Should i repost this to any other /c/'s meant for this kind of things ?
EDIT: In case anyone don’t understand what this is it is an issue raised by someone on lemmy git that when an account is deleted or banned it should also delete the data the data posted by the user. And one of the main dev nutomic is blowing it of like it won’t affect me and maltfield is remainding him that it is illegal under the EU law and it also affects lemmy and moreover it is not ethical or moral . And i thought that was what lemmy was built on privacy, ethics and morals now i am dissapointed.
EDIT : For everyone saying there is no way i am not really ap roggrammer or anything but couldn’t this work :
They could just roll it out on a new version and i think most instances won’t mod it to remove that maybe some oddball ones will but not most. I know saved copies will be there but who cares no one is saving my 1000 comments but that is not the case with this .
It is copy pasted from one of my replies.
EDIT: Also it is not my intention to point finger to lemmy devs and i can differentiate their political stance and their work my only intention was to see that if this post gained enough traction they will reply or fix the issue.
EDIT : Relevant comment from @[email protected] about what if other instance don’t delete your data.
So maybe those instances are breaking the law, but Lemmy by default should comply. You could say the exact same thing about any social media - scrapers can and do archive everything they can - but that doesn’t absolve the original platforms (e.g. Twitter) from having to follow the law.
EDIT : As just a person i can’t do anything about it but i am certain if everybody pitch in the lemmy devs will listen and even though everyone seems to hate lemmy devs political stance i can differentiate with politics and their work and i find @[email protected] to be very responsive so i am gonna mention him and see what he thinks about it instead of trashing lemmy devs on speculation (i don’t know nutomic’s id) even though i don’t agree wuth nutomic’s response in this case i don’t share the views of many people in the comments and don’t associate this post with them.
EDIT : I just want an option to purge my data when deleting an account that you can enable or disable.
EDIT:Ok i just woke up and am catching up with some of these replies and i wanna say i don’t share any of their views nor am i affliated with them i never wanted to trash on the dev and that is one of the main reason i posted this on casual conversation i didn’t think this would get this uncasual . All i wanted to so was draw attention to this problem so devs will act on it faster but since then i have learned lemmy politics does’nt work like that and as i am not the mod or anyththing i can’t do anything about some of the comments except make it clear i have no affliations with them. Just keep it casual people. I too want these changes but maybe geemtting on the nerve if devs isn’t the best way to achieve it.
Something @[email protected] chimed in .Your comments can be public, but your data is yours. That’s the whole point of GDPR. Think of an art gallery. The gallery does not own the art a lot of the time, they simply show it. The art is owned by the artist. If they want to take it down they can. The same thing applies here. Your data, you get to choose what happens to it in the eyes of the law.
EDIT:
I accidently left this part out so uploading it.
But him blowing it off like that was spezy we should be better than reddit and let users delete their data if they want to .
Removed by mod
This doesn’t give the home instance a get out of jail free card for also failing to comply.
This is pure whataboutism.
Removed by mod
The fact you bring up scraping at all indicates you have no idea what this is about.
Data privacy and protection isn’t about that.
“Some third party could just…” is indeed trying to whataboutism it, it’s completely irrelevant.
Other instance owners are completely irrelevant.
You’ll need to wrap your head around the fact that legally lemmy has to support the takedown request per instance, not federation wide.
If I truly wanted my data gone I’d have to make the request to each individual server. That’s fine.
Data privacy and protection compliance means that I can request specifically server A take down my data, and still be fine with server B retaining a copy.
If I wanted both to drop the data, I’d have to request it from both individually.
Scrapers aren’t involved here.
The protection isn’t about “oh no people on the internet can see my posts”
It’s more about “oh man it came to light Server B’s owner is selling people’s data and I don’t want my data included in that”
This is a legal requirement, id recommend lemmy instance owners check in with their local lawyers about this, because a lack of compliance could get individual instance owners in hot water, and if multiple large instance owners realize this, it should put more pressure on the debs to fix that shit.
Removed by mod
Agreed
They could just roll it out on a new version and i think most instances won’t mod it to remove that maybe some oddball ones will but not most. I know saved copies will be there but who cares no one is saving my 1000 comments but that is not the case with this .
It’s not an issue until it’s an issue. Someone will need to attempt to exercise their GDPR rights to get a change made. As others have said, it’s not so black and white as removing posts from something like Spezddit or Shitter, so the EU may need to weigh in if/when it becomes a legal issue.
Removed by mod
I get that but why do you think any of the instance admin do that ? It is aldready very costly for then to host an instance unless they are selling our data i don’t see the need to and in that case there’s nothing we can do about it.
Removed by mod
It’s not possible.
By design, everything you posted is shared to hundreds of other servers, all of which are capable of doing anything they want with it. I can guarantee you that there are several that are archiving anything and everything that gets federated to them and will not remove that content when the original server does.
So maybe those instances are breaking the law, but Lemmy by default should comply. You could say the exact same thing about any social media - scrapers can and do archive everything they can - but that doesn’t absolve the original platforms (e.g. Twitter) from having to follow the law.
But they’re not.
According to the actual GDPR website, data tied to a pseudonym is only sometimes personal information if it’s easy to tie it to a real identity. Lemmy posts don’t qualify.
Pseudonymisation means something different from what you think in the context of the GDPR. Usernames are not pseudonyms, they are personal data (see art 4/1. “online identifiers”). Pseudonyms are something the processor introduces to disassociate data from the username like an user database ID.
And pseudonymisation is only a method introduced to further protect data, you still need a reason to keep it. If you have no legitimate basis to keep that data, and the data subject requests a deletion, pseudonymous data also needs to be deleted.
Also, legal practice has confirmed that social media posts absolutely do qualify as personal data.
But some people do use pseudonyms that are easy to tie to their real identity. Or sometimes, just their name. (I haven’t encountered it on Lemmy but there’s absolutely nothing to stop it from happening)