this post was submitted on 06 Aug 2023
1444 points (99.0% liked)

Announcements

23319 readers
1 users here now

Official announcements from the Lemmy project. Subscribe to this community or add it to your RSS reader in order to be notified about new releases and important updates.

You can also find major news on join-lemmy.org

founded 5 years ago
MODERATORS
 

This is an opportunity for any users, server admins, or interested third parties to ask anything they'd like to @nutomic@lemmy.ml and I about Lemmy. This includes its development and future, as well as wider issues relevant to the social media landscape today.

Note: This will be the thread tmrw, so you can use this thread to ask and vote on questions beforehand.

Original Announcement thread

you are viewing a single comment's thread
view the rest of the comments
[–] derin@lemmy.beru.co 53 points 1 year ago* (last edited 1 year ago) (2 children)

As a person who oversaw the implementation of GDPR in a large software house (which wasn't EU specific, but had to in order to operate legally in the EU), the requirements were:

  1. Allow users to request data deletion or a copy of their data.
  2. If the former, delete all data of their data on the server, send it to them, and then (this was the important part) forward the data deletion request to every single partner we were working with.

For us, this was multiple ad companies. We had to e-mail each one, ask them about their GDPR implementation (most of them were somewhere between "we're thinking about it" and "we have an e-mail address you can send something automated to and we'll get to it sometime within the next month"), and then build an automated back-end system to either query their APIs for automated deletion, or craft/send e-mails for the more primitive companies.

As far as the data being deleted, it was anonymized IDs that were tied to their advertising IDs from their mobile phones. I used to try and argue that "no, it's anonymous" - but we also had some player data (these were games) associated with that, so we ended up just clearing house and deleting everything on request.

So, legally, this means every instance - in order to be GDPR compliant - would have to inform every instance it federates with that a user wants their data deleted. If you're not doing that, you're not fully compliant.

Kind of shitty, but that's how it went for me. (this was back when GDPR was first being released)

Edit: Also, the one month thing was relevant: you have 30 days to delete GDPR stuff after receiving a data clear request. I don't recall what the time was for a "see my data" request. Presumably, though, on Lemmy the latter is superfluous as all your data is already present on your profile page. An account export option would be enough to satisfy that.

[–] oce@jlai.lu 9 points 1 year ago (1 children)

There a different levels of personal data but a unique identifier for a user is one of them because it allows linking information together about a single person, and from there you can try to identify the real person. So an option would be to overwrite all the occurrences of this identifier with random data so you can't link data together anymore, as long as it's not also personal data.

[–] derin@lemmy.beru.co 4 points 1 year ago (1 children)

Sure, but you'd still have to delete all their written posts - which is really what all this is about.

[–] Atemu@lemmy.ml 5 points 1 year ago (1 children)

You actually would not. The content of the post can stay but the username/identifier has to be removed. Written text is not PII to my knowledge and every social platforms I've actively used only delete the identifier (Reddit, GitHub).

[–] Umbrias@beehaw.org 4 points 1 year ago (1 children)

Written content can contain pii, but it's rarer. Written content isn't, by default, pii, but if someone tells anything reasonably pii the entire text can be consisted pii even when anonymized.

[–] interolivary@beehaw.org 3 points 1 year ago

Yeah as someone who had to deal with GDPR in a professional capacity, it's probably better to just assume that content written by users contains PII since you really have no way of telling whether it does or doesn't.

Naturally you can just ignore that and leave the content as-is, but then you run the risk of some data protection authority ruining your day.

[–] danc4498@lemmy.world 3 points 1 year ago

So, I wonder if Lemmy instances would be responsible for the instances that federate with them. It's my understanding that the Lemmy instance doesn't send the user's data to other instances, rather it is just posted, and the other instances copy it onto their local instance.

It's almost like those reddit services that would show deleted content. A user can delete their profile on Reddit, but Reddit isn't required (that I know of) to go to these services and make sure the user's data is being wiped out.