I'm trying to understand how safe it is to use an account on lemmy.world to post dissenting opinions regarding the U.S. government. I have three questions:
If a subpoena is issued for IP records for a user or their comments, will all historical IP data be available to provide?
Is there a time limit on how long IP records are kept?
When a user deletes their account on lemmy.world, are their comments and/or IP records also deleted?
I suggest using internet access at public libraries or a dedicated, anonymized, linux based (Tails) laptop and connect to public wifi access points. Coffee shops with outside seating and only outdoor cameras are a good choice.
The fediverse is different than online social media. You have one server who has the data yes, but you are essentially blasting out all of your opinions across the entirety of the fediverse, where anyone or any entity can have a listener. There are no deletes either, meaning that whoever is listening does not have obey the delete request.
We have our open world free from takedowns and corporate, but the tradeoff is privacy. Expect anyone to be listening
Whenever you post something publicly on the internet, it's best to assume that you may not be able to delete it. Scrapers, search engines, caches, people taking screenshots, ... This is of course especially true with the fediverse, where posts are duplicated across servers. (Typically deletion requests are honored, but they might not, or they don't go through because of an issue, and even then the previously listed issues are still present.)
However, this is only regarding information that's either public or shared through the protocol, which doesn't include your IP address or the email address used to register. These are only available to the server your account is on and the client you connect with, if you're using an app. This information is I believe what OP was asking about, not the posts themselves.
(Without a proxy / VPN (comes with its own up- and downsides) your internet provider can also check some of your internet traffic, such as who you're connecting to, though typically not what data is being exchanged, due to encryption, like HTTPS.)
whoever is listening does not have to obey the delete request
Say it louder for those in back. I kept getting downvoted when I said that the GDPR won’t help them on the fediverse as there are instances in places it won’t help.
I know me too, I love it here don't get me wrong, but literally anyone can host an instance. GDPR is great overall, but it doesn't cover when you blast your data to N number of other servers. There's no clawback, and even then like we both said, there's nothing stopping a 3 letter agency for listening and just ignoring the delete request. I love it here, but I'm not going to just give out private info either. If you want encrypted messaging, go to Matrix
Thanks for the reply. I have read the privacy policy, but it is rather unspecific. But, I thank you for the link. I think it's probably safest to delete my account now.
Lemmy is pretty bad at privacy, tracking not only your posts, but which posts you have read, which comments you have up or down voted, etc. Most "privacy" VPN services are scams, so don't expect privacy from them. Someone suggested using internet at public libraries, but those usually want you to log in with your library card, so that goes back to you too.
Best thing to do, I think, is run your own lemmy instance so it receives all of the posts and comments, so you can read what interests you without having the reads tracked on someone else's computer. Then avoid posting on edgy topics.
It disappoints me that Lemmy tracks reads and votes on the server. Reading should tracked only on the client (if at all), like with Usenet. Having your reading examined is even more invasive than having your posts examined. I'd be happy if voting were eliminated altogether, but if not, it could be made more private too.