It would help if they were reverting personal information. You have a right for them to remove any data about yourself. E.g. if I have Reddit my email address and date of birth and real name. Then decided to leave Reddit. They would have to get that data off their servers (or they can’t operate in Europe) some companies also need to keep that data in a EU data center not US to keep compliant. just saying “script reverted it” isn’t going to save you. Hell we have to be very carefull to wipe it from preprod environment as well (and never store their data in SIt (without irreveesable flipping the personal details)
However the content itself, if cannot be tied back to the person can stay as is. Of course if you have written in your comment “I’m bob Roberts from robertsville and I run bobs grill” that comment has to go so most sites would rather blanket delete. However if you post a guide to grilling that is not personally identifiable then Reddit could keep that data up
just saying “script reverted it” isn’t going to save you
I feel like this would actually be worse than someone doing it manually, in terms of GDPR.
I doubt Reddit is ever going to check all these comments manually to see if they do or do not contain personally identifiable data. They have to delete this data. The data also doesn’t have to be “hi my name is X and my address is X”, it can be anything that could be potentially identifying, on its own or in combination with other identifying data.
General Data Protection Right. You as the owner of your content have unviolatable rights including the rights of deletion. These rights superseds reddits draconical terms of service who lets be honest nobody reads anyway because they are stupidly long.
You are not the owner of your content, you are the owner of your personally identifying data. So if tied to you then must go…but if you have written somthing that is not personally identifying then Reddit could keep it
The GDPR states that data is classified as “personal data” an individual can be identified directly or indirectly, using online identifiers such as their name, an identification number, IP addresses, or their location data.
And if these online identifiers give information specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
In some circumstances, even information related to a person’s job, hair color, or political opinions could be classed as personal data. Usually, this comes down to the context in which the data was collected and whether a data subject could be directly or indirectly identifiable.
So pretty much any significant discourse you have on a platform would be covered under GDPR as an EU citizen. They also have a list of examples on this page too.
The website also states that „properly anonymized data“ is not affected by the GDPR.
The only things from that list, that should be posted on a public internet forum, are race, gender and political views anyways. And it isn‘t really possible to identify a single user based on these data points
By submitting content to Reddit you also granted them an irrevocable license to use it (according to their ToS) and Art.17, 3a of the GDPR protects data that is not identifiable from deletion
But I guess it‘s worth a try. Maybe their DPO is a nice guy
the article also states that “internet usernames” are personal data, hence data is not being anonymised sufficiently, they are absolutely violating gdpr’s right to erasure
Data ceases to be personal when it is made anonymous, and an individual is no longer identifiable. But for data to be truly anonymized, the anonymization must be irreversible.
Okay then it wouldn’t be protected by GPDR, but instead Copyright Law (since you are always the copyright holder of your own stuff) which can’t be diminished by companies terms of usage.
I am not entirely sure it is open and shut on gdpr.
If the post contains any personally identifying information then yes it has to go, but if they disconnect your username/account details from the content and the content is not specifically about you then it can stay up. But it is murky grey area.
Ooh I’m not sure what GDPR is but would including that in the new comments help or is it just bots blindly doing it?
It’s a European data law. And no it wouldn’t help, they are using scripts to blindly revert bulk changes.
Time to lawyer up, Eurofrens!
Sure I better call Saul
It would help if they were reverting personal information. You have a right for them to remove any data about yourself. E.g. if I have Reddit my email address and date of birth and real name. Then decided to leave Reddit. They would have to get that data off their servers (or they can’t operate in Europe) some companies also need to keep that data in a EU data center not US to keep compliant. just saying “script reverted it” isn’t going to save you. Hell we have to be very carefull to wipe it from preprod environment as well (and never store their data in SIt (without irreveesable flipping the personal details)
However the content itself, if cannot be tied back to the person can stay as is. Of course if you have written in your comment “I’m bob Roberts from robertsville and I run bobs grill” that comment has to go so most sites would rather blanket delete. However if you post a guide to grilling that is not personally identifiable then Reddit could keep that data up
I feel like this would actually be worse than someone doing it manually, in terms of GDPR.
I doubt Reddit is ever going to check all these comments manually to see if they do or do not contain personally identifiable data. They have to delete this data. The data also doesn’t have to be “hi my name is X and my address is X”, it can be anything that could be potentially identifying, on its own or in combination with other identifying data.
General Data Protection Right. You as the owner of your content have unviolatable rights including the rights of deletion. These rights superseds reddits draconical terms of service who lets be honest nobody reads anyway because they are stupidly long.
You are not the owner of your content, you are the owner of your personally identifying data. So if tied to you then must go…but if you have written somthing that is not personally identifying then Reddit could keep it
https://www.gdpreu.org/the-regulation/key-concepts/personal-data/
So pretty much any significant discourse you have on a platform would be covered under GDPR as an EU citizen. They also have a list of examples on this page too.
The website also states that „properly anonymized data“ is not affected by the GDPR.
The only things from that list, that should be posted on a public internet forum, are race, gender and political views anyways. And it isn‘t really possible to identify a single user based on these data points
By submitting content to Reddit you also granted them an irrevocable license to use it (according to their ToS) and Art.17, 3a of the GDPR protects data that is not identifiable from deletion
But I guess it‘s worth a try. Maybe their DPO is a nice guy
the article also states that “internet usernames” are personal data, hence data is not being anonymised sufficiently, they are absolutely violating gdpr’s right to erasure
Okay then it wouldn’t be protected by GPDR, but instead Copyright Law (since you are always the copyright holder of your own stuff) which can’t be diminished by companies terms of usage.
Pretty sure you give can give copyright up in terms of service unlike personal data
This is indeed the correct interpretation of the GDRP rules. (Handling and processing of) Personal data, NOT content, are protected/restricted.
Currently making the comment to state I am from a GDPR protected country, I am going to screenshot it and see if it changes again.
I am not entirely sure it is open and shut on gdpr.
If the post contains any personally identifying information then yes it has to go, but if they disconnect your username/account details from the content and the content is not specifically about you then it can stay up. But it is murky grey area.