Remote View

5mo ago

Lemmy devs are considering making all votes public - have your say

github.com [Discussion] Should votes be displayed publicly? · Issue #4967 · LemmyNet/lemmy

Question I'd like to hear everyone's thoughts on possibly making votes public. This has been discussed in a lot of other issues, but here's a dedicated one for discussion. Positives Could help figh...

Probably better to post in the github issue rather than replying here.

https://github.com/LemmyNet/lemmy/issues/4967

askchapo @hexbear.net

Lemmy devs are looking to make votes public. Thoughts?

github.com /LemmyNet/lemmy/issues/4967

118 138

847 comments

Hard no from me
I don't want some nutjob with too much time stalking me because I upvoted something about climate change or downvoted some bigoted shit. We all know those fuckos are out there
Voting on Reddit-like platforms is soft moderation by a community, and if you disincentive that, the whole model kinda falls apart IMO
- Your votes are already public. It’s a matter of (a) do we want to make it slightly easier for the people who aren’t technically inclined to see them too (b) do we want people acting with the awareness that they’re public.
  (a) doesn’t have a clear answer to me. The answer to (b), though, is clearly yes.
  
  Your votes are already public.
  People say this all the time, but it's not really the case.
  I don't think privacy is a binary thing that one either has or does not - there are degrees of privacy. Currently what we have is mostly private, requiring either technical skill or admin access to circumvent. This is a pretty high bar which 99% of people would not be able to reach. You're proposing removing the bar entirely because it is not high enough.
  
  (b) will just lead to fewer up and down votes, i.e. less engagement. That in turn could lead to slowly bleeding out.
  
  I would like a c) where my instances collects all the votes on the post, and then transmits an anonymized aggregate.
  
  My votes on piefed are not public. This dev took the obvious idea of a dedicated voting agent and implemented it in about 48 hours.
- I agree with you. I remember arguing about this a year ago when people first discovered votes were public on Kbin. I don't want to obsess over who up- or downvoted me and I don't want anyone else doing that either. Discussions are healthier when voting is anonymous (or at least obscured as is currently the case).
  If bots become such an overwhelming problem that all regular users need access to voting records to better report all the bots I'll maybe revisit my stance. But right now the gains seem dubious.
- Yep. Same for me.
- Mod-admins are already doing this, even if you vote and don't comment on something.
- If they're a serial downvoter, then it's easier for you to track them and block them as well. Double edged sword i think
  
  I thought blocks were one way - you can't see anything from the person you blocked, but they can still see your stuff?
  
  I downvoted SO much more on Reddit than I do here. The comment quality here is leagues better.
  
  That's why I'd like it.
- It's already public, it's just lemmy users who don't see them.
- Isn't the obvious thing to just have it be an option that admins can enable or disable? Maybe have a third option for only showing upvotes? Then it's up to each instance to decide, and users can decide to go to instances with the option their prefer.
- What might be interesting would be to have it displayed, but grouped by instance. That way we could see some data and potentially uncover troll instances or attempts to brigade the conversation without opening ourselves up to personal attacks.
- I don’t want some nutjob with too much time stalking me because I upvoted something about climate change or downvoted some bigoted shit.
  They can read your comment history why would you care about them being able to see what you upvoted?
  Voting on Reddit-like platforms is soft moderation by a community, and if you disincentive that,
  How does that disincentive it? It actually makes it better
  
  I specifically don't comment on people that give off the vibe they might be one of those kind of nutjobs, precisely because it gives them a notification with my username attached if I do. I'm on this site to kill some time with low effort, I want to minimise the risk of attracting the attention of some weirdo.
  I downvote in those scenarios and then report if appropriate. If enough other users feel the same way the comment goes down to the bottom of the thread and fewer users see it. Especially if it's something that a mod eventually removes, as it reduces the reach until a mod can get to it.
  If I risk retaliation for doing that, I (and others) will just stop, meaning those comments stay up front & centre and we lose that soft moderation plus that engagement in general. Going into the comments will just end up being a worse experience
- I don’t want some nutjob with too much time stalking me because I upvoted something about climate change or downvoted some bigoted shit. We all know those fuckos are out there
  I'm dealing with one right now! lol It's crazy.
  
  You don't even have serial downvoters. You have a few comments without many downvotes. You just consistently post the worst possible political pisstakes repeatedly and constantly and nobody likes them when they run across it every time.

