this post was submitted on 02 Aug 2025
150 points (70.4% liked)

/0 Governance

261 readers
34 users here now

A community for discussion and democratic decision making in the Divisions by zero.

Anyone with voting rights can open a governance thread and initiate a vote or a discussion. There's no special keywords you must be aware of before you open a thread, but there are some. here's the governance thread manual.

Answers

founded 6 months ago
MODERATORS
div0@lemmy.dbzer0.com
db0@lemmy.dbzer0.com
150
Should we opt out of Lemvotes? (lemmy.dbzer0.com)
submitted 4 days ago by Flatworm7591@lemmy.dbzer0.com to c/div0_governance@lemmy.dbzer0.com
231 comments fedilink hide all child comments
 

Hi again mateys!

As most of you are probably aware, since the development of Lemvotes Lemmy votes are no longer private for users.

The way lemvotes works right now afaik, is it uses an admin level account to collect voting data from all federated instances, thus enabling the identification of every voter. This method effectively bypasses the guardrails the developers put in place to keep this info more restricted.

However, the developer of lemvotes has recently developed an "opt out" for instances that don't want their user data collected in this way. So now we have a choice of whether or not to continue. For total transparency, I asked the developer to create an opt out because I wanted to give our users the option to choose that path without defederating from the lemvotes instance.

I think there are (at least) two schools of thought on this topic, which I will attempt to succinctly summarize below:

  1. Votes should be kept private to users as they were only ever meant to be viewable by instance admins. Making votes public to everyone via lemvotes, when users have a reasonable expectation of privacy when it comes to voting, is a betrayal of user trust. It also leads to arguments and a lot of unnecessary drama, caused by users trawling though each others' vote histories.

  2. It's good that voting is transparent and that users have the same tools available as admins to conduct their own investigations into other users. This creates a level playing field and helps hold everyone accountable for their voting patterns.

So now you have some of the context, I'd like to ask our community what are your thoughts on lemvotes... is it a social good or a bad idea?

Personally, I quite like it from an admin perspective - it's a handy tool, and a pretty cool project. But I also have an expectation (mainly from other forms of social media) that users' votes should be kept private from other users, so I still think it's problematic from that perspective.

Proposal: To opt out of lemvotes, so that our users' voting data is kept (at least somewhat) private.

  • To vote FOR the proposal to succeed, upvote the post.
  • To vote AGAINST the proposal, downvote the post.

This will be a simple majority vote. Similar to the last governance topic, I have no clue what the instance sentiment is towards lemvotes, so let's find out! Feel free to add your comments below.

(page 2) 50 comments
sorted by: hot top controversial new old
[–] UnrefinedChihuahua@lemmy.dbzer0.com 5 points 2 days ago (7 children)

Is the div0 bot broken right now?

load more comments (6 replies)
[–] hendu@lemmy.dbzer0.com 74 points 4 days ago (1 children)

I don't see much point in opting out. The data will still be available to anyone who spins up an instance, and this could lead to a big game of whack-a-mole.

Better would be to push the Lemmy devs to find a universal solution.

load more comments (1 replies)
[–] anarchiddy@lemmy.dbzer0.com 11 points 3 days ago (1 children)

Against.

A harder question for me is whether or not to get rid of public downvotes altogether. I think most interactions would be less hostile without the downvote option at all.

[–] jwmgregory@lemmy.dbzer0.com 23 points 3 days ago (1 children)

This data isn’t private in the first place. What point is there in opting out of a pinhole when niagara is right there?

load more comments (1 replies)
[–] veniasilente@lemmy.dbzer0.com 14 points 3 days ago (1 children)

Against.

Pretty much eeveeryone have clarified the good reasons Against already, and I share most of them. The one that I want to emphasize more is that regarding this point:

But I also have an expectation (mainly from other forms of social media) [...]

Half the point of lemmy is that it's not like other forms of social media, at least the big ones. This is not Twitter where we know already everyone is nazis, or Reddit where people can just brigand and go bomb-review software projects or stuff like that with impunity. The other half is that it's federated and public. That, by nature, has to somehow include the votes.

