TLDR: Treat everything you submit to this instance as public. Instance admins (we) will attempt to reduce data collection as much as practicable, and will maintain open access for anyone to view posts and comments on this instance.
The main goal we seek to address with our Lemmy instance is community resilience in the face of censorship or bad actors.
In support of this goal, we intend to make back-ups of the instance’s database available on a regular basis to a select few semi-trusted community members. (This is in addition to the already semi-trusted nature of the instance admin group itself, and in addition to the normal operation of the Lemmy application as a federated service which broadly shares a lot of information with other instances and the public.)
As a result, users of the instance should consider that all information they submit to the instance may immediately or later become public. This includes things such as IP address, upvotes, and browsing patterns.
Accordingly, we will seek to limit data collection as much as practicable.
Lack of Email Collection and Password Recovery
While the Lemmy software does not allow us to entirely disable the email field in the user sign up form, we will not require emails, will not be enabling any sending of emails from the instance, and will discourage users from providing their email during the sign up process. We may proactively purge any email data we do receive from time to time.
This does come with some downsides: primarily, you must be careful about holding onto your password, as you will not be able to reclaim your account if you lose it. In the case of a lost password, you may wish to create a new user account.
Password Re-use Recommendations
In general, you should not re-use passwords across multiple applications. In the case of this Lemmy instance, this applies doubly as multiple community members may have access to backups. Of course, the Lemmy app does apply industry standard bcrypt encryption to all stored passwords, so as long as your password is sufficiently long and complex, it is cryptographically difficult to extract it from the data. Regardless, as a matter of precaution, you should use a long and unique password.
Additional Implicitly-collected Data
While we will disable any additional data collection whenever we are aware of it and are able to conveniently do so, you should assume that some data will still be collected by us and by third parties, such as IP addresses and/or browsing patterns.
Some such data may be recorded to the instance’s database, and thus may be proactively shared as a part of backups, or even as a part of the regular operation of the Lemmy application. To understand what types of data the database contains, you may reference Lemmy’s source code.
Alternatively, some such data may be collected and retained in server logs, or by technology providers that help us host the service, such as Google Cloud Platform, Cloudflare, etc. While we do not intend to proactively share server log information to back-up recipients, due to the semi-trusted nature of the instance admin group and of technology providers, this data may still become accessible in ways which are difficult to predict. Users concerned with their IP address being revealed should use a VPN. (Also, people should use a VPN, period.)
Additionally, due to the federated nature of Lemmy, when you use our Lemmy instance, your browser may communicate with other Lemmy instances operated by third-parties. We encourage users to research and understand precisely how this communication may enable data collection by reading Lemmy documentation and the privacy policies of any third-party Lemmy instances with which they interact. However, at a minimum, we believe users should assume that third party instances can associate patterns of Lemmy browsing activity with their Lemmy account. We encourage users to exercise caution in voluntarily associating additional personal information with their Lemmy account.
Finally, hypothetically, web applications can facilitate the collection of user data by third-party tracking, analytics, and marketing technology services. We believe our Lemmy instance does not facilitate any such data collection. Nevertheless, as a matter of precaution, we recommend that users use tracking blocking solutions, such as uBlock Origin, first-party isolation, or others.
The primary focus and scope of our instance is subjects relating to GameStop, household investors participating in US stock markets, direct registration, holding the financial industry/Wall Street accountable, and/or related economic and financial topics. Although we do not intend to censor discussion, and will not enforce around any stance or viewpoint within this scope, we may prevent or remove communities with an out-of-scope topic from hosting themselves on our Lemmy instance. As a reminder, due to the federated nature of Lemmy, users (including those on our instance) may and do follow communities hosted on other instances. In the event of another instance hosting content that we determine may be illegal or harmful for us to display, we may disable its federation to our instance. Due to the federated nature of Lemmy, users who are unhappy with our instance’s federation policies may also register via other instances, including their own, and thereby interact with content from our instance as well as any third-party instances with fewer disruptions related to our federation policies.
On Lemmy, there are instance administrators and community moderators. Communities are analogous to subreddits on Reddit. Anyone can create a community on this instance. When a community is created, the creator is automatically made the head mod and can appoint other users as mods as needed. These communities can develop their own rules and moderation structure. Meanwhile, instance moderators can moderate any community on the instance, just like Reddit Administrators could moderate any subreddit.
The main differences as compared to Reddit are that:
- Moderator logs are public and transparent on Lemmy.
- Due to the federated nature of Lemmy, communities that feel unfairly limited by instance admins have the recourse of hosting their community on another Lemmy instance or even their own Lemmy instance.
- Due to the federated nature of Lemmy, users that feel unfairly limited by our instance’s federation policies can subscribe and contribute from another Lemmy instance or even their own Lemmy instance.
- Due to our planned efforts to share backups, the community will be more easily able to create a replacement instance in response to any overreach from the admins of this instance.
- Our instance admins believe that moderation is best delegated to the communities, and will not engage in moderation of content based on the viewpoints or ideas therein.
Areas where instance admins may engage in moderation will be limited to:
- Removal of content which we believe may be illegal in the US to host, store, or distribute
- Removal of content which violates copyright for which we receive legal takedown notice
- Removal of content pursuant to any legal/government/court order
- Removal of users who have required repeated content removal per the above
- Removal of users who attempt to overload some aspect of the instance through the quantity of some action (e.g. flooding the instance with communities, excess and repeated data uploads, etc.)
- Moderating a community for which they are also a community mod
We are new to operating Lemmy ourselves, so we may need to amend this list as we discover Lemmy’s features and limitations. Although we prioritize open discussion, these concessions are necessary to maintain a consistent server solution and avoid personal liability.
At this time, the admin instance team is not accepting monetary contributions. If we need to take contributions in the future, it will only be in response to operational costs which we will make transparently available to the community.
We are interested in tech contributions, though we still need to set up the processes for contributors. For example, we are considering accepting contributions via source-controlled devops scripting.
Thanks for reading.
Maintaining an available and open platform for free discussion is crucial.
- 2023-07-24: Fixed formatting issue