- cross-posted to:
- reddit@lemmy.world
- technology@beehaw.org
- cross-posted to:
- reddit@lemmy.world
- technology@beehaw.org
This video shows that Reddit refused to delete all comments and posts of its users when they close their account via a CCPA / GDPR request.
The creator of tildes.net is a former Reddit backend developer, and believes this behavior is likely due to how Reddit caching works (or doesn’t work), rather than an intentional subversion of user intent:
Luckily GDPR deletion requests don’t care about how they are implemented. And failures to comply en masse tends to get really expensive.
Yup. I’m waiting for Reddit to come back with my GDPR data request (which has a time limit of 30 days, after which they can tell their excuses to extend it by another 30 days I believe), and assuming they have not reversed the API decision I’m ordering them to delete it all afterwards. And they even now have a handy list, the one they just gave me, of everything they have to purge - if they didn’t, it wouldn’t be on that list in the first place :)
Still waiting for the GDPR request i made at the start of this shitshow, will be funny to witness the mass GDPR deletion requests of accounts at the start of July
It’s been 3-4 weeks since I submitted my CCPA request, and I still haven’t gotten my data yet. CCPA has a time limit of 45 days.
That’s what’s so awful about this. Prices were announced May 31st, so for a CCPA request that was done that very instant, they can delay until mid July, when the API changes will make it much more difficult to delete your data, and there’s no recourse.
Even for GDPR, maybe you’d get it the day before, for the shorter 30 day limit. But a day of a few hours could easily mean you’ve gone past and API is also a problem for you.
This is some messed up timing, mates.
I would hope that someone reaching out to press from ModCoord would pass these concerns on to journalists. A persistent journalist can uncover the extent of compliance to the GDPR and CCPA through proper questions. “Have you seen an increase in GDPR/CCPA requests wince the controversy started? What percent of those have you completed? What about reports that users are unable to delete their data?” etc. (only better because I’m not a journalist and probably oversimplifying).
Reddit stopped answering requests for comment from objective journalists.
People just need to start filling complains with their Data Protection Authority. Then the mainstream media will be forced to cover the stories to get the clicks.
Based on this, I’d say that Reddit fully deserves to be banned in Europe and California, and fined into potential bankruptcy. Having deeply flawed technology that prevents them from ever being in compliance of a very serious law is no excuse.
.
This sounds like malicious incompetence…
Not necessarily, although Reddit can definitely choose to play it that way.
A lot of systems made in the pre-GDPR era (which is most of them) were not designed with the capability to decouple and erase content at a moment’s notice.
Btw incompetence won’t hold up as a valid defence for violating GDPR. At most it can give them some stalling room.
Oh God. Somewhat unrelated, but I felt like I knew the name “Deimos” from somewhere. Couldn’t put my finger on it. Finally realized who he was.
Greek god of dread and terror. Also, the smaller and outermost of the two satellites of Mars, named after said god.
Also an infested planet torn apart by family drama in Warframe.