Lemmy, privacy and potential GDPR violations
Lemmy, privacy and potential GDPR violations
Been just linked to this post, that claims that on Lenny:
- Messages are never deleted, only hidden, a GDPR violation
- Deleted usernames are also not deleted, only hidden, same thing
- Stuff remains on federated servers even if you delete it
- There's no way to delete yourself from the network if you choose to do so
Gut feeling says none of this is true or is only half truths, but want to be sure before i invest myself heavily on this platform.
You're viewing a single thread.
For the third and fourth points, I think the comparison to email is apt here. If you do a GDPR data request/removal service on your email provider, it's unreasonable to expect that they chase down all the people you've sent emails to and ask them to delete them.
As far as I know, Lemmy doesn't send any data to other instances unless you explicitly request them to (by either subscribing to a community or sending a message/post).
(Also, I am not a lawyer or expert in GDPR, so don't take this as legal advice!)