since this is coming up again, i feel it's important to stress the following facts about privacy on mastodon:
- DMs are stored in plaintext in the database
- yes, this means admins can access them
- it also means they will be accessible if your instance DB is leaked
- however: this is the same as the situation on any other mainstream social media site
- at the end of the day you should make sure you trust your admins
- ultimately: don't use mastodon for privacy-critical messages
@chr I guess my main message is: #mastodon (or any activitypub/fediverse service) is not especially bad at privacy. As a publication tool it is even pretty good at #privacy because your connection, search, and consultation data will only be stored by your instance.
It is indeed bad at properly securing your private communication, but hey! It was not meant for having private communications in the first place.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!