this post was submitted on 16 Jun 2023
545 points (100.0% liked)

Reddit Migration

670 readers
1 users here now

### About Community Tracking and helping #redditmigration to Kbin and the Fediverse. Say hello to the decentralized and open future. To see latest reeddit blackout info, see here: https://reddark.untone.uk/

founded 1 year ago
 

Another update and possibly a solution for some case where posts were not properly deleted. Seems I jumped the gun on this and the restores haven't been intentional - at least not in this particular case.

There is a limitation in the popular Powerdelete that apparently prevents mass editing. Here is a link to a new version with a build-in delay and some other alternatives:
https://www.reddit.com/r/ModCoord/comments/145fico/comment/jnl4xmr/

There are other reported cases where manually deleted post reappeared or other scripts have been used, so this doesn't solve all issues but explains how posts that were both edited and deleted withPowerdelete weren't properly deleted and reappeared after subs went back live.

Update: As some have pointed out: the restores can be rollbacks from the server issues or post haven't been properly deleted due to subs being private during blackouts. Many have experienced the same issue, I can't explain how this happens. I'll just run the script again, try the GDPR request and delete my account.

Also worth noting: according to the ToS Reddit can actually do whatever they want with existing content, apparently we agreed to this when signing up.

#redditblackout #redditmigration #kbin #lemmy

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 30 points 1 year ago (3 children)

That is such a shitty move. Forcing subreddits to go back up is one thing, but as a european this feels very wrong from a data ownership standpoint and I'm not sure it's ok in the GDPR rules?

[–] [email protected] 20 points 1 year ago* (last edited 1 year ago) (1 children)

I think we should actively keep track of Reddit restoring user's content without people's permission. Screenshots, timestamps, everything. Monitor it all.

Maybe if Reddit go ahead with their API change whilst treating their users like such disposable crap, we could reach out to the EU to inform them of Reddit's GDPR breaches. Maybe that'd lead to their new revenue from API charges disappearing into hefty EU fines.

Update: Maybe there's going to be some loophole about actually having to use the data deletion request via Reddit's UI for there to be an actually GDPR breach though thinking about it. Going to ask around some Law friends for advise

[–] [email protected] 4 points 1 year ago (3 children)

That's an excellent idea! EU regulations on the digital rights of users are not to be trifled with, and "the right to be forgotten" is a big one.

[–] [email protected] 2 points 1 year ago

Mightily envious of you guys over there.

[–] atzanteol 1 points 1 year ago

Doesn't seem like these were gdpr requests, just people marking posts as "deleted" which does not delete your post, it marks it as non-viewable.

Make gdpr requests if you want your data deleted.

[–] [email protected] 3 points 1 year ago (1 children)

I'm not sure it's ok in the GDPR rules?

That would probably be related to "right to erasure".

But even this has limits, since sometimes the data can be necessary for a service (for example, you might be unable to get invoice data erased before X years, as a legal requirement)

Since messages on forums can be considered "needed" to understand a thread, it's usually advised to make all messages anonymous if a user requests complete deletion.

I guess here it's a little different, since the messages were removed by users, so it's not a gdpr request. Not sure how it works in that case.

Other issue is if the messages themselves contain personal information... Someone going through my old reddit profile could probably figure out my identity since I mentioned one of my (very uncommon) previous job a few times.

Best way to figure out how it works here would probably be to contact the gdpr authority for your country... And they might have trouble with it too.

[–] [email protected] 1 points 1 year ago

But even this has limits, since sometimes the data can be necessary for a service (for example, you might be unable to get invoice data erased before X years, as a legal requirement)

But then it still needs to be marked as a "DO NOT TOUCH". you aren't allowed to use it then for any other purpose.

[–] [email protected] 1 points 1 year ago

@Anahkiasen @chri5 almost certainly no bueno under GDPR.

Post content being deemed PII at user digression is already a... questionable stance to take with GDPR but probably grey enough to the point where a DPA won't bother with it while they have bigger fish to fry.

Outright going against user requested data removal tho? Yeah that's a good way to net you GDPR complaints. If the user requests their info removed, you're required to oblige unless you have a reason that amounts to something like "we need this to keep the service operational", which post content almost certainly isn't.

(ie. You're not gonna be able to GDPR your IP address or email off of the banlist.)