No, votes should not be displayed public.
Blocking those who downvote creates further polarisation, echo chambers and an environment more hostile to discussion and honest exchange.
Following those who upvote creates personality cults and nepotism and devalues the content.
- environment more hostile to discussion and honest exchange.
  "Voting" and "discussion" are separate things. The old forums did not have voting but still had polarization, personal attacks, hellthreads, etc.
  The problem is that Reddit/Facebook turned "voting" from a tool meant to measure "quality" (e.g, this post is relevant to the community, this comment does not add to the discussion) into a tool to measure "popularity" (I agree with this, so I vote up. I don't like this, so I downvote).
  Either get rid of voting altogether, or let's bring back a culture where "votes" are meant to signal quality.
  
  Redditors did that, rather than reddit I'd argue. Still the same result of becoming a far less useful heuristic though.
  Not really sure how to "fix" a system like that, which depends on the masses to do something correctly. They... don't.
  
  (Score: 5, Insightful)
- Maybe the upvotes should only be available to the person who owns the comment or post. Maybe to the mods and admins, too?
- Same idiots playing games with each others in the open is better than bots and manipulation going on behind the scenes.

Do not make votes public. It will lead to personal attacks.
- They're already public if you look via kbin or run your own instance.
- The experience of kbin and mbin users say otherwise, however.
  
  I guess all 6 of them can be trusted. Lol
  
  Because the fediverse isn't as big as you think it is and so the number of crazies aren't a problem yet.
  
  It leads to an even bigger echo chamber, people with unpopular opinions will get ostracized not just for their comments, but even for their voting. There's a reason why any real democracy has secret votes.
- Vote in good faith and if someone attacks you they will be on the wrong side
- Enabling retaliation disincentivizes personal attacks

I think people misunderstand. I too would prefer privacy, but theres a big BUT.
Due to how the federation works, anyone who is tech savvy enough can already see votes. One way is to run an instance.
This change doesn't lower privacy, it aligns expectations with reality. A false sense of privacy, which people obviously show here in the comments, is way more dangerous.
- I accept if a dozen people can see my votes.
  That's not what you're saying.
  Ultimately I'm not invested in this decision. If the instance wants to watch people vote then people stop voting truly or at all.
  
  Except, if you're using anything other than Lemmy at this point that information is already about. The Likes/Dislikes are considered public information by the protocol. Lemmy devs probably just didn't get around to building out the UI for that before the Reddit APIcolypse.
- I read about that. In my opinion is that what should change, if possible. There are good reasons why votes a secret in democracies.
  
  That would be great. I'm not sure how to solve the problems that arises though. If i can send an anonymous vote to an instance, what stops me from sending 100?
  Maybe there's some smart cryptographical solution here that alludes me, but it seems hard, if possible.
  
  Then again, private votes would be private for mods and admins too. So no more moderating vote brigading or downvote abuse or anything like that.
  
  There are good reasons why votes a secret in democracies.
  Because voters only receive a voting ballot after they identify themselves as a real citizen with a real passport?
  
  Even on github they are public. Lol
- If this is a hard requirement for federation, then I guess federated services are not for me, as I value my privacy more than I care to use them.

I think it's a bad idea. It's just going to start harassment and witch hunts when someone gets a downvote they don't like. Stalking is going to be a thing, people are going to aggregate all the votes you've done to make assumptions about you to then bully you. Once public, sources outside Lemmy will start gathering and cross referencing data about you.
In the US, when you vote, the vote is private to protect the person. Making votes public will only empower those that would abuse it. It very well could end Lemmy due to massive bulling, harassment, and the decline of activity.

Boy oh boy, it sure is a mystery why democracies have people vote privately

The last thing I need is people knowing I upvoted a nsfw post, so nope thanks.
- Found the one guy who watches porn!
  
  that sick bastard
- Most clients make having multiple accounts super easy.
  Not that I'd know anything about that 🫣
- But they know already, if they are on mbin or run their own instance.
- mbin users can see that right now.
  
  how?
- Own your kinks.
  \ And in turn teach not to kink shame.
  Be a voice of change for the kind in this hateful world.

