I’ve been using nextcloud bookmarks for a while now, and had a thought. You know how Nextcloud will automatically populate the title (and sometimes description) field of a bookmark? This feature is documented in the API too.
I assume that the way this works, is that when you submit a bookmark, the Nextcloud server will visit the link and get the title.
Why this is a problem:
Imagine that you are prolific bookmarker, like I am. Then as you browse the web and bookmark pages, your Nextcloud server will be revisiting all the links that you bookmarked, re-creating your browsing history but on the server side.
Now on your side you might be using a VPN, mixing up your browsing traffic with the traffic of hundreds of other users, making it impossible for surveillance (like ISPs, governments) to figure out which sites were visited by you and which sites were visited by other people using the VPN.
However, if you are hosting Nextcloud on some cloud server, or you just signed up on a website like OwnDrive, then your Nextcloud server might have a unique IP, and based on a couple of factors, ISPs and surveillance tech could figure out that all the websites visited by that IP are from a single person. There is a lot that can be pieced together from one person’s browsing history spanning weeks and months, including your real identity.
Is this a legitimate concern? Or am I perhaps misunderstanding something about the way Nextcloud bookmarks works