Federated services have always had privacy issues but I expected Lemmy would have the fewest, but it’s visibly worse for privacy than even Reddit.

  • Deleted comments remain on the server but hidden to non-admins, the username remains visible
  • Deleted account usernames remain visible too
  • Anything remains visible on federated servers!
  • When you delete your account, media does not get deleted on any server
  • MrEUser@lemmy.ninja
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    I’m basing what I have said off of work I have done with attorneys in similar situations. I don’t know evidentiary law, but I wouldn’t want to be accused of destroying evidence of something. But my question stands. Why should someone who has doxed someone get away with it by deleting their account? How is that ethical?

    • mainfrog@beehaw.org
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Why should someone who has doxed someone get away with it by deleting their account?

      Doxxing is not illegal in many places - the US included. Cyberstalking and harassment may be illegal, depending on location. That’s beside the point, but this is an extremely specific example.

      Ultimately users should, in my opinion, be in control of their data. Tildes, for example, preserves deleted comments for (I think) 30 days and then permanently removes them. It seems like that approach is a compromise that would work for your situation while still respecting privacy long term.

      • MrEUser@lemmy.ninja
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Wether or not doxing is unlawful depends on many things, even here in the U.S. Your absolute statement is false because it’s dependent on context that you haven’t considered.

        I’m not the one that has to be satisfied with the solution. I just wanted to point out an example where it would matter that deleting an account could hide a crime. If you don’t like the doxing example, another example would be someone posting sensitive information (Airman Jack Teixeira).

    • t3rmit3@beehaw.org
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      1 year ago

      So the key thing here is, “are you aware that the data is part of a legal proceeding or crime?”

      If no, deleting it as part of normal operations is perfectly legal. There are plenty of VPNs which do not log user information, and will produce for the authorities all of the logs they retain (i.e. an empty log file).

      From an ethical standpoint, keeping peoples’ data which they want removed, against their wishes, based on the hypothetical that at some point someone might do something wrong, is by far the less ethical route.

      “You might do something bad, so I’m going to keep all your data whether you like it or not!” <- the bad thing

      • MrEUser@lemmy.ninja
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        It’s cute how you think I’m going to take legal advice from you. You do you, have a nice evening.