Edit: obligatory explanation (thanks mods for squaring me away)…
What you see via the UI isn’t “all that exists”. Unlike Reddit, where everything is a black box, there are a lot more eyeballs who can see “under the hood”. Any instance admin, proper or rogue, gets a ton of information that users won’t normally see. The attached example demonstrates that while users will only see upvote/downvote tallies, admins can see who actually performed those actions.
Edit: To clarify, not just YOUR instance admin gets this info. This is ANY instance admin across the Fediverse.
Not everybody shares the same habits.
Here’s a scenario… Some admins are using data to build correlations between accounts. Linking main account to alternates. So far that I’ve seen the purpose has been to identify bot activity. A good thing.
The same analysis could also be used to build correlation between a main account that’s hard right leaning and an alt-account that may be sympathetic to left-leaning or progressive topics, such as LGBTQ+ rights. Not so much a good thing.
I think it’s fair to say that many people will not consider the fact that, literally, anybody in the world can have access to much of this data. It’s not limited to your two or three instance administrators.
I do not believe upvotes and down votes are enough information to reveal the identity of anyone. If this was truly such a risk, where has the concern for this been on Facebook, where you can see who leaves reactions by name. Or Discord where every account that clicks a reaction is available?
Here that info is not available to the public at large. On Facebook it’s available to anyone who sees a post. Why haven’t security voices been pressuring Facebook to not track social reactions if it’s so dangerous?
This is a feature of social media for the most part. What I write as posts and comments is available to everyone as is vastly more useful info for someone to collect.