I rather not. If it does happen, I’ll just rss Lemmy and stop using my account. I like Lemmy the way it is because there’s not much focus on votes and more on actual discussion.
- Every single one of your upvotes on lemmy is already public due to how the protocol works, it's just currently obscured by a bit of work to get them (have to run your own instance, assuming there already isn't some online tool to easily look them up)
  Making them publicly and easily visible would only remove the illusion of privacy we currently have, not actually make your upvote logs less secured in any way
  
  For me, personally, it’s more about the focus of votes vs actual discussion. I’m worried it would turn the tides and make people much more focused on the votes than actual discussion. It might make it echo chamber-ish.
  I recently disabled showing votes on my side (through Voyager app). Even if I get downvoted a hundred times over, if I just get a respectful discussion with links to (trustable) sources. I’m all alright with that.

Have you SEEN the drama that happens in this place? I feel like this is just asking for weird nobodies to harass anyone who quietly disagrees with them.
If this passes then I'm outta here.

I was really confused seeing this post, because I always assumed that Lemmy votes were public. Because how else are instances going to sync them? And indeed, the API exposes them completely, this change will just make it easier.
Then I was really confused when I saw so many comments being against it. A lot of "I'll leave if votes become public" in here. That's a lot of people who somehow assumed Lemmy was private. Aren't we all supposed to be Linux nerds in here?

No thank you. I've already had one person go off on me because of some perceived offense: https://lemm.ee/comment/13768482
- This is exactly what worries me about this idea.
  
  Same, that is my worry as well.

Not everyone has a github account and can comment or vote there.
But, agree. Don't think any good will come from making votes public. Any pro/con should be measured against who it benefits. If it's mods or devs, there are always alternatives
If it's end-users, consider the edge-cases and the repercussions of malicious actors having access to those individual preferences.
- tbf, github accounts are free

I'm seeing lots of comments here saying that server admins can already see vote data, and therefore it is not private.
But from my point of view, having a handful of people able to extract voting data using their position of trust on the lemmy network is very different from broadcasting voting data to everyone on lemmy. And although you can argue that it is possible to create a new server and federate and blah-blah-blah to view votes; that argument sounds to me like "don't bother locking your front door, because that type of lock can be defeated by a lock-picking tools."
And even aside from all that discussion about who can access what; there is another key point that I think is overlooked: Making voter information public makes it 'normal' thing to monitor and discuss. Currently there is an expectation that people won't look at or discuss that information (even if they hypothetically could get access). But by making it public, the expectation then is that everyone will look at that information. That would create a change in tone and meaning of votes and discussion around votes.

I would hate to have to deal with "why did you downvote me?" comments, but I'm also not sure I would have the self control to abstain from leaving such a comment myself.
I think that making vote identities easily accesible to every user runs the risk of increasing harassment and decreasing discussion quality.

This would probably escalate a lot of arguments that break out in comment sections.
- I fear this, too, but I'm not sure what that'd look like. Would people tag someone who downvoted them and act like they're entitled to an explanation? That would probably(?) earn a block from me.
  Edit: never mind, that's exactly the kind of thing that happens, it seems.
  
  I'd go for the block and move on approach as well. Nobody is entitled to an explanation.
- Happened to me just now in this very comment section! lmao
  
  Grow a spine

I don't want votes to be public, but they already are, so.
Someone can easily host a website to leak this information and people should know, instead of believing they are private

I’ve already seen admins go through the federated votes on their instance to call out anyone who disagrees with them.
I don’t have a strong opinion either way but I don’t think it will be healthy for discourse to unlock that power for everyone

I would say no. I don't want some dumbass to interogate me about why I downvotes thia and why I upvoted that.

Please No
- Every vote is recorded in activitypub and carries or else it wouldn't know you already voted. That information is public on other instances currently, so people you are responding to may have that information.
- Please Yes

Lemmy is already a privacy nightmare, in some way. There was a comment showing the screengrab of those peiple who upvoted and downvoted a post. Basically, if you self-host an instance, you'll have access to these. This can easily be weaponized by certain organizations that want to create profiling of lemmy users, e.g NSA and Intelligence agencies.

What a horrible fucking idea. You are want this place to be an even bigger echo chamber than it already is? Yes, let's allow the majority of one opinion brigade people's histories to further ostracized them!
Admins, for smart people, can be fucking idiots.
- This is why they need to make this change, right now theres a false sense of privacy. If I really wanted to see your votes right now, all I need to do is to set up my own instance.
  
  That's not necessarily a false sense of privacy if it works. There's an inconvenient barrier to searching vote history and if you do it in the current system you'd be recognized as petty at least. Easing access is not going to make Lemmy better.
  