We're on lemmy. Let's own it.

[–] Agosagror@lemmy.dbzer0.com 7 points 2 days ago (1 children)

Against.

[–] NotANumber@lemmy.dbzer0.com 15 points 3 days ago (1 children)

Against

This information is already public. Something like kbin or mbin which already shows votes could theoretically be used to show them for any federated instances anyway. It's pointless trying to obscure this information as it's not actually protected in a technical manor. If you didn't want this information public you chose the wrong platform.

[–] misteloct@lemmy.dbzer0.com 16 points 3 days ago* (last edited 3 days ago) (1 children)

Against. Your comment history is even easier to access and it's usually much more sensitive. If you really care about anonymity you need a stronger method.

Downvotes are not a slap in the face. They're the social equivalent of "hey, I disagree with your content or tone". Really it's not a big deal to me if they're public. I've downvoted by accident, or changed my mind before and upvoted later.

Now if you're talking about lemips, a list of user's ip addresses, that's a different story.

[–] wizardbeard@lemmy.dbzer0.com 25 points 3 days ago* (last edited 1 day ago) (4 children)

Against. ~~As Lena has indicated, this does not require spinning up a full instance and admin account, but just to spin up a copy of LemVotes, which is open source. Easier than that, I've also read that votes are available without admin rights through queries to the Lemmy API. Even easier,~~ the votes are also already public through the *bins and friendica.

EDIT: Lena has clarified that Lemvotes does depend on having a Lemmy instance, and that votes are only available through API to admins.

I understand the use of having a small hurdle to dissuade people, I regularly build them into my scripts at work so people can't accidentally break shit with them. But my point is, removing our instance from LemVotes does not raise that hurdle to any significant degree.

This is a core limitation of ActivityPub. Votes must be sent with username attached for federation to work properly. The data is already out there. Any ActivityPub system that doesn't make them public is just doing so on the front end. It's set dressing, not actual voting privacy.

I don't like that it works this way, but I've chosen to accept it as the cost to be part of the Fediverse, to be uncensorable.

If you want privacy, the path is the same it always has been: rotate accounts regularly.

As far as I'm aware, the only true workaround is in piefed (I think it's piefed at least) where a hidden account with a randomized name is created with your real account, and the hidden one's name is attached to your votes instead of the real account. So it would require your own instance admin to see the link in vote and identity. Or basic levels of observation skills to connect the person posting negative replies is the random username also downvoting.

I also don't like the idea of even being able to opt out. It creates an entirely false sense of security and privacy, and could be seen as a signal that our instance doesn't intend to participate in the wider fediverse transparently and in good faith.

load more comments (4 replies)
[–] irelephant@lemmy.dbzer0.com 23 points 3 days ago (1 children)

I think that opting out only makes it harder to find out who voted what, I can still find out who voted what by opening a post in friendica (though it misses a good bit of info).

Giving users the illusion that their votes are private is dangerous.

load more comments (1 replies)
[–] naevaTheRat@lemmy.dbzer0.com 46 points 4 days ago* (last edited 4 days ago) (1 children)

Votes are public though, pretending that they're not is just deceiving users.

Anyone who admins a federated instance, and any of their friends, knows vote counts.

But I also have an expectation (mainly from other forms of social media) that users’ votes should be kept private from other users

This is literally just reddit and hackernews, some of the worst and most astro-turfed socmed. Twitter post nazification too I guess.

load more comments (1 replies)
[–] hemko@lemmy.dbzer0.com 13 points 3 days ago (1 children)

I doubt there's any practical way to keep votes 100% private, there's always a workaround. Playing whack a mole on this stupid little thing is not worth it

[–] jatone@lemmy.dbzer0.com 3 points 2 days ago (1 children)

In favor: activity pub shouldn't have votes from my perspective.

