No instance is privacy friendly, literally all activity here is public by definition.
this post was submitted on 02 Mar 2025
20 points (88.5% liked)
Privacy
34476 readers
602 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
And to further clarify, even DMs aren't technically private, they're just hidden.
Supporting this, Lemmy encourages people not to use DMs and wants people to add Matrix user details to their profile instead.
They do it the right way.
A DM is literally just like @ing someone on Mastodon and setting the visibility to that user only. It's just unlisted. If you were the instance admin or otherwise knew the ID of the DM, you can find it.
I guess you didn’t get satisfactory answers from your first post, but you still haven’t clarified what you actually mean by your question. All Lemmy servers run Lemmy, so in some senses of the term, they’re all roughly equally private, which is to say not very, because all posts & comments are publicly scrapable, except for private messages.
A community of privacy and FOSS enthusiasts, run by Lemmy’s developers
I want to make sure that I don't get doxxed at any cost.
- Don’t give your email address, or use a throwaway one when you join.
- Pick a username that’s unrelated to any others you’ve used.
- Use a VPN.
- Don’t reveal personal details in posts & comments.
Not all lemmy ibstances allow vpn. Some block it.
This just boils down to basic opsec. Be careful what you post/comment, continue to use a generic username, stuff like that.
in addition to what others have said, also have your browser fingerprint as fairly generic, and what is unique should ideally be randomised upon each start of your browser. There's nothing stopping a Lemmy instance from running clientside code that gathers your browser fingerprint, and if they are well-resourced enough to have access to fingerprint data from other sites, they could correlate it to de-anonymise you.
Not a likely scenario but still possible. If one is serious about not getting “doxxed at any cost,” consider Mullvad browser.
Just follow the basic social media rules and you'll be fine. Also don't trust anything that is clickable unless you hover over the link/copy it to some text editor.
Brother the protocol is called activity pub(lic)
Look for an instance with these qualities:
- Does not use Cloudflare or any other large content delivery network. Instances that use thse allow the CDN to monitor everything your read and write on Lemmy, which can reveal a lot about you even if you haven't used your real name. Cloudflare can then correlate that information with your other browsing habits, and possibly your real identity, because they operate as a middleman for a huge number of popular web sites.
- Maintains a sizable local image cache. Images served from other instances instead of your local one can be abused by remote parties to track what is viewed on Lemmy with your IP address (and sometimes your browser signature). Alternatively, you could block off-site images using a browser extension, but that would mean not getting to see as many pictures.
Lemmy.today is a very neutral instance
Umm