this post was submitted on 27 Jun 2023
186 points (100.0% liked)

Technology

37691 readers
321 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

cross-posted from: https://programming.dev/post/251752

It is important to note that although this may be a result of Reddit's UI not displaying the content users posted to now-private subreddits, it remains a problem. Additionally, I agree with the author's comments in the video description, as it appears strategically unrealistic for Reddit to ask that users manually delete the content themselves.

This is particularly true when considering that many automated methods to accomplish this task will be hindered by Reddit's upcoming API pricing changes. Furthermore, Reddit has demonstrated a recurring pattern of rolling back databases using historical backups, thereby disregarding user deletion requests that were submitted prior to the database rollback.

See similar discussion of this video on Hacker News:

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 10 points 1 year ago (1 children)

It can be, depending on whether PII was involved. Just being publicly published doesn't make it not be PII. It can be or not be. GDPR counts PII widely, since it also includes stuff that can be combined with other information to make for identifying the person.

Frankly this is one of those cases, where we need a court ruling to set precedent on what is counted in and what is counted out.

[–] [email protected] 0 points 1 year ago (1 children)

I find it hard to believe a court would decide that a post someone intentionally made to a public forum could be considered private information after the fact. But I suppose I'm not vary familiar with the wording of GDPR. It feels a bit like someone giving away business cards with a phone number, and being upset that people don't return them when you ask months later. Obviously it is scummy for reddit to not delete content when requested, but that doesn't seem to be the sort of thing the law is targeted towards

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago) (1 children)

intentionally made to a public forum could be considered private information after the fact

Well that's the thing. The criterion is Personally identifying information. Not private information.

Remember GDPR includes right to be forgotten. Person is allowed to change their mind. At one point they might have wanted and agreed for that information being readily publicly available. Then they have right to change their mind "Nope, don't want the information out still".

As I said. Just because it has been publicly published, doesn't remove the protection categorization GDPR offers.

It is just then PII you at the moment want to be publicly available. Ofcourse deleting anything completely of the net later is not possible, but the point is when informed of deletion order, that organization is not supposed to be part of the "this persons information is published, when they don't want it" problem anymore. Company can't control all of Internet, but they can control their own conduct and within that limit they must comply to privacy order. Even if it doesn't perfectly swipe the information from all of internet.

It is utterly different mentality and regime from "private/secret" or "public/its gone now" system. In this other system privacy is on going process and scale. It can move two ways instead of just unidirectionally. Person has right to ask and demand for what has been public to be made more private. As they also can choose to make private more public.

EU and its citizens have right to choose what principles they base their privacy laws on and they chose this different kind of regime. Other regions and countries are free to choose otherwise in their own jurisdiction (though EU does this super claim of "EU data subject involved, we claim jurisdiction")

[–] [email protected] 1 points 1 year ago

Thank you for the more thorough explanation, I'm from the US and not used to these kind of sweeping consumer protection laws lol. Does that mean Lemmy is also in violation? Does deleting a post on my home instance notify federated instances to delete it as well?