I don’t disagree on those points, but I think it’s the nature of Lemmy being decentralized that makes all those things necessary.
server should discard voting info after a brief interval for abuse detection
What if the server has not federated out the votes yet? Some of that stuff can get backed up in a queue. There’s definitely a possibility that votes could get “lost” on the way. Hell, that already happens, and that’s with a system that tracks them.
Servers have to keep a lot of this info to pass to other servers. If I upvote something on Lemmy.blahaj.zone, it doesn’t mean that upvote has been federated outward to hundreds of other servers yet. I would assume this is part of how Lemmy is able to keep things “organized” between all servers.
In other words, a lot of the privacy complaints come from technical limitations of how Lemmy works. Lemmy, by it’s decentralized nature, has to transfer tons of data back and forth between all Lemmy instances.
However, there are technologies that are trying to work around this kind of technical limitation. You might be interested in something like Veilid. I’m not sure about the details of putting together a Veilid-based social-network, but I’m willing to believe it’s possible.