@smileyhead
> But noone figured out how to prevent that in federated systems
You've basically got a choice been a centralised service where metadata can be limited but E2EE is mostly pointless (you have to trust the service operators' E2EE deployment), or a decentralised network where E2EE is reliable, but it's harder to limit metadata.
Which one is best depends on the situation/ threat model.