I recently learned that voting on lemmy is not anonymous. Anyone can get information about who has upvoted and downvoted a post or comment.
In combination with your IP, this is a massive privacy (maybe even physical security) risk. Also, people can target you for your votes.
Sadly, this is something where I would prefer Reddit over Lemmy. Big tech scrapes data from both places anyways, at least Reddit is safe.
Both of them are but when a person comments, they willingly put out their opinion in the public. Voting is meant to be anonymous (like irl).
Also, votes have a massive amount as compared to comments. An average user might comment on 1 post for every 50 they vote on (a number I pulled out of my ass)
You THINK it should be anonymous. I disagree so did Lemmy creators.
The Lemmy creators thought votes should be private, and didn’t respond meaningfully to people who tried to tell them that Lemmy votes are not private.
If they’re currently retconning it as “Lemmy votes are not private and never were,” then that’s a step in the right direction I guess, but the fatal flaw was ever following the Reddit model where votes are “supposed” to be private for real. Because as you note it is impossible to do in an ActivityPub system. A lot of people when this was first being discussed, pre-lemvotes, were objecting strongly to the idea of making votes public, because they liked pretending they were private and just not paying any attention to the fact that they weren’t. I think mbin still refuses to display downvotes for this (stupid) reason.
(Actually, Piefed did what I thought was a brilliant solution, creating new actors to send out votes with that were different from the comment actors, so that individual users could vote from Piefed and admins could check into it but the votes would not be trivial to associate with the users. IDK why they abandoned it but it seemed like a pretty clever way.)
I thought they consulted it with the users, and they decided that they should stay pseduo-private.
I’d dare say lemmy creators wouldn’t mind private votes, they chose not to display voting counts to normal users after all, but that’s not how the ActivityPub protocol is built and honestly can’t be built if you want federated votes.
Voting is only seldom private IRL, only in very specific situations like in very important national elections.
When you vote for what to get for lunch together or for who will be the head of your local football club or who will be the speaker in your school, most of them are public, similarly to Lemmy votes.
The only one tying your votes to your IP-address or the E-Mail you registered with, is your home instance. This is identical to reddit. If you don’t trust your home instance with your IP-address, use a VPN and/or switch to a different instance.
You are making up an issue for lemmy, which you are willing to accept with reddit.
Votes being public is a lemmy specific issue
But they aren’t tied to any public information that relates back to you, unless you voluntarily make this information public yourself. You have the exact same “privacy (maybe even physical security)” risk, like when you use reddit. Just that with reddit you have to trust reddit to use the platform, while in the Fediverse you only have to choose one instance to trust.
Votes are public here and not on Reddit. Someone who doesn’t like a downvote can go on a witch-hunt, something which is happening to my comments right now.