If you want to further investigate: Link to Reddit post
Someone mentioned invoking GDPR’s right to be forgotten. Although comments are not strictly personal information, it could still work. I think I’ll try it soon.
they are your IP that you can rescind permission to publish at any time
I think if that works it would be a great solution! Processing copyright claims is pretty time-consuming, so they‘d have to put a lot of work into it
But the Reddit ToS states that by submitting content to their Services you
grant [Reddit] a worldwide, royalty-free, perpetual, irrevocable, non-exclusive, transferable, and sublicensable license to use, copy, modify, adapt, prepare derivative works of, distribute, store, perform, and display Your Content
I think you should definitely try, but I don’t think it’ll work. According to this stackexchange question they could argue that deleting your comments would break the cohesiveness of the discussion and make the available information incomplete.
Art.17, 3a states that the right to be forgotten is not applicable if processing of the data is required to exercise freedom of information. So I don’t think posts or comments are affected by the GDPR as long as they don’t contain any information that would identify a user
So what you’re saying is, mass-edit all your comments to contain your full name right before requesting deletion.
@sensibilidades is probably right that they could just restore the previous state from a backup
In addition to that is a name not necessarily information that would identify you. There are many people out there that share the same name. It would require additional personal information, like address, phone number or something like that
Even if that would help deleting a users Reddit history I wouldn‘t exactly recommend posting putting that information on the internet
Just edit it with a like to a lemmy instance or instances
they’ll just restore it to whatever it was earlier, I suspect
deleting from a database isn’t processing. It’s literally what right to be gorhotten requires
You‘re right, if the law was applicable then they‘d have to „process“(delete) the data.
But since the right to information weighs heavier than the right to be forgotten (except when it comes to personal data, which can be used to identify a user) Reddit is not required by the GDPR to delete posts/comments that do not contain such information
Reddits privacy policy itself states that you can use GDPR or California’s CCPA and has instructions for invoking it (basically just sending them an email). https://www.reddit.com/policies/privacy-policy
You‘re right, you can use the GDPR to delete personal data. But again, I don‘t think posts and comment are considered personal data and that they would not have to be removed since they are essential to understanding the discussion as a whole
The GDPR was never intended to be able to destroy information, just to protect the privacy of users. So as long as there‘s no information that could identify a user in their posts/comments (which no one should make publicly available anyways) then Reddit is under no obligation to delete the content you generated. They only have to disassociate it from your account, which they do by displaying the username as „deleted“
Right, but how would they handle the case where personally identifiable information could be in the text itself?
Someone could tell a very descriptive story with enough detail that you can figure out who it is, or maybe someone who knows enough of the story in real life could figure out exactly who it was that made the comment?
For example, someone makes a comment with a long story and in there they include something like, “I’m Karen and I work at the restaurant where that [insert some major news story here…]”. People make mistakes all the time and they might want to quickly delete that information.
Not only that, if you look at enough of someone’s comment history you can start figuring out a lot of information about that person. In one comment they might mention the city they live in, in another they might mention the name of the business they work at, somewhere else you figure out their gender, in some cases they may even post a picture of themselves.
Edit: fixed formatting where some text was hidden.
Hmm yeah that’s true… So really the question is who decides what “sufficiently anonymized” actually means. Or what counts as personal data and what does not. Probably only a court can answer these questions since the GDPR is not very precise in that regard
I guess the best way to find out is to request deletion of all data including comments and posts, and if they don’t comply then take them to court or file a complaint with your national Data Protection Authority
I don’t think they can just restore all comments and bypass the GDPR, that would be insane. It’s a very serious law in Europe.
Depends on how they store the comments, IP is within GDPR, but even then, I will just claim that i have posted personal information on comments so it still applies. If the comment is connected to my user in anyway, it’s GDPR…
Fuck. I really don’t like this.
So many trauma and support subreddits get deeply personal and identifying posts and comments about horrific shit people (me included) lived through and were trying to cope with, which got deleted several hours after posting for privacy reasons.
If this content gets revived by reddit, it puts a lot of vulnerable people in danger as it this type of ‘content’ is often harvested by users of other platforms who share these stories with huge audiences.
So section 230 protects social media platforms regarding content users post.
If they reinstate a user deleted post who owns it?
Hoping this blows up in their faces as it’s a really shitty course of action to take.
I also don’t think GDPR looks to kindly at this.
It really doesn’t. Right to be forgotten from the Irish Data Protection Commission.
GDPR
The real PowerDeleteSuite is always in the comments.
Legally, they are probably fine. They’ll delete your account and disassociate your comments from it if you ask and that likely has them covered.
your post is your IP and you own the rights to it and the right to have them deleted.
https://www.dataprotection.ie/en/individuals/know-your-rights/right-erasure-articles-17-19-gdpr
Oh, that’s a really interesting take! I wonder if there’s even any precedent for this sort of thing…
There’s no “may” about it. People are reporting that their posts and comments are being restored already.
