I can understand using tor on random websites, since you can’t tell which is tracking you.
With the fediverse you don’t need any PII, only email which you can get by pretty easily. you probably give up your ip, which doesn’t mean much when it comes down to it. However I’m no web expert, so tell me what I should know.
I’d treat it like any other clearnet site. Lemmy doesn’t go out of its way to log your info (the admins certainly aren’t interested in that), but it still runs on an nginx server and is subject to whatever that entails.
I follow Eugen’s advice from mastodon: fedi apps are not inherently privacy-centric or encrypted, so it’s unwise to treat them as though they are. Since posts are public it’s very easy for outsiders to scrape data.
I guess that makes sense, but at least I want that I’m the one controlling what I show on my account, not giving up extra unnecessary PII