- cross-posted to:
- foss@beehaw.org
- cross-posted to:
- foss@beehaw.org
Federated services have always had privacy issues but I expected Lemmy would have the fewest, but it’s visibly worse for privacy than even Reddit.
- Deleted comments remain on the server but hidden to non-admins, the username remains visible
- Deleted account usernames remain visible too
- Anything remains visible on federated servers!
- When you delete your account, media does not get deleted on any server
Allow me to pick your example apart a bit.
That’s not what is demanded. No one demands that the audience (users) forget what I said (the comment), much less: immediately. No one is asking for mind-erasing power or the ability to remove screenshots from other people’s client devices.
Now, that is where the actual demands come into play: As you pointed out, it is reasonable to demand that the bar deletes any recording of what I said on stage. But the way the footage is shared with the other bars can be regulated via a protocol. In your analogy, it’s like the other bars copy tapes from the original bar and show them at their place. Now, implementing a procedure of “delete that tape, please” is not impossible. In fact, it already works on Mastodon. If a bar doesn’t comply, it simply wont get any tapes from the other bars (it gets defederated).
AFAIK, there is already such a feature planned on github. Which is great. But that is exactly the reason why these things need to be brought up and “privacy realism” is counterproductive.
Well, that why it is an analogy; the forgetting is equivalent to erasing from someone else’s storage. You have no real control over it. Other people can say they do, but you don’t know that. And that is what is being demanded - right now I can already “delete” my comments and Beehaw will indicate to other instances that it was deleted, but it can’t control whether they do it, and it has no way to know if they really deleted something or just hid it from public view.
Differentiating between a client and a provider becomes extra tricky when you remember everyone can start up their own instance and still be essentially just a client - and, I think this is also worth mentioning, people can create their own backends that also federate using ActivityPub, but which are not open-source, and you’ll have no idea what goes on in their servers. In the bar analogy, this would be people watching a stream of the mic at home; or another place, other than a bar with the same set-up, streaming and recording what goes on in that bar.
Also, if no one is demanding that things be deleted from client devices, then logically nothing should stop someone from sharing it with other people/clients. And if you believe otherwise, then as example: what if someone posts a comment, I reply, and then they edit it to put me in a bad light? Is it an invasion of privacy for me to show what it said previously?
This is not a privacy issue; you cannot demand privacy for something you shared willingly and publicly.
Respectfully, I find it more counterproductive, and even harmful, to encourage and spread the idea that people should have any expectation of privacy regarding things they have shared publicly.
With all due respect: I think your analogy made a strawman of what was originally demanded.
Originally, several less-than-ideal “privacy” (or whatever you call it) issues were pointed out.
No one demanded perfect privacy like with E2EE messengers, but rather: sensible protocol implementation of deletions.
No one is demanding that people shouldn’t be able to scrape stuff from the internet.
Still: There is a possibility of doing everything in your power to delete stuff that’s supposed to be deleted when you’re a developer.
And they actually do implement this stuff. That is why it is important to point these things out! The squeaky wheel gets the grease, as they say. Or is this issue counterproductive too, because it gives people the illusion that you can delete things on the internet?
If you think that “privacy” is the wrong term: granted. But sensible deletion protocols are not too much to ask for.
Well, that is in a nutshell what I am arguing. I’m not inherently against the ability to delete things, as it can be quite useful as a quick means to say “I take this back”, or “this information I shared is wrong, so I’m removing it” (although in that case I would opt to use an edit). Even “I’m embarrassed about this, so I don’t want more people to look at it” is a good enough reason that I would respect, and for which I would delete the thing if it was in my possession. Essentially, I just don’t think it should be treated as a privacy issue, because that might give a lot of people the wrong idea.
Ok, so I guess it’s a semantics issue then.
Thank you for a more productive conversation than any of the ones I’ve had on twitter. Take care.
Wholesome award 🐻