Another update and possibly a solution for some case where posts were not properly deleted. Seems I jumped the gun on this and the restores haven’t been intentional - at least not in this particular case.

There is a limitation in the popular Powerdelete that apparently prevents mass editing. Here is a link to a new version with a build-in delay and some other alternatives:
https://www.reddit.com/r/ModCoord/comments/145fico/comment/jnl4xmr/

There are other reported cases where manually deleted post reappeared or other scripts have been used, so this doesn’t solve all issues but explains how posts that were both edited and deleted withPowerdelete weren’t properly deleted and reappeared after subs went back live.

Update: As some have pointed out: the restores can be rollbacks from the server issues or post haven’t been properly deleted due to subs being private during blackouts. Many have experienced the same issue, I can’t explain how this happens. I’ll just run the script again, try the GDPR request and delete my account.

Also worth noting: according to the ToS Reddit can actually do whatever they want with existing content, apparently we agreed to this when signing up.

#redditblackout #redditmigration #kbin #lemmy

  • Melpomene@kbin.social
    link
    fedilink
    arrow-up
    19
    ·
    1 year ago

    Worth noting is that a number of US states also have strong protection laws. So, delete you comments manually and then, if you’re really trying to ensure that they delete your data, submit a data removal request that cites your locale’s law on data removal.

    Theeeeeen in 6 months or so, send a data retrieval request to make sure they followed through… and report them if they did not comply. Might as well make them pay for that data if they can’t follow the rules.

    • tal@kbin.social
      link
      fedilink
      arrow-up
      4
      ·
      1 year ago

      Assuming that this is, in fact, not legal and if they have money that can be gone after, I assume that someone may start a class action suit. In theory, they’re worth multiple billions, so…

      An individual probably doesn’t care much about whatever harm is done, as the damage is too small. But this is the kind of thing where a lawyer can walk away with a big payday by aggregating cases of many users and then getting a percentage of any payout.

      I am not at all certain that it is not legal, though.

  • CtrlOpenAppleReset@kbin.social
    link
    fedilink
    arrow-up
    11
    ·
    1 year ago

    This could be worse than anything else they’ve done. If they claim they own the data, are they then not responsible for it like newspapers? Is it in their terms and conditions they are free to do whatever with posted information, do they have the rights to edit users comments but in doing so become a content provider and therefore responsible. Kicking mods out doesn’t land you in court this seems high risk to be manipulating content. Doesn’t matter why it was deleted or edited it was deleted or edited who gets to decide what version to restore. Either you are hands off or you own the data and are responsible for it and upheld to media standards.

    Edit: found a snippit of the terms and conditions in a German GDPR thread, It appears it is their terms and conditions that after you post it they can do with it what they like, even adapt it. Either way that’s not a reason to be gone.

    • pleasemakesense@lemmy.world
      link
      fedilink
      arrow-up
      5
      ·
      1 year ago

      ToS like that does often not mean anything, they can write whatever they like but it doesn’t mean they can legally enforce it. So if you are an artist posting a painting you made, reddit can’t just say ‘oop, it’s ours now’ same with text

    • Pigeon@beehaw.org
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      There was that kerfuffle ages ago about u/spez editing comments in r/thedonald, iirc. It’s not like it would be that much of a stretch for him at least.

      But it looks like from OP’s edits it may be unintentional. I’ll withhold my rage for now.

    • /JJ@feddit.uk
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      1 year ago

      I picked up a permanent ban, after 15 years for saying ‘Go outside fatso’ to someone who said I couldnt read. Not my proudest moment, but there you go.

      The reason I mention it, is that it adds a different dynamic if they are trying retain (and prevent me from editing) data which they hold about me. They might argue that doesn’t extend to post where I’ve written “cats > dogs” - but anything where I’ve refered to where I live, whether I have kids, what my political views are, are all clearly personal details which they are not allowed to hold without retaining my consent.

      Clear contraventions on GDPR in EU.

      https://commission.europa.eu/law/law-topic/data-protection/eu-data-protection-rules_en

  • admin@fediverse.boo
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    This is shitty of them to do but this is what people have been trying to tell us since the dawn of the internet. Nothing on the internet is EVER truly deleted

        • BorgDrone@kbin.social
          link
          fedilink
          arrow-up
          3
          ·
          1 year ago

          That’s debatable. Sure. my account doesn’t actually contain my name and address, but it contains almost 14 years of posts and comments. Through the years I’ve probably let slip enough small pieces of information about myself that a motivated person would be able to identify me. This would still make it identifiable information.

          • booshi@kbin.social
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            Debatable? Yes, as that still hasn’t been figured out at a higher level, and this is still handled on a case-by-case basis. Otherwise, they are free to keep your data, and simply no longer keep the association with your email.

          • Legisign@kbin.social
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            Sure. my account doesn’t actually contain my name and address, but it contains almost 14 years of posts and comments.

            Agreed. If a person’s speaking voice falls under the GDPR (as I have found out being a phonetician and hence doing research on it), surely opinions and comments taken not individually but as a cumulated mass must do so too.

