Anyone can stand up their own instance, subscribe to remote communities, and start receiving all the data necessary to show those communities. That includes posts, comments, and votes too.
Every instance operator is in control of a database containing all the activity for communities that instance's users are subscribed to. They can do whatever they like with that data. That's a consequence of how federation works.
The protocol as it stands today is also generally vulnerable to any malicious instance. A malicious Lemmy server could emit spam, send out bogus votes, or alter its users' comments after the fact (ahem, spez) and disseminate the modified versions. The main tool that other instances have to deal with a malicious instance is ... yup, defederating.
Ultimately, other federated services in Internet history have adopted different ways to deal with this problem:
- IRC doesn't have a single federation; it has many federations ("IRC networks"), and server operators form peering relationships with one another based on mutual trust and agreement to uphold various rules. Occasionally a federation completely blows up — see e.g. the 2021 collapse of the Freenode network due to admin abuse.
- Usenet pretty much floundered on spam mitigation because well-behaved servers didn't eject the malicious and ill-maintained ones.
- Email has dozens or hundreds of different ways of dealing with bad instances (i.e. mail servers that emit spam), including published blocklists of known offenders' IP addresses.