I do sort of expect the Lemmy instance to protect my IP address, email associated with my account and whatever fingerprinting can be done in the browser as well as protect any Javascript they use from injections of third party Javascript, but only when accessing the instance, not when following external links or otherwise loading external content (e.g. images hosted elsewhere).
Fair point (IP, email, browser session data). Those should not be exposed via the federation in any way. And the existence of the federated network means we could switch instances if we are concerned our instance is a bad actor about this.
I did not mean to suggest the ecosystem is not valuable for privacy. I just really don’t want people to associate federation with privacy protections about data that is basically public (posts, profile data, etc). Wrong expectations about privacy are harmful.
I do sort of expect the Lemmy instance to protect my IP address, email associated with my account and whatever fingerprinting can be done in the browser as well as protect any Javascript they use from injections of third party Javascript, but only when accessing the instance, not when following external links or otherwise loading external content (e.g. images hosted elsewhere).
Fair point (IP, email, browser session data). Those should not be exposed via the federation in any way. And the existence of the federated network means we could switch instances if we are concerned our instance is a bad actor about this.
I did not mean to suggest the ecosystem is not valuable for privacy. I just really don’t want people to associate federation with privacy protections about data that is basically public (posts, profile data, etc). Wrong expectations about privacy are harmful.