One would hope that a protocol designed in 2018 would have more security than email.

> How is that different from email?

Expectations have evolved just a bit since 1982. We've learned things. Competent protocol designers don't ignore decades of improvement in the state of the art.

Also, and/or as part of that--

1. Email was expected to be mostly business email, and the operator of the instance was expected to be the business involved... meaning they were fairly likely to "own" the content anyway. Insofar as people were thinking about personal email, the expectation was that, in the long term, you'd be running your own server. Which you should still be doing.

2. Even if that broke down, you at least expected that the person you were sending mail to had some much closer relationship with their server operator than you usually do with a social media operator. Or with GMail.

3. Users were much more sophisticated and could reasonably be expected to understand the risks.

4. Nobody actually expected there to be all that much "embarrassing" content that people wanted to keep private.

5. Cryptography was far less widely understood, and most people thought it was legally risky to use it because of export controls and various government threats.

6. Nobody was offering a security setting and then failing to deliver on the obvious expectation it created.

> It would be a scandal if a popular mail server implementation allowed any account on the server to read private emails.

Indeed. And what Pixelfed is doing is also bad. That doesn't change the fact that the protocol is a bad design... unforgiveably bad any time after about 2000.