I think that fundamentally misses the point. No one is using a social network for "data security", the whole value add of twitter (and by extension mastodon) is the public nature.
The value add of something like mastodon is you get to choose your instance owner (and it could be yourself) which means choosing your moderation scheme. As well as offering a more transparent social experience (ie no algorithmically generated timelines to push adds or "engagement").
Comparing Mastodon to a php CMS seems like an apples to oranges comparison in every sense.
I get that. I haven't fully read the in and outs of Mastadon but from a glance, it reminds me of Wordpress with Pingbacks. Or quite simply RSS feeds, where user you follow is essentially subscribing to their feeds.
But all that aside, at the end of the day, if you "are" a user in one of the instances, you are still at the mercy of the owner's technical skills to make sure your data is safe.
If the owner one day decides he can't afford to pay his bills, or gets hacked and wipes out data, what would happen to all your posts? I believe it'd just disappear, but please do correct me if I'm wrong.
There is a lot of overlap with RSS and Pingbacks, indeed.
Mastodon today provides a tool to get data backups of your account's own data, at least, so in the case of a lost instance there may be some options.
Plus, as with blogs there is the option to be your own instance owner on a custom domain you control. So the assumed risk level can vary to what you are comfortable with.
The value add of something like mastodon is you get to choose your instance owner (and it could be yourself) which means choosing your moderation scheme. As well as offering a more transparent social experience (ie no algorithmically generated timelines to push adds or "engagement").
Comparing Mastodon to a php CMS seems like an apples to oranges comparison in every sense.