Was there even a mass exodus? I largely avoid Reddit now, but I do kind of doubt that they’ve been hurt in any meaningful way by all the protests and people leaving…

  • grte@lemmy.ca
    link
    fedilink
    arrow-up
    0
    ·
    1 year ago

    It’s currently impossible to follow a GDPR information delete request for example, because you can’t delete the info from other instances.

    What makes it impossible? Why would any given instance maintainer be responsible for the data on someone else’s instance? Would it not fall on the GDPR requester to make that request of each individual instance?

      • grte@lemmy.ca
        link
        fedilink
        arrow-up
        0
        ·
        1 year ago

        So then if someone requests that Gmail delete all their email data, is Google then responsible for making sure any emails sent out from it’s server to another is also deleted from those external servers?

      • Azzu@lemm.ee
        link
        fedilink
        arrow-up
        0
        ·
        1 year ago

        Yes, but “the controller” is one instance, and it’s certainly easy for one instance to allow a user to be forgotten. You can purge the user from the instance. Then they are forgotten, as far as the instance is concerned.

        As an example, just because someone makes a GDPR request on YouTube to delete a video, does not require Google to actually remove the video from the whole internet. There are plenty of websites that archive content which are unaffected by that GDPR request. It’s the exact same thing with different Lemmy instances, just because you ask lemm.ee to delete your content does not mean that lemmy.world needs to delete your content.

        • King@lemm.ee
          link
          fedilink
          arrow-up
          0
          ·
          1 year ago

          The GPDR doesn’t require Lemmy to remove personal data from the entire internet. But when a Lemmy instance gives data to other Lemmy instance, there are legal responsibilities.

          https://gdpr-info.eu/art-17-gdpr/ Where the controller has made the personal data public and is obliged pursuant to paragraph 1 to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data.

          ==========

          Maybe this is open to interpretation, but I feel that the same Federation protocol that federates out my personal data (my posts and comments), should also federate out my delete requests. I’m unsure why this would be controversial.