Currently, almost anyone in the Fediverse can see Lemmys votes. Lemmy admins can see votes, as well as mods. Only regular Lemmy users can’t. Should the Lemmy devs create a way to make the votes anonymous?
There is a discussion going on right now considering “making the Lemmy votes public” but I think that premisse is just wrong. The votes are public already, they’re just hidden from Lemmy users. Anyone from a kbin/mbin/fedia instance can check out the votes if they are so inclined.
The users right now may fall into a false sense of privacy when voting because the votes are hidden from Lemmy users. If you want to vote something and not show up on the vote list, please create another account to support that type of content and don’t tell anyone.
Other posts have already posted it better than I could, but my tl;dr is: one of the good things about Lemmy compared to the “competition” is that votes are public – or at least the fact that someone voted is.
I wouldn’t mind restricting access to how a user voted, in particular if in the future something like multi-choice upvotes becomes a thing, or even something I’d love to see as is dual-voting (“I downvoted because I don’t like it but I upvoted it because you are absolutely right about it”, this is absolutely different than not voting at all if the who is voting is being tracked).
But on a fundamental level, in the least instance admins have to be able to know who votes for our version of the system to even work compared to the competition.
Right now votes really don’t matter in terms of post sorting so I’m not sure if there’s really a point to this. As far as I understand it, any vote is engagement in terms of making a post active/hot/whatever
dual-voting (“I downvoted because I don’t like it but I upvoted it because you are absolutely right about it")
This is the most interesting take i have seen on the matter. it’s not a score out of five, why shouldn’t you up and down vote the same post?
you make an objectionable but very interesting point?
you are essentially right but you are belligerent and can’t spell?
upvote and downvote.
“Controversial” is what that would be called. Do we need a third vote instead of double-vote?
Yeah I mean it’s basically a consequence that an upvote or a downvote can be for any number of reasons not shared from up- to down- or viceversa, and a simple voting system is ill-equipped to represent or contextualize that. Various solutions are viable, but my perspective is that if up+down-voting is here to stay, that part could be extended so that the act of voting could be this one bit more representative.
it seems from a very brief search that likes and dislikes (see link below, i assume they translate to up and down votes) are the extent of what is available so a more nuanced slashdot or steam review type rating is unlikely to be viable.
in any case the ability to upvote and downvote feels like a core differentiating feature to this kind of forum and inbetween measures are unsatisfactory. upvote and downvote anything you like, and everyone can see you doing so, would be an improvement imo on the current implementation.
at least it may be possible in a future version to allow or disallow voting behaviours on a community rather than instance basis?
But on a fundamental level, in the least instance admins have to be able to know who votes for our version of the system to even work compared to the competition.
Could you elaborate on this claim? Because I don’t really see why that would be true.
Because they have to be able to act upon invalid / spam / bot / brigading voting if it happens. And there is not a reasonable way to do that without knowing the voters (not necessarily the votes) that is not “disable votes for this particular subject”.
It isn’t true. As far as I can tell there is nothing right now which prevents me from sending a fixed, unique token for any give action from my test instance instead of the user string itself. Only comments would require the real user string, for obvious reasons. Likewise, another instance could ban that token, or the user or both. This actually does nothing to change the trust model, but would significantly enhance privacy and reduce the propagation of user telemetry.
How do mods see them? As far as I am aware, you have to be an instance admin. But it’s not difficult or time consuming to spin one up and I doubt the average user of Lemmy is technically incapable; most of the Fediverse users in general seem to be IT people and developers.
This is all I see as lead mod of 3d printing. I also checked and desktop is the same both in desktop mobile view and on my laptop.
Making a browser addon/extension wouldn’t be too hard if you can get the data somewhere. And then it’s just a click of a button to get the functionality.
Yeah, I moderate a few communities and have no idea how to see vote identities.
I suspect you need access to the database.
Looking at the source, “comment_like” seems to be where they’re stored.
someone commented on github (I think it was Desallines) that the vote viewing feature has been available since 0.19.4 . Lemmy world is still on 0.19.3 .
Being able to see the moderation history linked directly to a post was added then - but I don’t see vote viewing nor recall hearing about it, which would have been a huge deal.
Nothing4You commented Aug 14, 2024 •
mods can already see votes in communities they moderate since 0.19.4, so this would be reducing what is visible today:
and
Dessalines commented 5 days ago
I’d like to clarify that mods should only be able to see votes for the communities they mod only.
Admins can see all votes.
I dunno, we’re on 0.19.3 so I don’t see it but I guess it’s there.
https://github.com/LemmyNet/lemmy/issues/4967#issuecomment-2289596923
Ah, mods only, and then only for their own communities - well, still, that’s something (though I’d prefer prefer it opened up for everyone). Thanks for the link.
Barring setting up an instance or viewing through mbin, I don’t think mods can see them. Only admins.
Overall my opinion is irrelevant, however, I think there is a huge difference in knowing a person votes vs how a person votes. The how should not be public, imo.
