Title says it. Apparently lemmy devs are not concerned with such worldly matters as privacy, or respecting international privacy laws.
OP is simply incorrect.
I’m coding a Lemmy alternative right now and have been testing this functionality out extensively. Deletes of posts and comments certainly federate, I’ve seen the AP traffic to make it happen. Also, the docs: https://join-lemmy.org/docs/contributors/05-federation.html#delete-post-or-comment
I haven’t tested what happens when the ‘delete account’ button is clicked… Mastodon solves this by sending a ‘delete this user’ Activity to every fediverse instance so there’s nothing about ActivityPub that makes removing an account and all it’s posts in one go impossible.
edit: What I said above is correct if you or a moderator deletes individual pieces of content. However Lemmy does not federate account deletions. If you delete your account, all your posts and comments are deleted on your server only. Disappointing. PieFed will do better than this.
Effect of ActivityPub, not Lemmy. All federating systems function similarly, because it’s a feature of the protocol.
If instances want, they can ignore delete requests and your content stays in their cache forever (remember Pleroma nazis from couple of years ago?) - now, that is an instance problem that might be a GDPR issue, but good luck reporting it to anyone who cares. At best you can block and defederate, but that doesn’t mean your posts are removed.The fediverse has no privacy, it’s “public Internet”. Probably a good idea to treat it as such.
I don’t know where this myth came from, but you don’t have a right to erase your public posts from there internet under GDPR. See, for example, https://law.stackexchange.com/questions/32361/does-a-user-have-the-right-to-request-their-forum-posts-deleted
If anything, you might have such rights under copyright law, if your posts cover the threshold for copyright. In that case, you can ask server admins to delete them, and they will have to comply. But the request has to reach them (if they’re defederated, the delete button won’t teach them, and you’ll have to contact them separately).
there’s a delete button
Oh no, that’s not even the half of it. The admin for your instance has access to literally anything on their server, including passwords afaik. If you want privacy, this ain’t it chief.
including passwords afaik
Nobody has access to passwords. They have access to password hashes, which are not the same thing. It would be the absolute most half baked of solutions to still be saving passwords in cleartext.
deleted by creator
Which isn’t to say it doesn’t happen. I still occasionally get my password emailed back to me from small handbuilt websites. Which is part of why you should at the very least never use the same password twice.
Very bad indeed! This is the beginning of the end for lemmy.
Ps for those who don’t know, copying a deleted comment makes it appear in your pastbin
seems weird this expectation of privacy on public sites built for public consumption of public content posted by people publicly.
i mean, i get wanting to control your data. the software i use allows for this ( the 'bins offer a user-level purge).
but privacy? seems weird
That’s a pretty uncharitable interpretation, especially considering Lemmy is developed in and funded in part by the EU, and the “staying online forever” thing is a consequence of Federation (and one they’re working on remedying).
If you were worried about this sort of thing, perhaps you should have done your research about the platform before making an account so you could bitch about it here. You definitely don’t sound like the voice of reason when you couldn’t be arsed to figure this out before you made an account.
[This comment has been deleted by an automated system]
So you can’t make an account on this platform if you don’t agree with how it operates? By that logic no criticism of the platform by its users is possible, which is a great way to ensure it never gets better.
Edit: Let me make this clearer:
Saying in effect “yet you participate in lemmy” to dismiss the OP’s concerns is ridiculous. If this logic were taken to its endpoint, there would be no valid criticism of anything lemmy ever did.
Maybe that’s your goal, but I would rather not blindly defend lemmy because I like it. I’d rather make it better, and that starts with criticism.
I mean, yes?
If you do not agree to the terms of a service, do not use the service. This is the case for essentially every system ever. You can go complain about it on Reddit or something if you like.
Okay, since you clearly carefully read and completely agree and support eveything in the Lemmy TOS, please tell me where it says it will keep your comments forever.
deleted by creator
deleted by creator
I’m not saying that the terms can’t be more transparent, because they absolutely can be.
But if you have become aware of this practice and you continue to participate, you have de facto agreed to it. You can of course agree to the terms and continue to criticize them, but you don’t get to sign up for a soccer game and then claim that the rules against using your hands don’t actually apply to you. If you don’t want to face the consequences of how distributed services like this fundamentally work, don’t use them.
deleted by creator
This is a lot like spray painting a message on a public wall in a neighborhood and then complaining because the community won’t paint over it (or destroy photos they took of it) when you realize how dumb it was.
You’re writing on a public space for free with no business behind it. You’re not the customer in this scenario.
It’s been a problem for a while. Considering major social media companies have already gotten massive fines from the EU for violating the GDPR, maybe the lemmy devs will put more effort in setting up a deletion system once the EU sends them a fine for breaking the law?
The EU doesn’t have global jurisdiction, if an instance developer or admin has no EU presence then they could just ignore them.
Sure. Lemmy does have such a presence though.
“Lemmy” is a piece of software. A piece of software can’t violate the GDPR, it’s just a blob of data. You need to be running a server to do something that would break the GDPR. Those server-running admins are the ones that need to be concerned about their EU presence.
Maybe some of the people developing Lemmy are in that category and might get in trouble, but it will be because they’re running servers not because they’re developing Lemmy. If they get arrested or whatever it has no effect on Lemmy-the-software.