        • aceca@kbin.social
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          The data subjects are identifiable if they can be directly or indirectly identified, especially by reference to an identifier such as a name, an identification number, location data, an online identifier or one of several special characteristics

          By definition commenting reddit users are covered, even if they haven’t posted anything otherwise identifying – but most have either way.

          • Jon-H558@kbin.social
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            Yes but if they take the user name off can they keep the comment text up. For most comments they probably could unless you were putting your name or your job title and company or similar in the body of the text.

        • aceca@kbin.social
          link
          fedilink
          arrow-up
          0
          ·
          1 year ago

          If a user is commenting they have an online identifier and are thus covered. If a user has ever referenced their relationship status, location or any physical descriptor they are covered. The GDPR – it applies.

          • booshi@kbin.social
            link
            fedilink
            arrow-up
            0
            ·
            1 year ago

            These links are just going to the same post we are on? It’s not linking to specific comments for me.

            • abff08f4813c@kbin.social
              link
              fedilink
              arrow-up
              0
              ·
              1 year ago

              Looks like comment link redirection isn’t quite working. Let me just copy over the comment text for now:

              Well, people have reported Twitter for failing to remove their tweets and places like the ICO are now actively investigating Twitter over this failure, see https://www.wired.co.uk/article/delete-twitter-dms-gdpr

              Someone posted not too long ago that a person who was part of Twitter’s group over the GDPR - pre Musk - said the lawyers came to the conclusion that tweets were protected under the GDPR.

              I believe it’s less straightforward than that. Under GDPR, consent can be withdrawn, you can’t give an irrevokable consent.

              And from https://mstdn.games/@chris/110553477682106144

              Presumably falls under right to erasure (art 17,19 of GDPR). You’ve withdrawn your consent, so if it isn’t exempt under legal obligation, public health, scientific research etc then that’s it, really. I guess there might be brave souls who argue that posts on Reddit sometimes don’t qualify as or contain personal data, but that would seem irrelevant unless someone is painstakingly anonymising the dataset on a case by case basis, which they surely aren’t.

              Also, it looks like Twitter may be in some trouble, for failing to delete DMs under the GDPR, see https://techcrunch.com/2023/02/08/elon-musk-twitter-dm-deletion/

              Surely, if twitter DMs fall under the GDPR, so do Reddit posts and comments (and note that it’s the content of the DMs, and not the personal identifiers, and that the DMs are requested to be deleted from e.g. receipients inboxes as well).

              • booshi@kbin.social
                link
                fedilink
                arrow-up
                1
                ·
                1 year ago

                There is nothing of fact here - as I said in my comments before and I’ll say again - it’s a case-by-case basis, but as it stands, this is not covered under GDPR. Everything you linked to is pending actual decisions, as this area of GDPR is still being figured out. Yet, for some reason, people are stating it as fact.

                • abff08f4813c@kbin.social
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  1 year ago

                  as this area of GDPR is still being figured out.

                  Interesting. So does that mean you think it COULD be covered by the GDPR, perhaps from a court decision at a future date? That at least it’s a possibility, even if unknown right now?

                  this is not covered under GDPR

                  Interesting contradiction. I’d say there only three states: it is covered, it is not covered, and it’s unknown.

                  Anyways, here’s a fact:

                  UK’s Information Commissioner’s Office … told Veale that Twitter’s response “failed to comply with the requirement of the data protection legislation”

                  Of course you’d be right if you said it hasn’t been taken to court yet and that particular case lacks a court ruling to back it up. So if that’s your requirement for it to count, then that’s fair. Still, I would generally go with the guidance from the ICO here rather than try my luck in court, absent compelling reasons.

                  I think the case by case thing is addressed somewhat from the Mastodon post. Someone reposting a meme wouldn’t contain any personal info to erase under GDPR, but another post that’s an ask me anything with a person’s picture and other verifiable credentials would be. In the latter case I’m not sure you could anonymize the content without making it unuseful and uninteresting.

                  And it would take a lot of time and effort to review every post and comment and perform the anonymization. And deanonymization is a legitimate concern too. So I guess Reddit could try to play hardball here but it would probably cost them.

        • flypenguin@kbin.social
          link
          fedilink
          arrow-up
          0
          ·
          1 year ago

          please don’t state things if you don’t know what you’re talking about. it absolutely applies. it’s a personalized account, with a personalized email address – this is the core of GDPR. it might not apply cause reddit is not within the legislation of the EU. maybe.

          • Jon-H558@kbin.social
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            If they have eu users they have to apply it. That is why many places have ip lock outs that just prevent us from.seeing it.

            However if they truly anonymise the content of a post they can keep it

          • booshi@kbin.social
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            I do - I work with this daily. It would be a massive uphill battle to even prove in a court that your whole post history is considered “identifying”. It’s a case-by-base basis. On top of that, your data could still be easily stored and simply no longer associated with your email (but still can be kept if the previous cannot be proven about identification). Then this would have to be tested, on a that same case-by-case basis, for every single user that made a request.

            To quote yourself, “please don’t state things if you don’t know what you’re talking about.”