  "All you'd need to do is set up an instance" is waaaayyyyyy more work than "all you need to do is click their profile"
- The protocol fundamentally exposes them. Absent protocol changes, if someone hasn't already, sooner or later they'll just make a website to look them up.
  
  There are many things that don't happen because nobody does them. Or should we start walking around in a bullet proof vest in case we're shot?
- Votes already are public to all server admins (I can see exactly what you voted for in communities my instance knows about).
- What a horrible fucking idea.
  Do you have a better idea to make it easier to flag bots and government propaganda?
  
  It's pretty simple for me. Privacy is a good thing, lack of privacy is a bad thing. Think of the children arguments, which your line of thinking is akin to, is not justification to remove anonymous interactions.

Absolutely not.
This will like lots of other people say start witch hunts and people will absolutely develop bots and websites which scrape all that information and classify all users based on that. Like those Reddit sites where you can search for a user and see where they are active and all that. But this will be worse.

Seems fine? Voting was, at best, only slightly anonymous anyway because other platforms that get the AP action will happily tell you exactly who did what when even if the Lemmy UI doesn't.
And, honestly, if you don't want your fake and nearly anonymous internet name associated with doing something, eh, maybe that's a sign you shouldn't do it?
- Yeah - dont upvote laydyboys unless you want all to know you like them. Its a sign you shouldnt do it.
  Also all books you lend from the library should be public knowledge. No hiding!!
  
  Also all books you lend from the library should be public knowledge.
  Terrible analogy. You can consume the post without anyone knowing. Voting is more akin to signing the guestbook.
  
  I mean, nice strawman but what was more happening was you were telling your friend you liked ladyboys, and then your friend ran outside and told anyone and everyone who would listen that you liked ladyboys.
  The only real change here is the Lemmy UI would stop lying to you about votes being private, because they never were.
  
  dont upvote laydyboys unless you want all to know you like them. Its a sign you shouldnt do it.
  This. Unironically.
  There is no such thing as privacy in the public internet. There never was. I take it as a given that if some loser decides to look me up they will dig even my IRC chat logs from some server I used to connect almost 30 years ago.
  Anything you do in the public internet, you need to ready to own it publicly. If you want/need real privacy, this is the wrong place to be.

Probably for the best if downvotes remain less easy to access, at the very least. There's a myth that people who are suicidal will "find a way even if you take away some of the easier methods", which is explicitly false. If you take away the easy option, you are directly reducing the harm that easy option might have caused. https://gizmodo.com/why-have-people-stopped-committing-suicide-with-gas-5959303
If the admins take away the quick and easy option for seeing who downvoted your passionate comment, the mods are directly reducing the number of people who go on rants about downvotes and targeted vitriol.
It has nothing to do with privacy; this is a public forum that by it's very nature, requires that all activity be easily available to all the sites you federate with. There is not privacy in that.
This is about the type of community that forms around the software. Do we want to encourage, and make easily available, the list of people who disagree with you? Or do we want to to put minor barriers around that to help keep the number of people who do that low?
- I'm not sure the comparison to suicide holds up. I could just as easily compare it with migration where it is absolutely true that people will find a way to migrate even if you take away the easier methods. It's simply completely different things.
  
  Not sure what you mean about migration. People absolutely do move less when it is made harder to move. Mitigation isn't perfect, it never is, but for damn sure it helps.
  Just because the wall is dumb as fuck doesn't mean it didn't stop at least a few people from crossing the border.

Hard no. I'll move on like I did a year ago from Reddit, and I was on that site for 14 years.
Just from a political/nation-state viewpoint, it would needlessly expose information to make it easier for countries and political parties to keep some kind of "social score" and decide when to do something to you. China already does this kind of stuff.
We need to make it easier for everyone/anyone to do this? Think about all of the super-divisive issues at hand. People can already get a sense of your views from your responses, and that should be it.
- State/nation actors can easily track this information without an UI setting. Just set up any software that uses activitypub and subscribe to any AP group (i.e, Lemmy community) that you want to get up votes/downvotes (Like/Dislike activities).
  
  Man I would have assumed that information would be cryptographically obfuscated while still being verifiable, like monero.
- Just so you're aware
  https://kbin.earth/m/fediverse@lemmy.world/t/267356/Lemmy-devs-are-considering-making-all-votes-public-have-your/favourites
  
  I'm not sure what this is supposed to tell me, sorry man.
- Votes are already public, lemmy just doesn't let you see them in the interface.

