Un-privacy Policy

TLDR: Treat everything you submit to this instance as public. Instance admins (we) will attempt to reduce data collection as much as practicable, and will maintain open access for anyone to view posts and comments on this instance.

The main goal we seek to address with our Lemmy instance is community resilience in the face of censorship or bad actors.

In support of this goal, we intend to make back-ups of the instance’s database available on a regular basis to a select few semi-trusted community members. (This is in addition to the already semi-trusted nature of the instance admin group itself, and in addition to the normal operation of the Lemmy application as a federated service which broadly shares a lot of information with other instances and the public.)

As a result, users of the instance should consider that all information they submit to the instance may immediately or later become public. This includes things such as IP address, upvotes, and browsing patterns.

Accordingly, we will seek to limit data collection as much as practicable.

Lack of Email Collection and Password Recovery

While the Lemmy software does not allow us to entirely disable the email field in the user sign up form, we will not require emails, will not be enabling any sending of emails from the instance, and will discourage users from providing their email during the sign up process. We may proactively purge any email data we do receive from time to time.

This does come with some downsides: primarily, you must be careful about holding onto your password, as you will not be able to reclaim your account if you lose it. In the case of a lost password, you may wish to create a new user account.

Password Re-use Recommendations

In general, you should not re-use passwords across multiple applications. In the case of this Lemmy instance, this applies doubly as multiple community members may have access to backups. Of course, the Lemmy app does apply industry standard bcrypt encryption to all stored passwords, so as long as your password is sufficiently long and complex, it is cryptographically difficult to extract it from the data. Regardless, as a matter of precaution, you should use a long and unique password.

Additional Implicitly-collected Data

While we will disable any additional data collection whenever we are aware of it and are able to conveniently do so, you should assume that some data will still be collected by us and by third parties, such as IP addresses and/or browsing patterns.

Some such data may be recorded to the instance’s database, and thus may be proactively shared as a part of backups, or even as a part of the regular operation of the Lemmy application. To understand what types of data the database contains, you may reference Lemmy’s source code.

Alternatively, some such data may be collected and retained in server logs, or by technology providers that help us host the service, such as Google Cloud Platform, Cloudflare, etc. While we do not intend to proactively share server log information to back-up recipients, due to the semi-trusted nature of the instance admin group and of technology providers, this data may still become accessible in ways which are difficult to predict. Users concerned with their IP address being revealed should use a VPN. (Also, people should use a VPN, period.)

Additionally, due to the federated nature of Lemmy, when you use our Lemmy instance, your browser may communicate with other Lemmy instances operated by third-parties. We encourage users to research and understand precisely how this communication may enable data collection by reading Lemmy documentation and the privacy policies of any third-party Lemmy instances with which they interact. However, at a minimum, we believe users should assume that third party instances can associate patterns of Lemmy browsing activity with their Lemmy account. We encourage users to exercise caution in voluntarily associating additional personal information with their Lemmy account.

Finally, hypothetically, web applications can facilitate the collection of user data by third-party tracking, analytics, and marketing technology services. We believe our Lemmy instance does not facilitate any such data collection. Nevertheless, as a matter of precaution, we recommend that users use tracking blocking solutions, such as uBlock Origin, first-party isolation, or others.

Content Policy

The primary focus and scope of our instance is subjects relating to GameStop, household investors participating in US stock markets, direct registration, holding the financial industry/Wall Street accountable, and/or related economic and financial topics. Although we do not intend to censor discussion, and will not enforce around any stance or viewpoint within this scope, we may prevent or remove communities with an out-of-scope topic from hosting themselves on our Lemmy instance. As a reminder, due to the federated nature of Lemmy, users (including those on our instance) may and do follow communities hosted on other instances. In the event of another instance hosting content that we determine may be illegal or harmful for us to display, we may disable its federation to our instance. Due to the federated nature of Lemmy, users who are unhappy with our instance’s federation policies may also register via other instances, including their own, and thereby interact with content from our instance as well as any third-party instances with fewer disruptions related to our federation policies.

