this post was submitted on 19 Jun 2023
157 points (100.0% liked)

Technology

37738 readers
489 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

Federated services have always had privacy issues but I expected Lemmy would have the fewest, but it's visibly worse for privacy than even Reddit.

  • Deleted comments remain on the server but hidden to non-admins, the username remains visible
  • Deleted account usernames remain visible too
  • Anything remains visible on federated servers!
  • When you delete your account, media does not get deleted on any server
you are viewing a single comment's thread
view the rest of the comments
[–] lowleveldata@programming.dev 47 points 1 year ago* (last edited 1 year ago) (5 children)

It is reasonable that people should be able to delete their posts / comments. However I don't see how is this related to "privacy". How can something you post on a public forum be private?

[–] Lols@lemm.ee 18 points 1 year ago (1 children)

its the principle behind the 'right to be forgotten'

if you posted something to a public forum and changed your mind, deciding it shouldnt be public after all, you should have that option

[–] Lionir@beehaw.org 9 points 1 year ago* (last edited 1 year ago)

While this makes sense for corporations - it doesn't really make sense on the internet. People will archive, take screenshots, etc. Anything that is public on the internet will likely stay on someone's computer for years no matter how much we try to delete things.

It is kind of naive to think that the right to be forgotten will be respected by anyone other than the service provider.

[–] rstein@discuss.tchncs.de 17 points 1 year ago (1 children)

You can’t delete a mail you sent me, nor put your hand written letter to me in the bin. I can keep both and I can keep your name and addresses in my little black book. So there isn’t even that level of privacy in the real old fashioned communication.

And communication over the Internet was always the subject of storage. Your mail may be on the backup tape of a mail server. Your usenet posting is on archive.

So the assumption that the fediverse can forget….

[–] GiantBasil@beehaw.org 12 points 1 year ago* (last edited 1 year ago)

There's long dead people's very private letters and diaries in museum's and public archives. Really available on the internet now. So that's not even a failing of the internet, if you write something people find interesting, they'll find a way to preserve it.

I'm not sure how they think the fesiverse will be the one to solve that.

[–] CrateDane@feddit.dk 11 points 1 year ago (1 children)

That is generally true, with exceptions like leaking someone else's private information.

But it implicates the adjacent "right to be forgotten" rather than narrowly defined "privacy". This could be a real legal issue in the EU.

[–] hoshikarakitaridia@lemmy.fmhy.ml 12 points 1 year ago (2 children)

It is. GDPR in the EU dictates that every user which requests their information has to get it in 30 days, and every user who removes their information has to be able to get it removed (I think the time span for that is even shorter, so more pressure for the server admins)

[–] Umbrias@beehaw.org 5 points 1 year ago

It almost definitely isn't and that's clear looking into GDPR at all.

The right to be forgotten is not all powerful, and the lemmy instance your data originates on has an obligation to delete your data, that is true. However other servers may or may not have any of that obligation for a variety of reasons.

Now if you go to those other servers and make the request to have your information deleted, they may have an obligation to depending on whether that data is seen as currently usable.

The right to be forgotten is far weaker than you think it is, especially on public forums, under GDPR.

[–] retronautickz@beehaw.org 4 points 1 year ago

The problem here is that your data is not only recopilated by your server and accessible to your server admins, the servers of the communities/magazines or people you interact with also recopilate any activity you have in relation to any community/magazine or user hosted in their server.

So, while the admin of your server has the obligation of deleting your data if you ask for it, the other servers admins don't necessarily have that obligation.

Also, I'm reading the GDPR and the "right to be forgotten" that many are quoting seems to refer to personal information only.

[–] fidodo@beehaw.org 9 points 1 year ago* (last edited 1 year ago) (1 children)

I'm also not sure how it's enforceable in a distributed system.

[–] __forward__@lemm.ee 8 points 1 year ago (2 children)

Blockchains have the property of being append-only, so a blockchain is precisely what makes it impossible to delete transactions. That being said, in a distributed system, once the message leaves trusted servers, it is obviously also impossible to delete it.

[–] Zetaphor@zemmy.cc 5 points 1 year ago

Nothing about how lemmy or the fediverse platforms work has anything to do with blockchains. Don't conflate "decentralization" to include blockchain. Torrents are also decentralized and have nothing to do with blockchains.

[–] Umbrias@beehaw.org 3 points 1 year ago (1 children)

Why are you bringing up blockchain?

[–] __forward__@lemm.ee 3 points 1 year ago

Lovely, the parent comment mentioned blockchain but was since edited... Trust me I would not have brought it up otherwise.

[–] Rinox@feddit.it 6 points 1 year ago* (last edited 1 year ago)

Probably in the sense that if it's not me that posted it, then I don't have any way of truly remove it (which I think is against the EU's laws).

What I can think of right off the top of my head is revenge porn and doxxing. Furthermore there's also the right to be forgotten.