Federated services have always had privacy issues but I expected Lemmy would have the fewest, but it’s visibly worse for privacy than even Reddit.

  • Deleted comments remain on the server but hidden to non-admins, the username remains visible
  • Deleted account usernames remain visible too
  • Anything remains visible on federated servers!
  • When you delete your account, media does not get deleted on any server
  • tiny_electron@beehaw.org
    link
    fedilink
    English
    arrow-up
    8
    ·
    1 year ago

    This is a big issue because in the EU you have the right to remove your data. It could make Lemmy illegal in the EU

    • philpo@feddit.de
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Yeah. GDPR §7 is very clear on that. And the removal must be facilitated by the original data collection point - so e.g. Beehaw is liable that all other servers delete the personal data if Beehaw willingly distributed the data there. (It gets more interesting because Data transfer from a EU to a non-EU server is also basically impossible and of course the initial server would need a data transfer agreement with all following nodes)