I have been using Lemmy for 20 days, at first I opened an account at Lemmy.world because you can join without writing a text and waiting approval. I have been enjoying the experience overall but despite the admin teans best efforts Lemmy.world has been experiencing some serious performance issues. If you want to avoid that join a smaller instance, preferably hosted in your country. I joined discuss.tchncs.de today and everything is so much faster it has added benefit of being able to see beehaw.org posts too. It will improve not only your but all other Lemmy.world users experience too.
At the very least they would get access to your IP address (assuming you aren’t ok a VPN/proxy) and browsing habits. Whether they take the steps to log those in a usable format and do something with it? I wouldn’t say the risk is much different on an instance with 1000 users vs 100.
My main concern would be instance longevity.
A public IP address is (by definition) public. If you’re behind CG-NAT you don’t get your own public IP and if you have a public IP but not a static one then restarting your router will change it. I don’t think there are many cases where an instance knowing your public IP is an issue. Lemmy instances hotlink media from other instances so many different instances get your IP just from browsing Lemmy.
This is a different conversation but if your account is meaningful then this should be a real concern. A month ago there were about 80 instances, now there are nearly 1000. How many of those will still exist in a year?
I am aware of how a public facing IP address works, and how little information it does give, by itself. It is still a privacy concern, and can be used in conjunction with other data to launch social engineering attacks or to help narrow down other data.
Possibly, but you don’t have to be an admin of the instance the user is on to get their IP if thats what you’re trying to do.