I’m a reddit transplant and I’m excited about what I’m seeing so far in Lemmy and the Fediverse, but my brain keeps bugging me with concerns:
Maintainability and Scalability - There are a ton of instances now. Lemmy had made it easy to spin up and host your own instance. In some cases, this means people with little/no infrastructure experience are spinning things up and are unprepared for scalability challenges and costs. This post by the maintainer of a kbin instance highlighted this challenge quite well ( https://lemmy.one/post/302078 ). How do we know if an instance is properly maintained, backed up, and is able to scale? Or should we just be prepared to start over on another instance if ours fails?
Monetization - The above cost challenges bring up monetization issues. What mechanisms will instance maintainers have to help with maintenance/hosting costs? As the Fediverse grows, how do we prevent against ads and coordinated upvoting from taking over and pushing ad content?
Legal/Privacy - Privacy regulations are becoming a mine field… GDPR, CCPA, and other privacy frameworks are making it tougher to handle privacy properly. Is there a coordinated Lemmy legal defense or are instance maintainers on their own? How would you even approach a GDPR user delete request across the fediverse?
As with all things non-corporate, you determine if the instance you want to use is run by a reliable person by uh, vetting the person. This is absolutely impractical and absolutely not something you can ask an average person to do in order to post cat memes on the internet, so long-term the right call would probably be to move the “big instances” into a foundation/corporation model (think OSI or Apache or Gnome or…) to provide proper shared ownership of resources, continuity planning, and better handling and monitoring of donated funds as well as better opportunities for outside funding - it’s actively easier to get funding or support for actual foundations/non-profits than some dude running a thing in his basement.
You then have a very public entity that’s much simpler for any random person to decide if they’re reasonable - the fact they exist AT ALL is a huge indicator of legitimacy because the work required to even get that far is not entirely trivial.
Monetization is… problematic. It’s probably going to HAVE to be donation-based because I don’t think ads or data mining or segues to our sponsor are acceptable on federated platforms and won’t result in you getting anything but tossed out.
I’d also say that there are fundraising options for larger instances that offer valuable communities: you can get a LOT of donations out of corporate America (this is US-centric, of course) if you’re a registered non-profit they can donate a tax write-offable donation to, and something like a Lemmy instance is just a rounding error in donations, if you can get in the door.
I’m also not a lawyer, but have worked with lawyers on a GDPR compliant policy, and boy, is it an absolute mess. The larger instances are absolutely going to have to comply, and there absolutely has to be a way to export and delete your data, and federation is absolutely going to run into the data processor vs data controller dual-responsibility pile and it’s absolutely going to be a mess… maybe, at some point, or not. For the MOST part, it’s a policy where as long as you’re being reasonably compliant and nobody is complaining or suing you, it’s not quite as horrifying as it is on paper.
The deletion stuff absolutely needs to be done sooner rather than later, and there needs to be a way to export all the data an instance has on a given user, but those two things will probably cover the worst risks any particular instance has.