this post was submitted on 16 Jan 2024
8 points (90.0% liked)

Lemmy.ca's Main Community

2811 readers
2 users here now

Welcome to lemmy.ca's c/main!

Since everyone on lemmy.ca gets subscribed here, this is the place to chat about the goings on at lemmy.ca, support-type items, suggestions, etc.

Announcements can be found at https://lemmy.ca/c/meta

For support related to this instance, use https://lemmy.ca/c/lemmy_ca_support

founded 3 years ago
MODERATORS
smorks@lemmy.ca
TruckBC@lemmy.ca
Shadow@lemmy.ca
8
Accessible user info by instance owner? (lemmy.ca)
submitted 9 months ago* (last edited 9 months ago) by veeesix@lemmy.ca to c/main@lemmy.ca
11 comments fedilink hide all child comments
 

Before joining Mastodon I remember reading about how instance owners could potentially have access to their user’s chats and messages. I don’t think I ever saw this about Lemmy, or at least never looked into that much. Is that also the case here? How much info is accessible by the owners here?

That said I love the service and am happy to be here lol

you are viewing a single comment's thread
view the rest of the comments
[–] veeesix@lemmy.ca 1 points 9 months ago* (last edited 9 months ago) (2 children)

What’s the extent of “everything”, like including logs of all user activity? I’m just trying to understand how the system works and how much of an investment of trust users require.

EDIT: An example that comes to mind is the ongoing copyright infringement news that the IP addresses of Reddit users discussing piracy should be given up to film studios. Do Lemmy users have any kind of protection when lawyers come knocking?

[–] Shadow@lemmy.ca 4 points 9 months ago* (last edited 9 months ago) (1 children)

EDIT: An example that comes to mind is the ongoing copyright infringement news that the IP addresses of Reddit users discussing piracy should be given up to film studios. Do Lemmy users have any kind of protection when lawyers come knocking?

If provided with a court order, we could theoretically provide:

  • Email address
  • Record of all comments / posts made by the user
  • Incoming/outgoing DMs for the user
  • Voting activity made by that user
  • Communities subscribed to

(I think that's everything off the top of my head)

IP addresses are not logged in the db or linked to a user, but if the RCMP shows up with a warrant and says "We want all IP addresses that submitted a comment at 09:11:43am PST Jan 16 2024" then I'd be able to get that from the access logs. Access logs are only stored for 14 days and then purged, DB backups are taken daily and stored for 30 days.

[–] veeesix@lemmy.ca 1 points 9 months ago (1 children)

Thanks for going back and replying to my edit. I had trouble searching for an answer like that, so I really appreciate the response.

Do you happen to know any particular resources that discuss federated privacy?

[–] Shadow@lemmy.ca 2 points 9 months ago

I don't, sorry.

[–] Shadow@lemmy.ca 2 points 9 months ago* (last edited 9 months ago)

Lemmy is pretty light on activity logging, I'm not aware of anywhere that records user IPs. They also made some changes in a recent patch that moved user IDs from a get to a post variable, so I don't think there's a way to correlate hits in the access log with a particular user ID. (I haven't looked into this in a few months, so my info might be slightly wrong)

Basically what we can see is any content you post, even if it's a private DM (or one you received). We can also see all your voting data.