that reality and work under the assumption all votes are public. At least then nobody is lulled into a false sense of security.
Having said that there's an argument to be made for both sides and I don't think there's a "right" answer necessarily. Its more down to personal preference about whether you want/expect private (to the users) voting, or you want to embrace public voting. But until Lemmy can guarantee the privacy of user votes then simply pretending they are private seems like the worst of both worlds.
We might revisit the topic of public/private voting again down the road if Lemmy's developers provide privacy enhancements in that area though.
Cheers, Unruffled.
Hi again mateys!
As most of you are probably aware, since the development of Lemvotes Lemmy votes are no longer private for users.
The way lemvotes works right now afaik, is it uses an admin level account to collect voting data from all federated instances, thus enabling the identification of every voter. This method effectively bypasses the guardrails the developers put in place to keep this info more restricted.
However, the developer of lemvotes has recently developed an "opt out" for instances that don't want their user data collected in this way. So now we have a choice of whether or not to continue. For total transparency, I asked the developer to create an opt out because I wanted to give our users the option to choose that path without defederating from the lemvotes instance.
I think there are (at least) two schools of thought on this topic, which I will attempt to succinctly summarize below:
-
Votes should be kept private to users as they were only ever meant to be viewable by instance admins. Making votes public to everyone via lemvotes, when users have a reasonable expectation of privacy when it comes to voting, is a betrayal of user trust. It also leads to arguments and a lot of unnecessary drama, caused by users trawling though each others' vote histories.
-
It's good that voting is transparent and that users have the same tools available as admins to conduct their own investigations into other users. This creates a level playing field and helps hold everyone accountable for their voting patterns.
So now you have some of the context, I'd like to ask our community what are your thoughts on lemvotes... is it a social good or a bad idea?
Personally, I quite like it from an admin perspective - it's a handy tool, and a pretty cool project. But I also have an expectation (mainly from other forms of social media) that users' votes should be kept private from other users, so I still think it's problematic from that perspective.
Proposal: To opt out of lemvotes, so that our users' voting data is kept (at least somewhat) private.
- To vote FOR the proposal to succeed, upvote the post.
- To vote AGAINST the proposal, downvote the post.
This will be a simple majority vote. Similar to the last governance topic, I have no clue what the instance sentiment is towards lemvotes, so let's find out! Feel free to add your comments below.
I support it but it feels pointless given it's just trying to treat symptoms and not the core issue which is the ability to get them in the first place. I don't think that there's even any good solution for that given the decentralised nature of the fediverse which sucks.
It is complicated but possible.
You can anonymize votes, peertube is doing something like that.
I can imagine even more complicated systems that limit the instances with that info to 2-3, a number small enough to make it plausible no leaks happen, while still making it very hard to fake votes with a malicious server.
Interesting, is it actual anonymity or just static obfuscation where after simple data analysis you'd be able to tie all past and future data to the user moving forward? Do you have the source for that? I have issues finding anything despite trying out different keywords.