Mine are back as well! WOW, talk about being a scummy company.
Edit again with reference to gdpr or coppa in every post. Or send them a gdpr right to be forgotten request for extra work
What’s more likely is there was a database syncing issue
More likely?
No what’s more likely is that they want to show a lot of posts and comments in their statistics before they go public. They are trying to make the protests look like it’s nothing.
I sanitized all of my comments before I deleted them. They’re welcome to bring them back. it’s all just a protest message anyway. But for those who didn’t, this is really shitty.
Unedited messages were restored to my profile. You might want to check yours.
no profile to check-- i also deleted my account. but, like I said: I sanitized all of my comments first.
Unless you sent them a gdpr request they have all your edit history saved
Is there any evidence for this? Historically Reddit did not save any edit history, only the latest version of the comment.
The script I use edits comments (“e” is what I have it set to), then deletes them. Reddit restored my comments as they were before the edit to “e”. If that’s what you mean by “sanitizing”, that part is apparently not foolproof. Hopefully deleting the entire account doesn’t get rolled back.
They are going into their database and restoring the original comments. No just un-deleting them. This is exactly why I left my account active.
they don’t retain comment edit history. they literally don’t possess this capability-- it’s a GDPR requirement.
it’s possible that some of your comments were missed when you tried to sanitize them. i ran into this issue myself and had to re-run the sanitization script a few times to get all of my comments.
I’m having this issue as well, but I think it’s just comments from subs that aren’t private anymore.
Would this be a GDPR violation? Serious question as I don’t know
My belief is that no, it wouldn’t - because the posts don’t contain identifiable information about people. I’m not an expert, though, and I’d love for someone to come and correct me if I’m wrong.
Edit: I just saw that @S4nvers gave a more detailed answer than me a bit lower down, essentially agreeing with me but quoting the relevant part of GDPR to explain why.
gdpr includes your tlright to be forgotten and your ownership of your own IP, including posts, and right to erase your own content.
https://www.dataprotection.ie/en/individuals/know-your-rights/right-erasure-articles-17-19-gdpr
USA has something similar in coppa
I just deleted Apollo off my phone. I loved Apollo but I kept mindlessly opening it, I just can’t use Reddit anymore. I’m here now. I had a 17 year Reddit badge, but no more.
RIF user here, and I had to move it off my home screen (replaced with Jerboa for Lemmy) but I still can’t bring myself to delete it yet :(
Might as well wait until it dies on July 1st.
Yeah me too. I added a block in my pi-hole setup to the whole Reddit domain. That may get removed later for search results reasons… maybe.
This is messed up. I just recently deleted my account (used poweredeletesuite first to edit all my comments to a “.”) before finding out about the API stuff. With it deleted, if they’ve restored my posts, I have literally no way to ever delete any of it again. It’s not the end of the world for me fortunately (it could be bad for some people that may have revealed things that are too personal or could get them doxxed), but there were definitely things I’d like to have removed permanently.
This is why I’m not deleting my Reddit account, it’s all the “power” we users have over what’s going on, they’re gonna have to ban me to stop editing my stuff… and then we’re gonna do the GDPR dance.
This is why I’m not deleting my Reddit account, it’s all the “power” we users have over what’s going on, they’ll have to ban me to stop editing my stuff… and then we’ll do the GDPR dance.
I wish I kept mine.
I’ve run PowerDelete, and if they restore my comments I cannot even log back in to edit/delete them again.
Although I’d argue that restoring content the user has deleted without their consent, may also be considered a privacy violation. Maybe I’d posted something by accident, that I realized later I didn’t wanna share? All I’m saying is, it’s a dangerous road for them to take, as it exposes them to legal actions IMO.
BTW my comments are fine, still showing up as deleted.
Which is unfortunately not what I originally meant to do, but the tool does a poor job at warning to uncheck the delete checkbox. So after spending 5 minutes coming up with an impactful/helpful edit message pointing to my Lemmy profile and inviting people to get in touch if they needed that content absolutely (since I have a backup), I eventually messed up and run the tool with chained edit + DELETE actions. Yeah, that hurt a lil bit.
That is really bad of Reddit.
That is why you never edit anything in your database, only save a new version of it so you always can have a paper trail back with all the edits. Same with deleting, you just mark it as deleted. This data is worth a lot of money, they’d be stupid if they let the users destroy it.
And yes it’s against the GDPR and so on, but which one of us will sue them?
Can confirm this, my comments are magically reappearing as well. I used PowerDeleteSuite and used the edit before delete function.
This is a new low.
No matter what side of the argument you’re on, posts and comments should not be allowed to be restored without the author’s permission. Reddit is only ensuring more people will go away or stay away.
