In other words, can any user delete its data on its will and is there something that will remove its data from all the connected activitypub services? I believe this should actually be a basic feature and pretty much a requirement.
You must log in or register to comment.
Anything you post on the internet is public knowledge forever. End of discussion. Most people won’t care at all, in most cases almost nobody or perhaps even literally nobody will ever even see it, but the harder you try to hide it, the more the Streisand Effect will magnify it until eventually everyone knows about it.
Anyone telling you they’ll delete your data from the internet without clarifying that it is in fact impossible, is at worst deliberately lying to you usually for their own benefit, and at best making a promise they literally have zero ability to keep.
I would hope that Fediverse services will never lie to you and tell you your data is deleted, because it can’t be.
Is it actually possible to request deletion of something on someone else’s computer over the internet, and guarantee that its gone?
No, not at all. Any data that is federated out assume it’s impossible to delete. Sure you can delete stuff from the original server, but will the federated ones obey the request? Or even get the request in the first place?
Nothing you post on social media should have any expectation of privacy.
You are technically correct but the fact is that 99.9% of federated activities, including delete requests, are processed normally and in the expected way. That is not “impossible to delete” that is “will be deleted except in exceptional circumstances”.
Even if things get deleted we‘re still on the internet and everything is posted public and exposed to being scrapped the second you submit something. Your anonymity is your best friend here, I think.
So deleted everywhere except in the places you most wish it was deleted.
What happens with servers that are defederared. Is that one of the 0.01%?
Good question!
PieFed sends delete requests to every known server, including defederated ones. I’ve seen a ton of delete requests from Mastodon too, for accounts that don’t exist on PieFed so it looks like Mastodon does that too. No idea about other fedi platforms.
I’d be willing to bet there’s archiving going via software/servers that don’t obey deletion requests.
Anything federated is public information.
There’s definitely a bot with a user agent like “fedi big data” doing some scraping in my server logs, does anyone know who that is?
With how Lemmy handles deleted posts (and nuking access to the comments) I’m probably gonna make my own removeddit for Lemmy.
Well-behaved server software honors delete requests, but there are a bunch of ways for that to fail without anyone doing anything malicious:
- If your instance shuts down, there is no way for you to generate delete requests
- If a server admin has to restore a backup from before your request, the deleted data will be restored
- Immature or experimental software may not work as designed; Lemmy itself has a version number starting with 0
- Archiving services may keep snapshots of pages from fediverse servers; here’s your user page on lemmy.world on archive.org
- Fediverse servers often make content available by RSS, and RSS clients may store that content; there’s no way for them to receive a signal that it should be deleted
And then there’s malicious activity. It wouldn’t be hard to run a server that speaks ActivityPub, subscribes to a bunch of stuff, pretends to honor delete requests, and actually keeps everything.
Deletion will always be unreliable on the fediverse as long as it runs on technology that looks anything like current implementations.
It’s harder to delete things here than on non-federated services because everything you do here gets copied to lots of other servers, which are supposed to delete things when you do, but it’s impossible to guarantee that they always will (on purpose or by mistake).
I once deleted a comment here almost immediately after saving it, but then still got multiple upvotes for it. I found out that this was because one big instance hadn’t deleted it for whatever reason and its users had no idea that I’d meant to delete it.
Don’t think so. There is also nothing stopping an instance admin to patch Lemmy to ignore delete requests.
Unfortunately I think it must be assumed in this day and age that any content posted online publicly may be stored indefinitely, on any platform. Even if you delete it, there are bots scraping all your comments, and you won’t be able to delete from those databases. So I’m not sure how much utility this feature would have today.
Anything you post here is public as well as your activity through the modlog.
Treat it similarly to how you should treat posting on any social media service.
If you make a post, that is federated to all kinds of other instances. They might process your delete request, or they might just ignore it and keep old posts stored for as long as they want. It’s the same with if you make a post on Reddit, someone sends that thread’s URL to the Internet Archive, and now there’s a permanent record of your account there.
If you post publicly, expect it will be recorded by someone publicly viewing it, and it will not be guaranteed to be removed.
If your instance goes down, then you have no way of deleting your federated posts on your own. So the posts on my lemmynsfw alt will be up forever.
Basically, the right to be forgotten? Afaik, on Reddit you have scripts to erase all message and rewrite/redact them with nonsense.
I assume something similar may exist for Lemmy, Piefed, etc.
I believed we were better than Reddit… I truly believe this should be a BASIC feature. On Reddit you have to manually delete every single post, if you forget to do that basically your entire posts and comments history will be online forever…
I know there’s still internet archive ecc ecc ecc, but still I believe this should just be an activitypub feature, not something to be managed by single platforms.
Asking to delete data that you published on the public internet is the same as asking for water to be not wet.
Don’t fall for the illusion of privacy that the proprietary networks give you: there are people that copy data from reddit just for the fun of it. Always assume that anything you publish online is publicly available.
Why? It’s all public information. If a central authority COULD delete all your posts and erase your existence, that would be bad
It is a basic feature and it does work. Except in rare cases.
“it works when everyone behaves well” is not the same as being protected.
It doesn’t even take a malicious actor: I am working on a local-first browser extension that is very aggressive about caching content in the database. There is no “please delete this data” for an extension. You of all people should not be making claims about privacy that you know you can not guarantee.
Deleted comments seem to be saved forever so you can undelete them.
The only really important thing is the user account and it should never cave info about ip address or such that is connecting to it.
Yes, all data on your account can be deleted, by deleting your account.
Except what has been federated. There is no guarantee any server honors that request.
You mean publicly made comments? If if all servers honoured the delete request, there’s no guarantee that the comments are not saved somewhere else.
Data like IP, email etc. is deleted.