Moderation Policy

On Lemmy, there are instance administrators and community moderators. Communities are analogous to subreddits on Reddit. Anyone can create a community on this instance. When a community is created, the creator is automatically made the head mod and can appoint other users as mods as needed. These communities can develop their own rules and moderation structure. Meanwhile, instance moderators can moderate any community on the instance, just like Reddit Administrators could moderate any subreddit.

The main differences as compared to Reddit are that:

  1. Moderator logs are public and transparent on Lemmy.
  2. Due to the federated nature of Lemmy, communities that feel unfairly limited by instance admins have the recourse of hosting their community on another Lemmy instance or even their own Lemmy instance.
  3. Due to the federated nature of Lemmy, users that feel unfairly limited by our instance’s federation policies can subscribe and contribute from another Lemmy instance or even their own Lemmy instance.
  4. Due to our planned efforts to share backups, the community will be more easily able to create a replacement instance in response to any overreach from the admins of this instance.
  5. Our instance admins believe that moderation is best delegated to the communities, and will not engage in moderation of content based on the viewpoints or ideas therein.

Areas where instance admins may engage in moderation will be limited to:

  • Removal of content which we believe may be illegal in the US to host, store, or distribute
  • Removal of content which violates copyright for which we receive legal takedown notice
  • Removal of content pursuant to any legal/government/court order
  • Removal of users who have required repeated content removal per the above
  • Removal of users who attempt to overload some aspect of the instance through the quantity of some action (e.g. flooding the instance with communities, excess and repeated data uploads, etc.)
  • Moderating a community for which they are also a community mod

We are new to operating Lemmy ourselves, so we may need to amend this list as we discover Lemmy’s features and limitations. Although we prioritize open discussion, these concessions are necessary to maintain a consistent server solution and avoid personal liability.

Contributing

At this time, the admin instance team is not accepting monetary contributions. If we need to take contributions in the future, it will only be in response to operational costs which we will make transparently available to the community.

We are interested in tech contributions, though we still need to set up the processes for contributors. For example, we are considering accepting contributions via source-controlled devops scripting.

Thanks for reading.

Maintaining an available and open platform for free discussion is crucial.

Edits:

  • 2023-07-24: Fixed formatting issue
    • apes_on_parade@lemmy.whynotdrs.org
      link
      fedilink
      arrow-up
      8
      ·
      1 year ago

      For starters, you can always refer to the source code at https://github.com/LemmyNet/lemmy

      do you know what kind of browsing behavior is tracked

      I have not inspected the source code to find whether any browsing tracking exists within the app itself. Instead, I included this message because you can clearly see in your browser’s network console that whenever you browse federated content (i.e. content originally from another instance), your browser does make some requests directly to the remote instances for content. At that point, regardless of what the Lemmy source code says, those specific instances could track information about those requests. Although, as 3rd-party requests, they may not have cookies to more specifically identify your account, they could still build a profile of browsing activity by IP address.

      As far as the backups go, would private messages be hidden from an admin

      The official instance policy, as mentioned above, is to treat everything that you submit to the instance as public. I have not inspected the source code, but given the app behavior, I do not think there is any end-to-end encryption available for messaging.

      am I understanding correctly that the server admin doesn’t have access to each individuals password unless it was cracked?

      The application source code does apply industry standard bcrypt encryption to passwords before storing them. Despite my telling you this, according to the security principles I would follow as a user, you have no reason to believe that the source code is not tampered with by the admin (me), and you should use a unique password that is of no value outside of accessing this instance.

    • hotday06@lemmy.whynotdrs.org
      link
      fedilink
      arrow-up
      7
      ·
      edit-2
      1 year ago

      Have my own instance running and took a look at the database myself, figure i could answer some of your questions regarding to Lemmy in general. Lemmy doesn’t collection user’s ip address, unlike reddit. There is no user behavior tracking as of now, and i don’t see any third parties data collection based on my knowledge. User passwords are encrypted with Bcrypt which is one way encryption with no known weakness so far, the value in database is irreversible. This is standard practice. Basically admin has no way to know your password. The private message is not secured as Lemmy would warn you. Lemmy encourage server to use third part secure message service.