In a way this does make me slightpy concerned about Lemmy servers, Reddit has a team of lawyers and tonnes of funds behind it to fight pointless demands like these
A lot of server owners won’t and will be much easier to coax into giving up information about it’s users
The thing is, chasing individual instances is a game of whack-a-mole, with a lot of downside and not a lot of upside. Established companies follow laws and regulations because they are easy targets, with local assets, offices, and public figures that are worth serving/seizing and can be compelled to comply to court orders. How TF you going to enforce a court order in a country that doesn’t recognize your jurisdiction or laws?
The other thing thing is, if you run an instance with moderation rules that skirt the law, you are incentivised not to log personal information and disseminate it because a) that makes you a target, and b) you’ll get called out by your own users for logging and leaking IPs, and people will just move to a different server.
It seems pretty obvious to me that you should assume at all times when you are online that you are basically in a public space, like in a public cafe: People can see you, even if the fact that they are not paying close attention to you creates the illusion of privacy. If you start doing something to stand out, people will start to pay attention to you, and it’s all visible to see unless you actively take precautions to hide your identity. That starts–but doesn’t end–with not browsing piracy on main.
Both IVPN and Mullvad have just removed port forwarding. I hear the options now are proton (which I hear may not have port forwarding on linux yet, but say they will) and AirVPN.