For those in the know about privacy laws and the such. What is a proper response to reddit's claim that they cannot remove all the information associated to an account without first the user removing

Doll_Tow_Jet-ski@kbin.social · 1 year ago

For those in the know about privacy laws and the such. What is a proper response to reddit's claim that they cannot remove all the information associated to an account without first the user removing

Grumps@kbin.social · 1 year ago

I’m no lawyer, however, having gone through this a couple of times as a service provider this is my understanding:

GDPR and similar laws cover data which the provider has gathered about you and may have been shared with third parties.

Generally, user generated content is not covered under GDPR requests. Any content that you chose to post which is self-identifying was posted at your discretion.

The best examples of where this must be true are mailing list archives and Git reposities. E.g., the email address you gave to GitHub on signups and the email address that you attached to a git commit may have been the same, but only one use case provides for GDPR protection. Mostly.

In practice there’s a lot of gray area in GDPR and privacy lawyers often have to find the inflection point somewhere between clearly covered and clearly not covered.

psychopomp@kbin.social · 1 year ago

deleted by creator

Nihil@kbin.social · 1 year ago

So, I’m hearing, “Overwrite all my comments to sign my real name at the end”

psychopomp@kbin.social · 1 year ago

deleted by creator

Doll_Tow_Jet-ski@kbin.social · 1 year ago

Got it. Thanks for the explanation

abff08f4813c@kbin.social · edit-2 1 year ago

As psychopomp pointed out this is wrong. (Or at least, “unsettled” - meaning that unless you are sitting on big pots of money and are happy to pay up to the gov’t if the courts decide against you - you should play it safe.) See https://kbin.social/m/RedditMigration/t/34112/Updated-Reddit-is-quietly-restoring-deleted-AND-overwritten-posts-and#entry-comment-140833 - for what it’s worth, folks from pre-Musk Twitter who looked into this issue determined that tweets basically did fall under the GDPR.

See also https://mstdn.games/@chris/110553477682106144 https://www.wired.co.uk/article/delete-twitter-dms-gdpr https://techcrunch.com/2023/02/08/elon-musk-twitter-dm-deletion/

Doll_Tow_Jet-ski@kbin.social · 1 year ago

for what it’s worth, folks from pre-Musk Twitter who looked into this issue determined that tweets basically did fall under the GDPR.

That’s interesting! It does set a precedent. I’m just going to have to wait for a European class action against Reddit. I hope someone with time and money in their hands takes the initiative.

abff08f4813c@kbin.social · 1 year ago

Hmm. I wonder though - could follow BrikoX’s suggestion. Might be the case that you don’t need a lawyer or to spend any money on it, instead the gov’t org will hear complaints from lots of redditors (or ex-redditors) and then send its own lawyers in. If so, then these folks will be using public money from taxpayers and of course they got the time - it’s literally their actual job. (Of course I speak in generalities and maybes because i don’t know the system in every single EU country and it likely varies somewhat between them.)