It’d be a “vulnerability” of anything public. There’s nothing stopping me from building a bot that pulls posts/threads from any instance and storing all the comments, their owners, the posts and their owners, yadda yadda.
I suspect the up/downvotes are “private” but on any instance, the owners will have access to that. I can’t imagine all the data is encrypted at rest by default. But, don’t take my word on that as I haven’t read any of the specs. But, I’m pretty sure we’re just looking at the protocol, not the implementation with regards to how a federated instance works.
So, same precautions as anywhere else really. Your data that’s public WILL be tracked by someone and Meta is a damn likely culprit who absolutely would do that. I’m a total privacy nerd myself, but you’d be amazed at the things I want to track at work related to what/how/why people use the tools I work on. Granted, it’s 100% exclusively used to improve user experience, weed out bugs, and see what is used most frequently to focus on that stuff. But if it can be tracked, somebody is tracking it.
I like it when various programs at least ask before invasively scraping my data. If asked, I’ll often say yes because I want to help the developers, but when it’s silent and in the background I have no control and I don’t like that
1000% agree. This is how it should be done. And not hidden away somewhere deep. There are legit reasons for in depth tracking, but when used for advertising or something other than improving the user’s experience, count me out.
It’d be a “vulnerability” of anything public. There’s nothing stopping me from building a bot that pulls posts/threads from any instance and storing all the comments, their owners, the posts and their owners, yadda yadda.
I suspect the up/downvotes are “private” but on any instance, the owners will have access to that. I can’t imagine all the data is encrypted at rest by default. But, don’t take my word on that as I haven’t read any of the specs. But, I’m pretty sure we’re just looking at the protocol, not the implementation with regards to how a federated instance works.
So, same precautions as anywhere else really. Your data that’s public WILL be tracked by someone and Meta is a damn likely culprit who absolutely would do that. I’m a total privacy nerd myself, but you’d be amazed at the things I want to track at work related to what/how/why people use the tools I work on. Granted, it’s 100% exclusively used to improve user experience, weed out bugs, and see what is used most frequently to focus on that stuff. But if it can be tracked, somebody is tracking it.
I like it when various programs at least ask before invasively scraping my data. If asked, I’ll often say yes because I want to help the developers, but when it’s silent and in the background I have no control and I don’t like that
1000% agree. This is how it should be done. And not hidden away somewhere deep. There are legit reasons for in depth tracking, but when used for advertising or something other than improving the user’s experience, count me out.