this post was submitted on 17 Jun 2023
28 points (91.2% liked)

sh.itjust.works Main Community

7730 readers
1 users here now

Home of the sh.itjust.works instance.

Matrix

founded 1 year ago
MODERATORS
 

So far, I think the admins have done an exemplary job in running this instance. They managed to keep it active with many users, keep it error free, and their reaction to the defederation of beehaw was level headed and reasonable. When it comes to things that a successful instance needs, this one has a lot of them. Also it's Canadian which is pretty based

However, this place needs a privacy policy. I think users are entitled to know exactly what info about them is kept, how it's used, and how long it's kept for. This information included on almost every website and it's a big red flag if a site doesn't have one. Just to be clear, I'm not trying to insinuate that the admins are trying to steal our info or anything like that. Since they have a lot on their plate already with keeping the server online, this is probably something that fell through the cracks, which is bound to happen when one volunteers their time and money to cultivating a community and handling all the infrastructure involved in that. Nevertheless I think it's crucial to have one.

you are viewing a single comment's thread
view the rest of the comments
[–] inspxtr@lemmy.world 4 points 1 year ago (1 children)

Can you say something about the log files from running Lemmy on the admin end, or any federated service for that matter? Is there are data retention or privacy policy in terms of that? Or is that already public from a user perspective and has been made known for all users explicitly in a TOS/policy already?

On another note, please correct me if I'm wrong as I'm still learning about the fediverse, but the data in log files are not only for users within one instance, but due to federation, such (subset) data will also be in the log files of other Lemmy instances or services such as Mastodon if there is any interaction between them. Is that right? If so, is there any privacy or data policy around that as well?

[–] ShadowAether@sh.itjust.works 4 points 1 year ago (1 children)

Something like an IP addresses would have to be connected through your home instance bc that is the site you are connecting to. Generally, privacy policies do not have to cover data that is clearly public (I think you are mixing privacy policy/TOS a bit here). Your posts and comments are public and can only be set as public. Only email address and private data would need to be covered.

[–] inspxtr@lemmy.world 1 points 1 year ago (2 children)

Can you clarify whether instance logs are public or only visible to admins? Posts and comments, even upvotes/down votes, are public. But private info like emails, IP addr may be in the logs, no?

[–] ShadowAether@sh.itjust.works 2 points 1 year ago

Modlogs are public but the other ones are only available on the server. The servers can of course have their own logging too for connections, etc and cloud services would have access to that as well.

[–] nan@lemmy.blahaj.zone 1 points 1 year ago

Every server you connect to knows your IP address, good possibility some of the intermediate routers log it in their netflow traffic too. I’m not sure that alone is enough for a full privacy policy as it is a basic function of the internet.