What will this accomplish other than facilitate brigading?

I say no. Privacy.
Comments say they're already basically public. I don't know anything about that, but it's probably better to merely have a camera in your toilet than have a camera in your toilet that livestreams 24/7.
But I don't have an especially informed sense of how to run a platform so maybe there's a bunch of crap I'm not thinking about.

No, as it would create a lot of excuses for targeted harrassment and just increase toxicity
- Excuses are only that, especially if your instance has already implemented robust server rules against harassment.
  I think the real sign of toxicity is weighting (perceived) anonymity over accountability for your actions on any platform. I'll vote for transparency any day.
  
  Accountability, really? Okay, what's your full legal name and address? If you're totally fine with your idea of accountability, why not tell us all?

I don't see the benefits but I see drama this would cause.

So the annoying neckbeard i downvoted for being an annoying neckbeard is gonna DM me?

Aren't they already practically public, given the federation?

It should actually be made more private.

VOTES ARE ALREADY PUBLIC.
If you are using Lemmy because you want privacy, you've already missed the boat, everything is wide assed open for datamining and advertising fingerprinting.
I'd hoped for an open system with open APIs and open implementations that allow everyone equal access to the system and bring equal accountability.
If people just want Reddit style fiefdoms with no real public accountability possible, then make a blackjack and hookers fork.
I'm really not interested in a system that bakes in more authoritarian secrecy and control, which could very well be an unexpected outcome of backlash to how this has been presented.

Many people in this thread seem to not realize that votes are essentially public already - this is only about whether the Lemmy UI should make it a bit easier to see the votes. They can already be seen quite easily if you know how.
However, there is an easy solution to this problem. This is clearly a controversial decision, so don't make a choice for everyone. Make it an option. Any admin can decide for themselves whether their instance should allow users to see votes.
That also means that users can decide to go to instances where the votes are hidden or public.
This approach leaves the choice to the individual, rather than forcing the choice on everyone.
- It's confusing enough understanding how federation works for the less technically inclined. I don't think we should also expect them to figure out which instance is privacy-conscious. Privacy of votes should be baked into Lemmy. Even kbin users shouldn't be able to see it.
  If users want to advertise their approval/disapproval of posts they can use public comments in tandem with private votes.
  
  Privacy of votes should be baked into Lemmy. Even kbin users shouldn’t be able to see it.
  This is impossible. The underlying protocol, ActivityPub does not have the concept of private votes. It is not up to Lemmy to decide. You'd need to revise the protocol for this and good luck with that.

On multiple occasions a moderator has reached out to me and informed me an account existed purely to go through my comments and downvote me. I assume this is a common occurance and we could combat it better if we could see the votes.

likes and votes should be anonymous and user names should only be displayed for comments.
- Votes are public in the underlying protocol - mbin users and lemmy admins can see votes. They are not anonymous. This is only about whether votes should be displayed in Lemmy.
  
  Yes I know, I said "should".

Votes are already public? If they weren't, federation of votes wouldn't be possible.
- I think the change would make it accessible to non-admin users
- hypothetically, I suppose it could alternately be done by instances just federating the number of votes from their instance and only storing who voted what internally. Though then you might get issues with very easy vote manipulation if a server just says a lot of people voted a certain way without needing to make accounts to "justify" the fake votes.

Idk if I trust that some powermod won't send me to hell if I vote against something they strongly believe in, akwardtheturtle style
- Mods of communities can already see votes in communities they moderate. Admins of instances can already see votes on all content.
  
  Mods of communities can already see votes in communities they moderate
  I moderate a few communities, ~~and I don't believe this is the case.~~
  Edit: It would appear that I am a little behind the times...
- Already happening
- akwardtheturtle
  Now there's a name I haven't heard in a while....

Considering making votes public, not considering making mod actions inform the user they occur.
I can see where their priorities are.
Making votes something mods can see is one thing but public is whole other can of worms.
Edit: Spleling
- Asymmetrical visibly of votes is more problematic than letting everyone see them

This would be a catastrophic mistake. Please don't.

