this post was submitted on 25 Jul 2023
623 points (95.3% liked)

Ask Lemmy

26682 readers
3202 users here now

A Fediverse community for open-ended, thought provoking questions

Please don't post about US Politics.


Rules: (interactive)


1) Be nice and; have funDoxxing, trolling, sealioning, racism, and toxicity are not welcomed in AskLemmy. Remember what your mother said: if you can't say something nice, don't say anything at all. In addition, the site-wide Lemmy.world terms of service also apply here. Please familiarize yourself with them


2) All posts must end with a '?'This is sort of like Jeopardy. Please phrase all post titles in the form of a proper question ending with ?


3) No spamPlease do not flood the community with nonsense. Actual suspected spammers will be banned on site. No astroturfing.


4) NSFW is okay, within reasonJust remember to tag posts with either a content warning or a [NSFW] tag. Overtly sexual posts are not allowed, please direct them to either !asklemmyafterdark@lemmy.world or !asklemmynsfw@lemmynsfw.com. NSFW comments should be restricted to posts tagged [NSFW].


5) This is not a support community.
It is not a place for 'how do I?', type questions. If you have any questions regarding the site itself or would like to report a community, please direct them to Lemmy.world Support or email info@lemmy.world. For other questions check our partnered communities list, or use the search function.


Reminder: The terms of service apply here too.

Partnered Communities:

Tech Support

No Stupid Questions

You Should Know

Reddit

Jokes

Ask Ouija


Logo design credit goes to: tubbadu


founded 1 year ago
MODERATORS
 

Was there even a mass exodus? I largely avoid Reddit now, but I do kind of doubt that they've been hurt in any meaningful way by all the protests and people leaving...

you are viewing a single comment's thread
view the rest of the comments
[–] Blaze@sopuli.xyz 2 points 1 year ago (2 children)

I'm never to sure about GDPR. The spirit of the law is that any identifiable information has to indeed be removed.

However, does a Lemmy username really fit that definition? If John Doe has all of his Lemmy content under CoolNick89, I'm not sure GDPR applies.

Emails, especially if they contain first and last name, are a different story, but those would only be known by the host instance.

[–] King@lemm.ee 2 points 1 year ago* (last edited 1 year ago) (1 children)

The law specifically names "online identifier".

The data subjects are identifiable if they can be directly or indirectly identified, especially by reference to an identifier such as a name, an identification number, location data, an online identifier or one of several special characteristics, which expresses the physical, physiological, genetic, mental, commercial, cultural or social identity of these natural persons. In practice, these also include all data which are or can be assigned to a person in any kind of way. For example, the telephone, credit card or personnel number of a person, account data, number plate, appearance, customer number or address are all personal data.

https://gdpr-info.eu/issues/personal-data/

[–] Blaze@sopuli.xyz 0 points 1 year ago (1 children)

Thanks for the definition, and that brings us to the next question: I know your identifier, King@lemm.ee. However, does that make you identifiable by me, even indirectly? I have no way to identify you using that information.

I always think that they meant online identifier such as jdoe@company.com, where the identifier indeed directly allows to identify the person.

[–] King@lemm.ee 0 points 1 year ago (1 children)

The CCPA (USA version) and GDPR (EU) both specify Personal Data, not Personally Identifiable Information. So the contents of my posts are my personal data, even if my username doesn't identify to a real person. If I want my personal data removed from Lemmy, the GDPR allows for me to request it to be deleted.

Lemmy is still in the early stages. I'm not asking for changes to be made right away, or even this year. But I do feel that my personal data should be under my control. Lemmy should be programmed to federate out the the deletion of all my personal data, if I make such a request.

Where the controller has made the personal data public and is obliged pursuant to paragraph 1 to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data

(*) Note the CCPA has a ton of exceptions, and only really applies to the larger social media sites.

[–] Blaze@sopuli.xyz 0 points 1 year ago (1 children)

Interesting. To be honest, I could see such a feature coming down the line, in a few months let's say.

However, the question that it bring is, what to do with archive.is or wayback machine? Are those also non-compliant for archiving the pages every so often?

[–] King@lemm.ee 0 points 1 year ago (1 children)

Archive.org (wayback machine) has a request page for removal. I don't have any knowledge of how they do it.

https://help.archive.org/help/how-do-i-request-to-remove-something-from-archive-org/

[–] Blaze@sopuli.xyz 1 points 1 year ago

So in this case, it's the requester's responsibility to file request for every page they want to remove, I guess?