I've expressed concerns about the potential effects of a bot-swarm before, and have had a few mildly constructive conversations about it. Here is a thread where I lay out a few of my concerns on the matter, but I'll copy the relevant text here for easier discovery.
Me:
I’m all for bots that are used as tools for the community, the invidious one seems pretty great too. A bit concerned about what the potential “bot army” on some of these instances will be used for going forward though.
@AgreeableLandscape@lemmy.ml
There is an option to hide bot accounts in your account settings. This is also why all bots must be tagged as such so people can choose if they want to see them or not, that’s the agreement with allowing bots on Lemmy for most instances.
Me:
> I guess with that in mind, that brings different concerns into view for me. I’m wondering what proportion of this wave of bots have checked that option identifying themselves as such? If they’re good bots they will of course, but I’ve also read through posts of instance operators claiming they’ve gotten thousands of bot signups in hours, which doesn’t seem like good bot behavior to me. Are they likely to identify themselves as bots? Even if they did, would it matter? One example off the cuff, I should be able filter bots from my feed and comments as you say, but what’s stopping them from upvoting / downvoting a specific group of user’s submissions and comments to the top of my hot feed, or upvoting / downvoting by keyword? If that happens en-masse you wouldn’t really be able to say that posts and comments are being ranked or discovered organically based on merit. While this sort of thing I suspect happens often elsewhere, it can serve to control the flow of information based on a single or small group of people’s will(s).
That is just one of the more insidious possibilities that a bot-swarm could be used for. Spamming, scamming, brigading, and poisoning discussions en-masse are all possible with even a moderately sized number of bots with the technical ability to put them to use on a platform of this size.
I've also seen announcement posts and the resulting post in The Agora covering the use of one tool (The Lemmy Overseer) that can help to automate the de/refederation of likely bot-infested instances. While I don't think the tool is going to deter particularly motivated actors, it should take care of the "low-hanging fruit" that is the tens of thousands of suspected bot accounts that have had no engagement on the platform since account creation. Instance owners take on a lot of responsibility when federating with others, just one of which is being responsible for securing their instance against automated signups. Once they take care of their bot problem they can become refederated automatically.
TLDR: I think we should defederate botted instances preemptively. Automatic refederation is possible, and a Matrix channel for instance operators exists for discussing refederation as a fallback measure.