This, by Moxie Marlinspike (of Signal fame) is a cogent argument that open, decentralized systems will not be as secure as centralized platforms. Excerpt:
One potential benefit of federation is the ability to choose what provider gets access to your meta-data. However, as someone who self-hosts my email, that has never felt particularly relevant, given that every email I send or receive seems to have gmail on the other end of it anyway. Federated services always seem to coalesce around a provider that the bulk of people use, with a long tail of small scattered self-hosting across the internet. That makes sense, because running a reliable service isn't easy, but it's an outcome that is sadly the worst of both worlds.
If anything, protecting meta-data is going to require innovation in new protocols and software. Those changes are only likely to be possible in centralized environments with more control, rather than less. Just as making the changes to consistently deploy end to end encryption in federated protocols like email has proved difficult, we're more likely to see the emergence of enhanced metadata protection in centralized environments with greater control.