[–] Emma_Gold_Man@lemmy.dbzer0.com 15 points 3 days ago (1 children)

Against.

An illusion of privacy is dangerous. If voting isn't anonymous (it isn't, and wouldn't be after an opt-out) then it's better for users to know that and act accordingly.

load more comments (1 replies)
[–] a_wild_mimic_appears@lemmy.dbzer0.com 16 points 3 days ago* (last edited 3 days ago) (1 children)

I'm for the opt-out. I am aware of the fact that anyone who has looked into the subject knows that it's easy to get that info, but there's a difference between "I need to actually put a small amount of effort into it" vs. "I just copy the URL". If someone wants to look it up and jumps through the hoops, that's fine by me, but it shouldn't be an everyday thing.

I personally vote on nearly every post and comment i read, and even tho i don't want to push any agenda or discriminate any user, someone who i perceive as a bad actor or who regularly comments stuff that screams "i need to touch grass" might construe (wrongly) that i target them. Tbh, most of the time i don't look at the username when voting.

(but it is pretty interesting that i have submitted around 71000 votes since the API reddit exodus lol)

load more comments (1 replies)
[–] laserjet@lemmy.dbzer0.com 7 points 3 days ago (1 children)

IN FAVOR OF OPTING OUT

Public voting is one of my least favorite features of lemmy/threadiverse.

I don't know if it's possible to have a federated network where votes are totally private but it would be a strong preference for me. I thought there were already some tools instances could use to protect their users privacy?

If it is implausible to totally obscure it, then I think we need more user controls to avoid accidentally voting for something that leaves a breadcrumb trail about you. Such as reminding new users their votes are public, having an easy way to see overview of all your own votes, option to remove the vote buttons from the UI, being able to unvote all your past votes (which would still be imperfect of course).

[–] SadSadSatellite@lemmy.dbzer0.com 26 points 4 days ago (2 children)

I don't want lemvotes. It sounds like some real reddit shit and it's a terribly dumb word. Not to mention I want less tracking and more anonymity on the internet in general.

[–] Redjard@lemmy.dbzer0.com 24 points 4 days ago* (last edited 4 days ago) (3 children)

This is not going to give anonymity, it at worst gives an increased false sense of anonymity.
Not only could others spin up more copies of lemvotes, last time I checked every mbin instance shows that info freely.

For what I'm concerned this proposal would merely make looking up votes slightly less convenient.

Edit: Yep, mbin still shows votes, no login required: Example

load more comments (3 replies)
load more comments (1 replies)
[–] Cethin@lemmy.zip 9 points 3 days ago (1 children)

In my opinion, it's a good thing. Anyone wanting the information for nefarious purposes only needs to spin up their own instance and they get it. This just gives the tools to everyone easily.

I think the illusion that votes are private should be crushed, because they aren't and you should be aware of that.

[–] young_broccoli@lemmy.dbzer0.com 10 points 3 days ago (7 children)

Against. Votes being public makes me vote better. It stops me from angrily downvoting stuff I dont like when im in a bad mood.

load more comments (7 replies)
[–] chicken@lemmy.dbzer0.com 15 points 3 days ago* (last edited 3 days ago) (1 children)

I dislike the comments I sometimes see which threaten people downvoting certain things and imply that the only possible reason anyone would downvote is because they are and that they will be stalked and shunned for doing so. I see these kinds of comments in situations where something probably got downvoted because the person was being an asshole or an idiot rather than because downvoters are on the opposite side of their ideology or hateful. So it's like they want to prevent criticism through chilling effects and bullying. I get that it's tough to see that people don't like what you have to say, and that sometimes this is not useful information, but that's what options to hide vote scores are good for, just cut yourself off from this information if you can't engage with it in a healthy way or acknowledge that you might not understand the unstated thoughts of the people clicking up or down.

Even if it is not ultimately concealable information, I think this kind of measure is good because it at least sends a message that toxic vote stalking is disapproved of.

load more comments (1 replies)
load more comments
view more: ‹ prev next ›