733
PSA: You can't delete photos uploaded to Lemmy. So don't (accidentally) upload a nude
(tech.michaelaltfield.net)
This is a most excellent place for technology news and articles.
Isn't this in violation of the gdpr?
If that were the case, wouldn't the entire Fediverse be against it? Since they can't really be deleted because it gets sent everywhere.
Yes and no.
let's say I have a website that hosts user generated content like a forum or something. Some other person just hosts a mirror of my website that is not under my control. If some user requests me to delete his data, I can do that. i cannot delete the data from the mirror site.
Nothing else is happening in the fediverse. The only difference is, that in the fediverse the license and technology is set up to encourage mirroring content.
While being compliant with GDPR depends on the instance that pulls your data (which is the premise), the Fediverse isn't in any way close to being private if you can't delete your own data everywhere.
"Traditional" social media is not meant to be private, what you post always has been public knowledge, and stays that way.
There are certainly advantages and drawback to this open approach. So use a chat app if you want private social media, like signal story.
While I don't disagree with what you say, it's always safe to assume that once something had been online, anybody can copy/screenshot the content.
Things you post publicly online just aren't private
I suspect it is the case.
The issue doesn't seem to be the Fediverse itself, rather the fact that images uploaded to Lemmy are handled in a separate program that isn't linked to it in a way you can delete from by just deleting posts. The images aren't marked as owned by you, so can't be deleted again. You'd need some way of storing those image deletion tokens against your account, so you can manage them yourself and be able to delete them again.
And this would have to include images that you uploaded and didn't make a post about. As far as I can tell they're just left there on the server forever. Not even sure if it tells you which user uploaded it, although it might log by IP address. I haven't looked too deeply into the code but there's potential for abuse there.