Wait a minute, so any admin can see which posts do I upvote/downvote?
Fediverse
A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).
If you wanted to get help with moderating your own community then head over to !moderators@lemmy.world!
Rules
- Posts must be on topic.
- Be respectful of others.
- Cite the sources used for graphs and other statistics.
- Follow the general Lemmy.world rules.
Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy
I'm an instance owner and mod. I'll describe what we see.
Like anyone else, I can check a post or comment and see the upvote and downvote counts. If I click on a specific menu item by a post or comment I can also see who voted which way.
I check it often and to date have only banned two users, out of thousands, who were consistently downvoting posts. These bot accounts were literally voting within seconds of the post going federated.
It's a useful feature on my end and I think others should be able to see it.
Thamk you for the insight, instance administrator views are valuable and unique.
At the risk of sounding like I'm presenting a bad faith argument, why ban them? I don't like the whole "free market" analogy but surely it's one of the liberating features of federated servers, being able to to largely express your votes or content as you see fit within the legal framework of the host nation. Wouldn't the odd one or two mass downvoters/upvoters/theyvoters ultimately be a statistical abberation or is the fediverse still small enough for this sort of shit to carry weight?
Open criticism of my view welcome, as always!
They're purposely disruptive to the community, they are not part of the community.
If votes are anonymous and federated, it's very easy for me to add or subtract 900 votes from whatever I want.
You should consider anything you do on social media to be public. Even if Facebook tries to claim that it's not.
Admin of a small instance, I have banned 2 accounts for another instance that were downvoting almost all content in a threads without any other interaction. They were being disruptive to the flow at the time, much like @ericjmorey@discuss.online describes.
Furthermore, anyone can spin up a Lemmy server if they want to see people’s votes. It’s not very hard or load the same post in kbin/mbin.
For what it's worth, admins/employees on Reddit (or any other website) can also see upvote records.
I always thought anonymous voting was preferable, or at least non-public. I don't want "why did you downvote me bro!?"-arguments to occur, and I don't want to know who approves of my comments or not. I think thinking of votes as an amorphous blob representing general public opinion on Lemmy is preferable to getting into the weeds of who exactly likes your posts and comments.
We could also have "karma" on Lemmy, but while technically tracked the environment is better off without it being public in my opinion. I view voting records similarly.
If botting becomes enough of an issue that regular users need to report vote manipulation bots I'll be fine with conceding my stance.
As a comment on the other discussion says, there's a reason ballots are secret.
I agree. As long as anonymous voting doesn't cause obvious trolling/spam issues, it should be preferred.
One of the reasons I've always found Facebook off-putting and never used it (even before learning about the shady practices) are the very visible votes. I tend to overanalyse any reaction and would judge people based on their votes on my posts, even if I consciously tried to avoid it. Similarly, I imagine some other people would do the same and I'd feel like I'm under surveillance.
Should the Lemmy devs create a way to make the votes anonymous?
I'm not sure if there is a good way to have the content federate anonymously. Even if there was, it would be a vector for spam.
Vote manipulation is a growing problem on Reddit. It's only getting worse with all the AI spam bots and they don't have an incentive to stop it. Why trust a review on Reddit if bots are upvoting/downvoting on behalf of a company, or worse what happens in news communities when a well funded group wants to change perspectives.
Admins need to know if the votes/likes coming in are legitimate, else they should block them. It's too easy to abuse anonymous votes to affect how content is ranked.
I left a long comment in the other thread which I will link in a moment, but I think either
- We keep the current setup, but we put in more effort to make new users aware that vote records are visible to admins/mods
- We make it public for everyone and take steps to deal with the new issues that it could cause
Other comment on the benefits/issues: https://lemmy.ca/comment/11097046
Admins need to know if the votes/likes coming in are legitimate, else they should block them. It’s too easy to abuse anonymous votes to affect how content is ranked.
This is a very real problem right now. Admins that are on to it use the votes to identify swarms of users that follow each other around upvoting each other's spam/troll posts.
I will also add that I think in the long run, as we try to figure out how to differentiate between humans and machines, the only real reliably solution I see is to focus on elevating the individual. Having people with long histories validate their reality by living and documenting it.
I don't upvote something that I'd be ashamed for someone to see I upvote. I might make an exception for pornographic content, but even with that, if it's pseudononymous in that it's not attached to my personal public life, I don't mind if someone can trace through and see what a specific account I use for those purposes has liked and disliked.
"If you have nothing to hide then you have nothing to fear."
Given the strong presence of the privacy community on Lemmy, I have to say that I'm a bit shocked to hear so many in these discussions chiming in to support voting transparency.
I'm on board with the idea of using ring signatures to validate the legitimacy of a vote and moderating spammers based on metadata.
Or, for something (potentially) easier to implement, aggregating vote tallies at the instance level (votes visible to your instance admin and mods) and federating the votes anonymously by instance, so you might see something like:
- lemmy.world: 9 up, 2 down
- discuss.tchncs.de: 3 up, 4 down
- Etc
Up/down votes are the method of community moderation that sets Reddit apart from many other platforms. If the Lemmy community is trying to capture some of that magic, which is good for both highlighting gems AND burying turds, radical transparency isn't the path to get there.