I would rather vote identities being blocked from scraping. I don’t care about other users or admins. I would rather that level of information be unavailable to outside commercial sources, especially any timings based metadata that could be used to derive dwell time and other psychological metrics.
I think you’re looking for a different type of community then, like an image board.
Thats probably a complete nonstarter in a federated network. The metadata needs to be sent via Activitypub, ergo it has to be public.
If I vote something I’m expressing my opinion just like I would with comment, and those are not anonymous.
I get that people are worried about griefers and psychos, but anonymity is just a (poor) cure for the symptoms, not for the disease; users who don’t behave should be banned, and if their instance turns out to be a detriment to the community, they should be defederated.The anonymity we should ensure is the one of the person behind the username, to avoid doxxing and cyber-bullying.
No I’m worried about powertripping mods… That’s the issue.
Why is this so universal?
Because too many mods are power tripping assholes and I say that as someone whose been a mod in various corners of the Internet since at least 2000.
The best mods, and admins, are nearly invisible and as close to drama free as possible.
I am Palestinian and I just got banned from world news ml for saying that some Israeli hostages experienced rape/sexual assault/abuse without “credible evidence”. Somehow the mod equated this with me not giving a fuck about Palestinian prisoners of war.
No my man… I was raped myself as a teen. So to me, all rapes are equal no matter who does it to whom.
I’d rather keep the status quo. While I realize that the vote visibility can play into the hands of mod/admin/instance owners with nefarious or petty vengeful purposes, we also can see who bad actors are in the vote system - iow a bot or person perpetually downvoting subjects they disagree with yet not participating.
But people need to be aware that the votes are not private.
We could split the difference and users could get auto-notified if their vote was viewed and by whom. That way it’s a two-way street. The mod/admin can see your votes, the users know that their vote was accessed by that mod.
Second choice would be that all users are anonymized by a hash so that bad vote actors can be removed via their hash being associated with malicious or other bad acting, but to discover who individuals are the admin would have to do the legwork of follonf multiple posts/ comments to associate the hash.
No perfect solution.
Don’t know how that would be implemented, but someone needs to watch the watchers.
Otherwise hide the votes if trust of anonymity is paramount.
We could split the difference and users could get auto-notified if their vote was viewed and by whom. That way it’s a two-way street. The mod/admin can see your votes, the users know that their vote was accessed by that mod.
It would be pointless to do. Anyone can view your votes without notifying you. Just set up your own instance, download the data (that you need to do anyway because of how activitypub works) and then just open up the database with a different software to access the data. No notification can be sent because the application doesn’t know the data was accessed.
Second choice would be that all users are anonymized by a hash so that bad vote actors can be removed via their hash being associated with malicious or other bad acting, but to discover who individuals are the admin would have to do the legwork of follonf multiple posts/ comments to associate the hash.
This opens a door to vote manipulation. If you can’t verify users someone can send random hashes.
Otherwise hide the votes if trust of anonymity is paramount.
The votes still exist in the activitypub. They’re already publicly available, the question is how accessible they should be because right now if you want to track downvotes you need to put in some effort. Upvotes you can already easily check from any mbin instance
Couldn’t malicious instances use random users aswell? What if there’s some sort of user manifest that shows all users an anonymous hashes belonging to that instance? That way you could check there are the same number of both.
If that were to happen, the receiving end wouldn’t know who sent which vote, thus making spamming extremely easy.
I did think of a few ways round it (in kbin/mbin) a year or so ago. But, it wouldn’t work unless everyone using ActivityPub recognized it. It’s also really a small problem in reality. It’s likes and dislikes.
I’ve been thinking about this for several hours since I first became aware of the debate.
I don’t care that much in theory if anyone sees my votes. They aren’t anything I’m particularly private about. I care about conversation way more than up/down votes.
However, some people get a little upset about being downvoted. I think it will result in retaliatory downvotes. You already see that when two folks are arguing. I don’t normally waste my time downvoting a post I’m writing a rebuttal to, but when they are downvoting me I tend to do it back. I think if everyone had easy access, they would hunt down their down voters posts and retaliate regardless of the quality of the comments.
Lastly, I wonder if this will give rise to a client that lets you use one account to post/comment and a different one to vote. And if it does, will that be better all around? Then no one will be able to associate votes with a user. But it seems unnecessarily wasteful to create a whole account that does nothing but vote. It seems like it would deny mods (and everyone) a useful tool for identifying bad actors.
Technically, anyone could get access to the voters identity if they try hard enough but 99% of the users won’t put in that much effort. And technically someone could already use different accounts for different activities, but without reason to create a client to support that it’s too much of a pain to be worth the effort.
So I really think I’m on team status quo here.
I don’t normally waste my time downvoting a post I’m writing a rebuttal to, but when they are downvoting me I tend to do it back. I think if everyone had easy access, they would hunt down their down voters posts and retaliate regardless of the quality of the comments
That would stop as soon as people start reporting this behavior to mods who felt enabled to ban users based on unjustified downvoting.