            • flypenguin@kbin.social
              link
              fedilink
              arrow-up
              1
              ·
              1 year ago

              ah … simply no. also now you’re going into technicalities and specific scenarios – which might make sense in court, yet doesn’t disprove the principle per se. but maybe let’s agree to disagree, i don’t think this goes somewhere.

  • PabloDiscobar@kbin.social
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    I deleted all my content but I did it over the span of a few days, to let the different caches around reddit to update with the new void, and my content is still deleted (so far).

    I said it before and I say it again: if you have the patience to do so then make sure you overwrite your content with chatgpt generated content, as the future AI that will feed on your post HATE feeding on already AI generated stuff. It makes the AI diverge.

    edit: Filling your previous content with random generated content also make it harder to restore because it is harder to spot, compared with the comments which are simply “deleted”. Also, if all of it is really true, congratulation to reddit for demonstrating to everyone and specially the USA how useful the GDPR is for the citizen.

  • TWeaK@lemmy.ml
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    You should bear in mind, PowerDeleteSuite doesn’t get everything. It can only see what’s in your reddit profile under New, Top, Hot & Controversial - there will be numerous posts that are too old with only 1 or a few karma that aren’t displayed in these lists. In particular, if you go through your top posts of all time, you might find some replies to these posts that you made that the script did not see.

    The GDPR archive gives a full list of all the comments. What we need is a FOSS script that can use these csv files to get everything. Apparently Shreddit can take the csv files, however you have to pay $15 to use this feature.

  • thek3nger@kbin.social
    link
    fedilink
    arrow-up
    0
    ·
    1 year ago

    Holy damn. I deleted all my comments and my account ~a week ago. I don’t even know how to check if they restored something. 😠

  • BarqsHasBite@lemmy.ca
    link
    fedilink
    arrow-up
    0
    ·
    1 year ago

    While there’s some value in old threads, the real value is in new ones. Deleting old comments won’t amount to much.

    • Overzeetop@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      I’d be willing to bet a lot of traffic is driven to Reddit via Google queries (Lord knows that Reddit’s own search engine can’t find shit). Removing data will reduce hits or, if Google doesn’t update their cached database, will result in people avoiding reddit because every time they go there it’s just deleted comments.

    • OmnipotentEntity@beehaw.org
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      In practice, it’s hard to know exactly how Reddit structures the data they have and what exactly a delete actually does and what backups they have.

      That being said, it’s not out of the question that you could delete your post history, then your account, and reddit only restores your post history and not your account, leaving you unable to delete it again.

      • TWeaK@lemmy.ml
        link
        fedilink
        arrow-up
        0
        ·
        1 year ago

        Hijacking the top comment to say: PowerDeleteSuite doesn’t get everything. It can only see what’s in your reddit profile under New, Top, Hot & Controversial - there will be numerous posts that are too old with only 1 or a few karma that aren’t displayed in these lists. In particular, if you go through your top posts of all time, you might find some replies to these posts that you made that the script did not see.

        The GDPR archive gives a full list of all the comments. What we need is a FOSS script that can use these csv files to get everything. Apparently Shreddit can take the csv files, however you have to pay $15 to use this feature.

    • dan@upvote.au
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      When an account is deleted, all the comments still exist, the author’s name just changes to “[deleted]”. You’d need to use a third-party tool that deletes all the comments individually, or potentially send them a GDPR or CCPA “right to be forgotten” request (although I’m unsure as to if this actually deletes the comments).

    • Omega@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      I found some of my (assumed deleted) messages today that weren’t actually listed under my profile any longer. But they were still on the post with my name on it.

  • Anahkiasen@lemmy.blahaj.zone
    link
    fedilink
    arrow-up
    0
    ·
    1 year ago

    That is such a shitty move. Forcing subreddits to go back up is one thing, but as a european this feels very wrong from a data ownership standpoint and I’m not sure it’s ok in the GDPR rules?

    • Anon2971@kbin.social
      link
      fedilink
      arrow-up
      0
      ·
      1 year ago

      I think we should actively keep track of Reddit restoring user’s content without people’s permission. Screenshots, timestamps, everything. Monitor it all.

      Maybe if Reddit go ahead with their API change whilst treating their users like such disposable crap, we could reach out to the EU to inform them of Reddit’s GDPR breaches. Maybe that’d lead to their new revenue from API charges disappearing into hefty EU fines.

      Update: Maybe there’s going to be some loophole about actually having to use the data deletion request via Reddit’s UI for there to be an actually GDPR breach though thinking about it. Going to ask around some Law friends for advise

  • lackthought@lemmy.sdf.org
    link
    fedilink
    arrow-up
    0
    ·
    1 year ago

    wow I just checked and all my deleted comments are restored (used the power delete suite)

    jokes on them, I’m petty enough to sit here and manually delete everything

  • Brianala@kbin.social
    link
    fedilink
    arrow-up
    0
    ·
    1 year ago

    Earlier this week I deleted all of my comments except for some in a private sub. I just checked and all the posts I deleted are back 🤬