Since lemmy instance can be deployed and federated by anyone it’s fair to assume that some bad actors are already doing it. With some scripting or machine learning you could determine user habits and subscribed feeds. Based on other posts the subscription information (activitypub) have also upvotes and downvotes which could be used to gauge one sentiment/political affiliations. I think the only way to circumvent this is to have disposable accounts maybe with some script to to rest scribe to topics of interest every time you have new account. Then don’t use moderator account for anything other than moderating specific sub.

There was a sticky post few days ago that this is known bug and it’s been worked on.

To maintain privacy using Strava

1. Check and adjust privacy settings.
2. Use a pseudonym instead of your real name.
3. Be cautious about sharing personal information in posts/comments/pictures.
4. Keep the app updated.
5. Start tracking your activities away from home location ideally in dense populated area

Article states that researchers tested accuracy was 37.5%. Still that’s high enough to have a habit of staring and stopping tracking activity further away from home location.

Why would someone who’s privacy aware enable location services at all?

Awesome to see this happening. The link shows 404 page for me. There are similar discussions in https://kbin.social/m/selfhost@lemmy.ml/t/10186/What-is-the-Right-Place-for-the-SelfHosted-Community