Privacy on Gemini ~gmund ------------------------------------------------------------------ I was randomly chatting with an AI Bot as part of my on-work training. I inquired about the "typical user groups of gemini protocol" and in turn it delivered me this: > Privacy advocates: Gemini's design, which emphasizes minimalism and limits features like tracking and scripting, appeals to individuals who prioritize online privacy and security. Though, is that true? Is using gemini really more private? I would dispute it. Yes, Gemini Protocol makes it impossible to track users based on cookies or similar tracking technologies. There are no scripts in Gemtext to communicate the user behaviour to some data hog advertisement company, etc. But also consider this: * When I read (or post) to a gemini capsule it will get my IP address. The operator of the capsule can find out who I am if they log the IP addresses. * When I read (or post) to a gemini capsule my internet provider (ISP) can track the activity. They can see which servers I am talking to. Based on my target capsules they can have a general idea about my interests. * My ISP already has my private data, ie. Bank account number (for Payments) & address (to deliver services). They can come knocking at my door at any moment. * The upper level provider of my ISP can also see both ends of the traffic. In some countries the upper level internet providers are state controlled and no ISP is allowed to bypass them. (I think anywhere with a democracy index below 6) * Yes, no one can see the exact content (considering Gemini is Encrypted by default) but they can know my interests, based on which capsule I am reading from. So we can sum up in my communication I have three sets of personal data: * My IP, which indirectly tells anyone who I am. * My interests, which allow for profiling me. * My address, (and bank account number) which allows anyone to come knock at my door. If I was to post to some "Evil-Social-Media-Platform"-Page called "Midnight Pub" instead of using a Gemini Capsule, my Internet provider would only know I am doing "something" on "Evil-Social-Media-Platform". They would not know what exactly. "Evil-Social-Media-Platform" would know what my IP address is, but would lack the information who I am. They could only find out by inquiring my ISP, which would need a Court decision. The moderator of the "Midnight Pub" page on "Evil-Social-Media-Platform" would interact with me and see my comments, but would not know who I am or what my IP address is. Am I mislead ? Yes, "Evil-Social-Media-Platform" would have two of my three sets of secrets. But those are now hidden from anyone else and it is quite difficult for "Evil-Social-Media-Platform" to get the third. So, if I use a pseudonym to post on social media, it has higher level of privacy than using a pseudonym on a gemini capsule. The same applies if I use a proxy or VPN or similar hiding technology instead of social media platform as an intermediary. The difference is, my ISP's Provider, which probably is a state actor, does now know I want to hide something and will want to watch my other behaviour. Whereas using social media in general is not suspicious, since anyone does it. PS: Yes, gemini is also about content without presentation. It is not about privacy only. I get that part. This question is only about the privacy claim by the AI bot.