I’m really skeptical about that. Either that they would do it or that such “justified” downvoting would be a clear cut or fair decision. Most people don’t vote the right way. How many people downvote content they agree with or find funny but doesn’t add to the discussion? How many people upvote content they disagree with that does add to the discussion?
And am I really going to take up a mod’s time because someone got mad at me and downvoted—the most accessible and innocuous way to express displeasure with someone? How many more complaints about downvote bullying are mods going to have to field?
I don’t know. You could be right, but I’d want to see it successful in a small scale, if possible, before deploying it everywhere. Maybe the folks suggesting it should be up to the server admin are right. That would be another differentiator and people could go to communities on servers that have their preferred visibility policy. That would serve as an A/B test and let people vote with their feet.
How many people downvote content they agree with or find funny but doesn’t add to the discussion?
Again, this is only a problem because we have lost this sense of shared culture. If we really want to have an established “community”, these guidelines will have to be one way or another be restored and enforced.
How many more complaints about downvote bullying are mods going to have to field?
Here is an idea: instead of trying to remove power from people, let’s give more of it. Hiding votes is hard, but creating a finer-grained permission system for moderation is not. Let’s build a system where mods can assign other mods for specific types of reports. Then, we can have few mods who would be “all powerful” like they are now and we could have a bunch of “issue-specific” trusted users who could access/triage specific reports.
We shouldn’t need mods to figure out what is “basic” spam and we shouldn’t need powerful mods to say “user A is reporting that B has downvoted their last 5 posts in different conversations. This is a violation of the community rules and therefore should be banned.”
Sounds like opinions are pretty mixed. Maybe we should put it to a vote.
But then how do we decide if that vote should be public or not…
On Kbin the votes are 100% public for anyone. I’ve migrated to Lemmy after the frequent server issues with Kbin and I miss that part dearly. It was very easy to gauge whether someone was engaging in a good or bad faith discussion by checking the votes within a discussion. That being said, personally I’m very light on my downvotes, and I can see how someone more trigger-happy would see it as worrying. Personally I see the vote transparency as healthy though.
To be fair, there’s a point to be made that someone who’s overly trigger-happy on dislike should be shamed for it. Just like you would be if you kept being snide to everyone in real life.
I agree that transparency would do much more good than harm, plus compared to the info that people already put in their profiles/comments, it’s not likely to make them anymore identifiable.
I’d even argue public votes can deescalate some situations, for example where both sides of a relatively heated discussion can see they vote each other up. They don’t necessarily agree but they appreciate the other side’s points.
As for the transparency, it’s not possible to list all the votes of a user, one rather needs to list votes on a given post. To profile a given user the attacker would need to cross-reference the data from all posts and comments which is computationally infeasible, both client-side and server-side.
There is enough drama as it is. This will just open the door to shadowbanning and stalking and other horrors we have escaped by leaving reddit. It’s enough that it’s party available on kbin.
The developers of Lemmy do not seem interested in anything less than banning people instance-wide, even from communities that they have never posted in before, so ironically shadowbanning is too subtle for them.
But I thought the only way someone could be shadowbanned now is at the individual user level? It would be nice to increase transparency even further - e.g. a message pops up if you try to reply to someone saying like “this user has blocked you” (possibly everyone from that instance) so that people do not waste time trying to get a message across that the recipient will never read.
The users right now may fall into a false sense of privacy when voting because the votes are hidden from Lemmy users.
Why would you even want anonymous votes but not anonymous comments?
The former is as good\bad as the latter.
I know they were already technically public. I think they should be shown.
The more I spend time on Lemmy, the more I think it is in a lot of trouble. There are many serious issues that need to be addressed and I don’t see how most of them can be.
Federation is touted as a Good, but has many drawbacks. Privacy (as listed in this post for example) for one, instead of algorithm curated/focused content federated servers each enforce (subconsciously or overtly) a theme, rampant user generation off multiple servers rendering moderation pointless, and so on.
Then there is the rampant issue of moderation abuse. It seems that the only reason to be a moderator is to not be annoyed at other people forcing their opinions on you. This reminder that admins/mods get yet another way to subject the users to their biases is the nail in the coffin IMO. “You vote this way? Banned because my feelings matter more”.
Privacy is important for a lot of people and that is impossible to get on Lemmy unless something drastically changes, but it doesn’t sound like this is will ever happen. The people that can see your data is not under your control at all and I think this fact alone will never allow Lemmy to grow to a place we can be happy with.
If admins can see data without limits, everyone should be able to. All 5 of us once that realization sinks in.
;tldr I don’t think even admins should see peoples data but that seems impossible so…
One benefit to vote transparency for admins is mod monitoring options.
Reddit is infested with vote manipulation via bots. At least on the Fediverse it seems like both admins and mods might have more options.
Yes by default, but there should be an option to make them public
