Federated services have always had privacy issues but I expected Lemmy would have the fewest, but it’s visibly worse for privacy than even Reddit.

  • Deleted comments remain on the server but hidden to non-admins, the username remains visible
  • Deleted account usernames remain visible too
  • Anything remains visible on federated servers!
  • When you delete your account, media does not get deleted on any server
  • ffmike@beehaw.org
    link
    fedilink
    English
    arrow-up
    1
    ·
    2 years ago

    In my opinion it’s unreasonable to think anything can truly be deleted in a federated system. Even if the official codebase is updated to do complete deletion & overwrite, it’s impossible to prevent some bad actor from federating in a fork that just ignores deletion requests.

    Seems sensible to just not post anything that you don’t want to be available for the lifetime of the internet.

    • yourgodlucifer@kbin.social
      link
      fedilink
      arrow-up
      1
      ·
      2 years ago

      I don’t expect my data to be fully deleted in a centralized system either. even if it was deleted from the central server someone might have made an archive of it

      and reddit is definitely guilty of this since they were bringing back peoples deleted comments and accounts

  • rubywingedflier@possumpat.io
    link
    fedilink
    English
    arrow-up
    0
    ·
    2 years ago

    I understand the impulse but the way some people get so hung up on trying to make a way to permanently and universally delete posts made on public facing social media and framing it as a “privacy” issue feels kinda like saying something you regret on mic at a town hall and being mad that you can’t permanently delete the memory of it from the minds of everyone present, and claiming that they violated your privacy by remembering it

    • mythmon@beehaw.org
      link
      fedilink
      English
      arrow-up
      0
      ·
      2 years ago

      it’s an interesting idea, but it doesn’t vibe with the reality of the laws in the EU which has “right to be forgotten” rules

      • wet_lettuce@beehaw.org
        link
        fedilink
        English
        arrow-up
        0
        ·
        2 years ago

        The “right to be forgotten” rules are, with all due respect to the EU regulators, pretty shortsighted.

        I think the initial “right to be forgotten” lawsuit that Google faced from that Spanish guy-- where he claimed bankruptcy years prior. People( potential lenders?) kept finding that information online through google searches. He sued to have Google remove those sites from the index. He won and the Spanish Judge told Google they had to remove those results from searches.

        But it didn’t change that the information was still on each site. Those sites, the ones that actually held the information didn’t get sued, just Google.

        It also opened the door for oppressive governments covering up human rights abuses or hide other information they dont want widely available.

        Google appealed and won: https://www.bbc.com/news/technology-49808208

        I also want to point out that this Spanish guy’s situation is very different from “posting publicly on social media”. He was getting written about by others and the courts eventually said “no, this can stand. This information should remain available”. So I imagine, public statements made by an individual certainly wouldn’t qualify to be forgotten.

        At the end of the day, to me, this is a technical decision not a privacy one.

  • lowleveldata@programming.dev
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    2 years ago

    It is reasonable that people should be able to delete their posts / comments. However I don’t see how is this related to “privacy”. How can something you post on a public forum be private?

      • __forward__@lemm.ee
        link
        fedilink
        English
        arrow-up
        0
        ·
        2 years ago

        Blockchains have the property of being append-only, so a blockchain is precisely what makes it impossible to delete transactions. That being said, in a distributed system, once the message leaves trusted servers, it is obviously also impossible to delete it.