this post was submitted on 24 Feb 2024
264 points (86.9% liked)

[Outdated, please look at pinned post] Casual Conversation

6599 readers
1 users here now

Share a story, ask a question, or start a conversation about (almost) anything you desire. Maybe you'll make some friends in the process.


RULES

Related discussion-focused communities

founded 1 year ago
MODERATORS
 

https://github.com/LemmyNet/lemmy/issues/4433

Should i repost this to any other /c/'s meant for this kind of things ?

EDIT: In case anyone don't understand what this is it is an issue raised by someone on lemmy git that when an account is deleted or banned it should also delete the data the data posted by the user. And one of the main dev nutomic is blowing it of like it won't affect me and maltfield is remainding him that it is illegal under the EU law and it also affects lemmy and moreover it is not ethical or moral . And i thought that was what lemmy was built on privacy, ethics and morals now i am dissapointed.

EDIT : For everyone saying there is no way i am not really ap roggrammer or anything but couldn't this work :

They could just roll it out on a new version and i think most instances won't mod it to remove that maybe some oddball ones will but not most. I know saved copies will be there but who cares no one is saving my 1000 comments but that is not the case with this .

It is copy pasted from one of my replies.

EDIT: Also it is not my intention to point finger to lemmy devs and i can differentiate their political stance and their work my only intention was to see that if this post gained enough traction they will reply or fix the issue.

EDIT : Relevant comment from @NeatNit@discuss.tchncs.de about what if other instance don't delete your data.

So maybe those instances are breaking the law, but Lemmy by default should comply. You could say the exact same thing about any social media - scrapers can and do archive everything they can - but that doesn’t absolve the original platforms (e.g. Twitter) from having to follow the law.

EDIT : As just a person i can't do anything about it but i am certain if everybody pitch in the lemmy devs will listen and even though everyone seems to hate lemmy devs political stance i can differentiate with politics and their work and i find @Dessalines@lemmy.ml to be very responsive so i am gonna mention him and see what he thinks about it instead of trashing lemmy devs on speculation (i don't know nutomic's id) even though i don't agree wuth nutomic's response in this case i don't share the views of many people in the comments and don't associate this post with them.

EDIT : I just want an option to purge my data when deleting an account that you can enable or disable.

EDIT:Ok i just woke up and am catching up with some of these replies and i wanna say i don't share any of their views nor am i affliated with them i never wanted to trash on the dev and that is one of the main reason i posted this on casual conversation i didn't think this would get this uncasual . All i wanted to so was draw attention to this problem so devs will act on it faster but since then i have learned lemmy politics does'nt work like that and as i am not the mod or anyththing i can't do anything about some of the comments except make it clear i have no affliations with them. Just keep it casual people. I too want these changes but maybe geemtting on the nerve if devs isn't the best way to achieve it.

Something @tyler@programming.dev chimed in .Your comments can be public, but your data is yours. That’s the whole point of GDPR. Think of an art gallery. The gallery does not own the art a lot of the time, they simply show it. The art is owned by the artist. If they want to take it down they can. The same thing applies here. Your data, you get to choose what happens to it in the eyes of the law.

EDIT:

I accidently left this part out so uploading it.

you are viewing a single comment's thread
view the rest of the comments
[–] dessalines@lemmy.ml 128 points 8 months ago (4 children)

I've been tagged here, so to answer some of the questions I saw below:

We already have a way to permanently delete / overwrite your comments when you delete your account. That's been done for a long time., and is easily visible in lemmy-UI when you go to delete your account.

We do federate that removal, but there's nothing that stops a malicious server from ignoring that request. Activitypub is ultimately like email; there is no unsend email button.

That ticket is more about image removals, which gets tricky. We recently added a table that makes sure to attach image uploads to the local user, and now what's needed is to build out an interface for handling those also, in addition to handling the removals properly. Issue for that is here.

Data privacy will always be an ongoing issue, and we have to handle new problems as they arise. That's nothing new for us.

The main issue in that ticket is that there are 2-4 of us devs working on software that is now used by over 40k ppl daily, and we're spread extremely thin. So my personal patience for people making demands, while refusing to do anything to help out themselves, is very thin. We are not a multi-million dollar corporation with hundreds of developers. If someone wants a feature that we don't have time to work on atm, they can help out by adding it.

I think maltfield is well-intentioned, but they've also shown no interest in helping out with any of these GDPR-related requests. We have no legal expertise about the GDPR, and lemmy is not european software, it's international software.

[–] THE_MASTERMIND@lemmy.today 4 points 8 months ago

Ok i just woke up and am catching up with some of these replies and i wanna say i don't share any of their views nor am i affliated with them i never wanted to trash on the dev and that is one of the main reason i posted this on casual conversation i didn't think this would get this uncasual . All i wanted to so was draw attention to this problem so devs will act on it faster but since then i have learned lemmy politics does'nt work like that and as i am not the mod or anyththing i can't do anything about some of the comments except make it clear i have no affliations with them. Just keep it casual people.

[–] THE_MASTERMIND@lemmy.today 1 points 8 months ago* (last edited 8 months ago)

I understand your frustation and i do appreciete the work you do and in no way am i demanding anything but the way that issue was handled kinda irked me and that is why i posted here so maybe that issue would get more attention and be handled more fast. But things escalated and people started to speculate and i didn't want it to get anymore uncasual (because of the sub) or weird so i thought i should mention you and you can provide the anwers we seek and thus end the speculation and it was turning a little uncasual for this sub .

[–] Maalus@lemmy.world -4 points 8 months ago (1 children)

If you have no expertise in european GDPR, then at least check the minimum. If you host EU users, you need to comply with it. If you can't or don't want to, you need to refuse them entry / access to the application. They cannot leave any data with you. And before you say "it doesn't apply to me I can do what I want" - no you can't, since in the US and many other countries you can still get fined for it.

If you don't have the resources, you need to throw a 451 response or some other general message blocking access to the EU.

[–] dessalines@lemmy.ml 32 points 8 months ago

If you're a lawyer then, you should advise ppl running servers, and also chime in on that thread.