Can instance admins see users' history of visited post?
Can instance admins see users' history of visited post?
As we are concerned about privacy, I am curious just to understand if lemmy can be at some point exploited by someone to profile its users.
Being an admin of an instance, I can't even see my own history of visited posts. I can't verify this, but I doubt this information is being stored in the database currently.
This being said, each instance has full control over their API server and the web-based application being served, so they could add monitoring to either to gather this data. If they did this on the API end it would be undetectable. Running your own instance is the only fool proof method, otherwise you need to trust the instance operator.
18Thanks for the clarification!
4What if I view a thing from another instance? Would it not also be able to log that?
2Each instance serves the content from that instance, so from my understanding the only thing other instances can see are subscribed communities to be able to federate posts. Upvotes/Downvotes can possibly be tracked per user as they are federated on a per-vote basis currently, though this is just something I read and don't have sources at the present.
4
Technically? Sure, they can retain and read their web server logs; or even put additional logging into the server code they're running.
10Thanks. It would be interesting to understand if some anonymization technique could technically be created, and eventually implemented in the future.
Because it looks a pretty dangerous situation, given what people discuss on social media nowadays...
3That may not be possible with web technology.
Browsers send URLs to web servers. The web server has to have the URL the user wants in order to serve a response; and it has to know who the user is in order to check permissions (e.g. don't accept a moderation action from a user who is not a moderator).
This inherently creates an opportunity for the web server to record any details about that exchange.
6