##Some general background

Discord is a privacy and security disaster. They do not make their money through ads and tracking (as of now) but they do not care about privacy or security just the slightest bit either. Discord messages are not end to end encrypted. Discord, their employees and their infrastructure partners like Google Cloud Messaging have access to your messages at all time. Do not ever send anything sensitive over Discord! Discord also does not delete your messages when you delete your account, leave a server or delete a channel or group. When you delete a channel or group or get removed from one your messages still stay on their server. You just lose access to them and have no way to delete them anymore. If you delete your account without deleting your messages first they will stay on their servers forever without you having any way to access or delete them. There is no official way for deleting all your messages. I am not a lawyer, but I am very sure that is a violation of the GDPR and highly illegal. They claim they anonymize that data when you delete your account, but all your messages are still tied to an account ID and there is no way to anonymize private messages that can contain personal information. Using client mods to automate deleting messages is even against their TOS. They do not comply with laws that require them to delete your data and reserve the right to ban you when you try to do that yourself. You should absolutely regularly delete your messages anyways. Make sure to have another mean of contact for your Discord friends so you do not rely on Discord as they can and do of course ban you for any or no reason whatsoever.

Discord also has extremely extensive telemetry that is not anonymized. They basically log every click you make in the app: when you click on a profile, when you join a voice channel etc. You can see this data when you do a GDPR request. Included in this logs is your IP address, your rough location and device information for every single event. You can block some of this with uBo in a browser or with client mods.

##Settings in Discord

  • Opt out of personalization and other data sharing.
  • Set yourself to invisible/offline. Everyone on every server can see when you are online otherwise and there are bots collecting this information.

##Modifications

  • If you can, use Discord in a browser with uBlock Origin.
  • Regularly use a script like this to delete your messages.
  • Consider using a VPN to hide your IP address and location.
  • If you use their mobile app do not grant it storage permission and instead share files from your gallery or file manager with Discord.

##Usage

Assume that absolutely everything you do on Discord – every message you send every word you say in a voice channel, every click you make – gets permanently recorded by Discord and secrete services, gets sold to advertisers either right away or in the future and breached to the public in the future. That is exactly what you risk when using Discord. Use it accordingly and do not share anything sensitive. If you need to discuss something private shift to another platform.

  • Sunny' 🌻
    link
    fedilink
    20
    edit-2
    7 months ago

    Recommend checking out armcord and similar modded discord clients, they have a lot of the telemetry ripped out, if not alm, with options to install plugins and themes ✨

    👉 https://www.armcord.xyz/

    • @kayaven@lemmy.world
      link
      fedilink
      6
      edit-2
      7 months ago

      Not sure if they exist for Armcord, but there’s plugins for some Discord enhancement mods (BetterDiscord/Replugged) that lets you send end-to-end encrypted messages if the other party also installs the same plugin. They basically show up as encrypted data for anyone that doesn’t install it. Useful for if you truly want the messages themselves to be secure if Discord is your only option.

  • @sub_ubi
    link
    121 year ago

    A bit off-topic, but I note that this community uses Discord over Matrix, and another privacy community I once belonged to Techlore had the largest Matrix channel at one point, but quit and moved to Discord. It’s disheartening that Matrix can’t keep privacy communities.

    • Sume
      link
      fedilink
      7
      edit-2
      7 months ago

      Only problem is trying to get people to switch to it

      Edit: Switch/Use it alongside Discord

  • @XpeeN@sopuli.xyz
    link
    fedilink
    7
    edit-2
    1 year ago

    I know that the UI isn’t as appealing as Discord, but Mumble is a decent option if you host your own server or trust the host. (Not e2ee but it’s clients server encrypted. Claimed reason)

  • TriStar
    link
    fedilink
    English
    77 months ago

    I am not a lawyer, but I am very sure that is a violation of the GDPR and highly illegal.

    Sadly not. GDPR mandates that user content be deleted or anonymized and replacing your username with “Deleted User” seems to satisfy this requirement, even if everybody knows it’s you who sent them. FWIW Reddit doesn’t delete your comments either, but at least they don’t prevent you from deleting them via a script.

      • TriStar
        link
        fedilink
        English
        37 months ago

        The fediverse caught regulators on the back foot, as new tech tends to do. Yes, legally speaking they admins should anonymize or delete the modlogs and comments/posts, but is it technically possible on lemmy considering content is distributed across multiple instances? No idea. Your best bet is to email the administrators of your home instance. Also mind GDPR rights only apply to you if you’re a citizen of the EU.

    • @ThreeHopsAheadOP
      link
      16 months ago

      Messages can contain personally identifiable information and they very often do. You cannot anonymize messages by just deleting the user name and email address of the sender. With Reddit the difference is that it is public in the first place while with direct messages you have anexpectations of privacy. But of course how things turn out in court is another matter.

  • @1lya
    link
    51 year ago

    I don’t have and have never had anything confidential in Discord and IRC. I use this to chat with strangers in thematic chats.

  • poVoq
    link
    fedilink
    5
    edit-2
    1 year ago

    You will also be able to use it from a XMPP account via the Slidge gateway soon. In fact 1:1 chats already work and group chats are a work in progress.

  • @Kalcifer@lemmy.world
    link
    fedilink
    5
    edit-2
    7 months ago

    I feel like it’s rather pointless to try and contort discord to be something that it’s not. If you are truly concerned about your privacy, then your best move is to just use something else. An example of an alternative would be Matrix.

  • ReK2
    link
    41 year ago

    Better to try to use revolt.chat for those that need voice chat while gaming with the guild, I am in 3 guilds and all moved to revolt.chat also the Arch community is big on it with hundreds of users in their revolt server

    • @TechGuru_007
      link
      5
      edit-2
      1 year ago

      revolt.chat is a nice alternative still waiting on E2E as shown in their product roadmap

      • ReK2
        link
        31 year ago

        yap but even with out e2e still better than non e2e discord :)

    • lemmyreader
      link
      11 year ago

      Arch Linux has its own Revolt server or using the main one ?

      • poVoq
        link
        fedilink
        11 year ago

        They actively discourage self-hosting so I doubt it.

      • ReK2
        link
        11 year ago

        as far as I can tell is the main one because shows up on the lists, not sure if is federated( I doub it)

  • Nioxic
    link
    fedilink
    17 months ago

    If they dont delete personal data its a violation of EU law and big fines are coming

    How sure are you of this?

    • @ThreeHopsAheadOP
      link
      16 months ago

      Completely in that they do not delete it. Regarding the legal aspect I am not a lawyer.