I think it would be good to have some kind of a concept of “trust levels” between federated instances where the default level isn’t full trust. Then the amount of information that gets shared depends on the trust level.
Things these days should be designed with the fact that there’s bad actors out there, some driven purely by greed, some driven to specifically cause problems either for individuals (trolls) or society in general (troll farms). And it isn’t always clear who is who.