Yes, and there's no genuine argument otherwise.
If you want Lemmy to grow and not be completely overrun with bots posting propaganda and signal boosting extremism, showing votes is the only way forward. It's the only mechanism by which independent parties can discover and expose things like "every post and comment by this account is upvoted by these 20 other accounts that have never posted and whose names follow the same formula".
The privacy you're mourning never existed in the first place and it can't exist on any platform. For Lemmy, it's required for federation. On sites like Reddit, you have privacy from other users, but not from the company or anyone they sell that data to.
Since true privacy isn't an option, it would be far better to be open about that lack of privacy. This thread is already riddled with people who thought their votes were private, rather than just inconvient to look up. That's far more dangerous and deceptive.
This needs to happen, regardless of the ill-informed tantrums it may cause. If you want to upvote pornography without it being used against you, create accounts that are strictly for pornography and properly compartmentalize your accounts.

I understand that this information is already basically public but there is a thin barrier to the average nitwit user accessing such information and going in a rampage screwing with people who have downvoted them. I'll say this, if they make it more public I think I will just simply stop voting. I will continue to use Lemmy but only as a passive user.

Nah. Votes are already visible to people using other applications than Lemmy, so let people use those if they want to see how people voted. It's fine as-is.

What's the benefit?
Like, what's the actual user experience gain from seeing someone else's votes? Is it just so the average joe can profile users, like for identifying bots or whatever? That's not rhetorical, I'm genuinely curious, as I don't see what I'd gain from this as a Lemmy user.
Bit as I see it, I really have no desire to do this. Maybe if I was a a pseudo mod on a spammy community I guess? But comments are already a decent indicator.

Gathered some thoughts here
Potential positives:
Any admin can already review voting activity, but some people don't realize that. This change would make it less surprising
it would make it easier for non-admin users to study voting activity and find abuse
it would make it consistent with other platforms that we federate with, which can already see votes
Potential downsides:
People will report voting activity that they don't like, even if it's not malicious.
Admins will need to set up rules on what activity they will act on (and also take action against people that spam bad reports).
It would also help to have automated tools to review voting activity since it's hard to do that manually.

It's another option for abuse, similar to bringing up past comment history
Both could be dealt with but it would make moderation somewhat harder
Likely bad:
Mods and admins can ban people for upvoting content in communities they aren't in charge of. This might work on a small scale, but I'd caution against it because it often misses nuance:
it's very easy to accidentally vote on something while scrolling (unless there is a consistent pattern)
even if the community is seen as "bad", the post might be good (ex. it could be calling out the community)

Bad
it lowers the barrier for other types of abuse, such as tracking vote activity for advertising, approximating when a user is asleep, etc

If I can't vote privately then I don't vote.
They should put the rest of the nails in this coffin. Go full clique.

Should be a server setting, just like how some servers can choose to show combined votes or separate up/down votes.

This is an interesting conundrum.
On one hand it would help locate foreign agent bots/bad faith actors faster and recognize vote manipulation by bot farms.
On the other it will lead to even more account-stalking problems, user drama, and would further enable vote dogpiling if you see certain known users voted a certain way.
I'm inclined to say no. They are already "public" if one wants to put in the effort to admin a standalone instance or run alts on multiple services they can see if they care- I personally don't really care

One of the things I liked back in Kbin was being able to see who upvoted. Some people were lurkers who didn't comment, but it was still nice to always see them take an interest in the material. Felt more like they were a regular in the community.

This is one of the downfalls of a distributed system. You basically need public votes. Without it, instances lack critical information about the validity of votes. You don’t have a centralized system with back door access to monitor and maintain things.

I think they should be public. They’re already accessible for mbin posts and anyone administrating a lemmy instance. It should be clear to all users that their votes are already not private.
Someone could make a lemmy instance just to get voting behavior and make a website with cool graphs and stuff today and the only thing that could stop them is defederation. If Lemmy gets popular, this is just an inevitability.
Imagine if a large instance decided to do that today. Imagine if lemmy.world released lemmy.world/votes. Would people defederate just for that? Remember: Mbin already displays scores and I don’t think anyone has defederated over it.
Might as well put it on the interface so everyone understands it isn’t private. Rip off the bandaid.
- Exactly. If private votes were intended, Lemmy servers would have had voting privacy setting where the vote is federated as @privacy-vote-{sha256sum userid & postid}@instance.foo instead of the actual voter's username.
  
  Not privacy-protecting. You can easily deduct the voter by enumeration.
- I agree that it's bad that there's a false impression of privacy, but I think it would be better to allow this as an extension or something and not include it as a feature in the UI, or at least not on by default. That way people who otherwise wouldn't bother won't be tempted to drive themselves crazy looking for imaginary enemies.

847 comments

Potential positives:

Potential downsides:

Likely bad:

Bad