In fact, I'd argue that the secret ballot has already been thoroughly discussed and tested throughout history and there are plenty of legitimate examples of why it would be better if they were more secret than they are today.
Many people have brought up the idea of brigading, but would this truly get better if votes are public? Is it hard to imagine noticing that an account you generally trust has voted and matching their vote, even subconsciously?
For those who feel that they aren't able to post on Lemmy because downvotes make you feel sad, my feeling is that if you make posts in a community and they consistently get down voted to oblivion, you're in the wrong place. The people in that community don't value your contributions, and you should find another place to share them. This is the system working as intended and the mods should be thankful that such a system has been implemented.
The last point I'll make is about the potential for a chilling effect - making users less likely to interact with a post in any way due to a fear of retaliation. Look - if you're looking for a platform where all of your activity is public, those are out there. Why should we make Lemmy look just like every other platform?
Always in favor of taking power from mods that they can abuse and simply do not need.
The 1 "You think you can come into MY instance, and downvote ME?" post I read was 1 too many.
I would rather vote identities being blocked from scraping. I don't care about other users or admins. I would rather that level of information be unavailable to outside commercial sources, especially any timings based metadata that could be used to derive dwell time and other psychological metrics.
Thats probably a complete nonstarter in a federated network. The metadata needs to be sent via Activitypub, ergo it has to be public.
For anyone interested, there are a few papers on cryptographically secure voting, where both voter anonymity and election integrity are preserved.
Most designs consider three separate entities, where if you accumulate the information between those entities you would be able to identify a voter and his vote, but each entity on itself does not hold enough information.
They should just stay mostly hidden as they are now. I was harassed 3 times while using kbin for my voting habits. When I brought it up to ernest, him and mostly everyone else defended it, even though at the time I was actively being annoyed by someone.
It'll make less people vote in the long run and will scare people off.
Nothing worse than hopping on something I do for leisure to realize that thread I voted on a week ago has now come back to bite me in the ass because the OP decided to go on a crusade and harass everyone that downvoted them.
There is enough drama as it is. This will just open the door to shadowbanning and stalking and other horrors we have escaped by leaving reddit. It's enough that it's party available on kbin.
With the current way that ActivityPub works, this isn’t really possible. Every vote needs to be signed by some real user; if that changed such that anonymous votes were accepted then there’s nothing to stop any random person from adding 5 or 5,000 anonymous votes.
What it the instance signs the activity? Then it propagates to others instances after local validation. That way only local admins would have access to voting data. Malicious instances could still be defederated/blocked/have votes disregarded.
When I first signed up for reddit, the upvotes and downvotes were not only separately tallied, but also showed the usernames of the most recent people who did them if you hovered over the button. Then very shortly after that they changed it so that it made votes private by default, and you could override it in the settings, but almost nobody went to check that box back on. Eventually, they completely removed that feature around the time upvotes and downvotes were combined into one. which along with vote fuzzing was one of the worst changes to reddit comments, imo.
Lemmy feels like old reddit right now, which is a great spot to be in. I don't think you necessarily need public vote info, but maybe it could be enabled on a per-community basis? I can see some communities like politics not wanting to add additional drama to the equation while other more content driven communities might enjoy knowing who was giving the feedback.
Vote fuzzing is the worst. Reddit said their main reason for implementing it was to prevent vote manipulation... seriously? Vote fuzzing laid the groundwork for vote manipulation.
1 I had assumed votes were private 2 If I don’t hear soon that votes are private, I’ll simply stop participating and return to lurking. I’ll eventually just wander off to the next thing that doesn’t expose my votes to potential bots and/or abusive actors.
I think most users assume votes are private and most will have a similar reaction to learning about this unintuitive negative feature of anything built on ActivityPub, including Lemmy.
On Kbin the votes are 100% public for anyone. I've migrated to Lemmy after the frequent server issues with Kbin and I miss that part dearly. It was very easy to gauge whether someone was engaging in a good or bad faith discussion by checking the votes within a discussion. That being said, personally I'm very light on my downvotes, and I can see how someone more trigger-happy would see it as worrying. Personally I see the vote transparency as healthy though.
Wouldn’t it be easier to leave it as an option for each user on Lemmy?
If users want anonymity, let them have it. If they want to share their vote, let them do that. Forcing one option on others without the voice of the usually silent majority isn’t going to fix anything, it’s just going to scare some people away or start posts requesting it private again; or optional.
Not to mention, using this method you will quickly see how many users really wanted this option based on how many leave privacy enabled or disabled, instead of listening to a current vocal minority.
I'm at the completely opposite end of the spectrum of most people, they should be public to all. It makes it clear whether the guy downvoting you is doing so maliciously or as a non-participant. Same for upvotes. Otherwise, just get rid of it and find some better mechanism. The people saying "NO!" or that they should be anonymous don't really have a reason, your comment history is already giving you away and no one has a problem with that.
The worst thing public upvotes/downvotes might lead to are the same things your comments are already profiled for by the same people that would and perhaps a random getting mad at your downvote or upvote and voting back, which doesn't matter that much with the current karma system. The benefits, however, are a clear vision of where those upvotes and downvotes are coming from, without it you are a blind person in a social networks but with it you can tell who is interacting with you and you can investigate why and even make judgement calls because you can see whether they interact like a jerk.
No drama witch hunts, accountability for the way you are interacting online, the the benefits outweighs the drawbacks, but people don't want it because they feel insecure about it. I specially favor it because it could be a first step for a form of crowdsourced moderation (speculated on it here), where you can choose the people you think are voting comments to your taste to eventually have a select group large enough to determine which should show up first and which shouldn't show at all, and it could be completely complementary to existing systems. Don't want to see "yes, I agree" comments sorting as the most relevant? You might choose people who do not upvote but have engaged with the rest of the thread for comments you consider more informative.
No one from kbin/mbin instances can check out the downvotes you make, since this attitude has been so widespread many don't report it to those instances. They can see people who upvote, and the sky hasn't fallen because of it. Anonymity largely only helps the minority making the drama remain hidden.
Keep the Fediverse bot- and troll-free.
The whole idea of being able to behave like a shithead without accountability needs to go.
No, there is no real need. An account is already pseudo-anonymous. Full anonymity adds no real value beyond making it easier to manipulate vote tallies with bot accounts undetected.
edit: As a side note, this is one of the more transparent social media communities. It's not terribly privacy-oriented in general. The enhanced transparency is part of its appeal.
One situation I've repeatedly faced that could be solved by fully public voting is having those debates when someone puts a single downvote on my opponent's comments.
Silly, yes, but it may look like I am downvoting a person to aggravate. I am not, it's not me! :D
Sounds like opinions are pretty mixed. Maybe we should put it to a vote.
But then how do we decide if that vote should be public or not...
Its best if the rules are the same for anyone, but public votes is something power hungry mods will eventually abuse. If you dare upvote the wrong post you will get banned.
Yes they should, unfortunately I don't think that's technically possible with the fediverse model as the servers have to communicate that info over Activity pub, at least that's my understanding of it.
Votes should be transparent for everyone. Right now the system assumes that mods/admins are somehow inherently more responsible than the average user, but well, just look at the garbage clusterfuck admin/mod teams of certain instances. You're telling me you're gonna trust these people with this information and not everyone else? Get the fuck outta here.
I just got insulted & falsely accused of downvoting someone yesterday. I ~~had~~ chose to give them a second downvote to prove that the first one didn't come from my account. I admit, I have always been curious about the specific sources of votes but If I'm being completely honest, I don't think actually knowing would leave me better off. I think people already read too much into these votes in the first place and it gives the ego-maniacs too much to obsess over.
I am the admin of a website where we have a place where our users can post custom content and rate the content of others.
We have discussed how it works and should work many times and came to the conclusion that we'd never want it to be public. Any report of abuse will be checked by the website owner directly in the database and even admins don't have full access. Everybody tries to stay as far away from the personal ratings as possible.
We also noticed that it would be a lot more fragile when there are not many voters. A whole group that is negative about something wouldn't get as much harassment as a single person having a unique opinion.
On our website we have a comment section that isn't anonymous, and we even noticed that people often don't post something negative when it would be obvious that they are the only one who has voted/rated something. ("Negative" is almost always constructive in our case)
These are just a few things that I think add to this discussion.
How about pseudonymous as a compromise? Votes could be publicly federated but tied to some uuid instead of the username. That way you still have the same anti spam ability (can see that a user upvoted these things from this instance at this time) but can't tie it directly to comments or actual user accounts without some extra osint.
It might be theoretically possible to correlate the uuids with an account's activity and dox the user in some cases, especially with some instances having a single user, but it would be very difficult or impossible to do on larger instances and would add an extra layer. Single user instances would be kind of impossible to make totally private anyway because they can be identified by instance.
I've been thinking about this for several hours since I first became aware of the debate.
I don't care that much in theory if anyone sees my votes. They aren't anything I'm particularly private about. I care about conversation way more than up/down votes.
However, some people get a little upset about being downvoted. I think it will result in retaliatory downvotes. You already see that when two folks are arguing. I don't normally waste my time downvoting a post I'm writing a rebuttal to, but when they are downvoting me I tend to do it back. I think if everyone had easy access, they would hunt down their down voters posts and retaliate regardless of the quality of the comments.
Lastly, I wonder if this will give rise to a client that lets you use one account to post/comment and a different one to vote. And if it does, will that be better all around? Then no one will be able to associate votes with a user. But it seems unnecessarily wasteful to create a whole account that does nothing but vote. It seems like it would deny mods (and everyone) a useful tool for identifying bad actors.
Technically, anyone could get access to the voters identity if they try hard enough but 99% of the users won't put in that much effort. And technically someone could already use different accounts for different activities, but without reason to create a client to support that it's too much of a pain to be worth the effort.
So I really think I'm on team status quo here.
One benefit to vote transparency for admins is mod monitoring options.
Reddit is infested with vote manipulation via bots. At least on the Fediverse it seems like both admins and mods might have more options.