You didn’t wipe your comments, you only created a new version. And if you deleted them, it’s only a soft delete. Reddit still holds your data. I proved this by doing a gdpr request and received stuff I’d wiped and deleted four years before.
You are correct, of course. However, they are well within their rights to not delete your data. Look up “Legitimate interest” - it’s a huge GDPR loophole and widely abused. (Certainly in charity fundraising in which I used to work)
The LI can be for their own business purposes, including profiling, machine learning and of course, advertising.
It can also, and usually is, need to keep data in case they receive a legal order to provide it. In the event of Reddit being used for terrorism purposes (which I’m sure it has, along with every other messaging platform), they will be required to produce that information. Which they can’t if it’s gone.
We wave the GDPR around like it solves all our problems. And whilst it does add a huge amount of public protection and it’s impressive it made it into law given those objecting to it, it does not give you the right to your own data above all else.
That’s not true. I edited (nearly) all my comments. Then did a GDPR request. All the comments I touched were overwritten in there.
I didn’t catch all of them though, it’s damn tough to get every single one. If you just go through your profile page by page they don’t show all. If you select “Top” comments you find more. If you select “Controversial” you find even more and so on. So I only managed to overwrite maybe 95% or something, but it’s good enough.
Oh and they also have caching and spam protection. So you have to slowly overwrite comments, about one comment every 3 seconds or you get rate limited. And directly after overwriting the comment it might still show up in the old version till their caching servers catch up. So maybe you thought you overwrote your comments, but in reality the requests failed in the background because you went too fast.
Whilst I totally understand your comments and even appreciate them, I still believe I am right.
About four years ago I used NukeReddit - a similar script that loads your comment history, edits each posts, replaces the text with nonsense and saves it. Then deletes the post. I did that because someone got close to identifying me IRL and I didn’t want them to, and wanted to tidy up my own data leakage.
After that, I continued using Reddit until the recent nonsense when I decided to leave to good. First, I used Power Delete, repeating it over several days to delete thousands of comments and hundreds of posts. About a week after that, I submitted a GDPR data request. Another week, I deleted my account. About a week after /that/, I received the GDPR response containing several CSV files containing my data. That included posts and comments I’d made from 11 years ago when I had created that account.
That data had survived two quite thorough scrubs and deletions, and whilst I no longer have access to that account, I believe my data and my account are still there - just unavailable to me.
I do know a little about data and databases, and in many mature projects, deleting posts simply sets an is_deleted column with the date it’s deleted. Editing a message simply creates a copy of that message, sets the original as is_deleted with a date, and sets the copy with the edited text. That’s standard and honestly, I don’t know why Reddit would not do that.
Also consider that Reddit may be under a legal obligation NOT to delete data. If there is a criminal investigation at a later date, they will need to be able to provide that information. “Sorry Mr Government, we deleted Bin Laden’s posts where he incited terrorism to dozens of other suspects” is not going to be received well.
The bottom line is that only Reddit architects will know for certain, but I’d put real money on betting that I’m right.#
You can believe what you want, but I literally did this a month ago. Editing my comments, then submitting a GDPR request and getting a large package of my data. Showing every up and downvote for example (which was over a million entries, ouch) and every comment and post I ever made in the last 11 years.
Deleting your comment does not delete the database entry. It’s up to discussion if that conforms to GDPR, because theoretically you could have personal data in your comment… but for now they don’t delete them. So obviously your GDPR request will contain deleted comments, as they are still right where you left them (and you agreed to the terms and conditions of Reddit which technically make any content you post on their platform their content legal wise).
If you edited your comment and then deleted it and the GDPR request showed the original comment… then that’s a different matter. As far as I tried out they don’t keep the comment from before the edit around. Though if you do it too fast, instant edit and delete maybe something gets messed up and the edit doesn’t stick. But this hasn’t happened to me yet (except I edit more than one comment in 3 seconds, then it gets rate limited).
Reddit admitted they only keep the last version of your comments around, so if you edit them with random crap it’s as close to deletion as you can get.
You didn’t wipe your comments, you only created a new version. And if you deleted them, it’s only a soft delete. Reddit still holds your data. I proved this by doing a gdpr request and received stuff I’d wiped and deleted four years before.
GDPR also allows you to do a data deletion request.
Not necessarily deletion, anonymization would free your info from any GDPR requirements and Reddit couldn’t care less if your username is there or not
Shitty life protip: edit all your comments to include PII and then Reddit will be in violation of the GDPR 😆
Considering that you could hypothetically leave personal information in your comments, would those comments not also need to be deleted?
Yes, if the comments contain PII after your article 17 request Reddit would be in violation
Ah yes, the “Right to be forgotten”
You are correct, of course. However, they are well within their rights to not delete your data. Look up “Legitimate interest” - it’s a huge GDPR loophole and widely abused. (Certainly in charity fundraising in which I used to work)
The LI can be for their own business purposes, including profiling, machine learning and of course, advertising.
It can also, and usually is, need to keep data in case they receive a legal order to provide it. In the event of Reddit being used for terrorism purposes (which I’m sure it has, along with every other messaging platform), they will be required to produce that information. Which they can’t if it’s gone.
We wave the GDPR around like it solves all our problems. And whilst it does add a huge amount of public protection and it’s impressive it made it into law given those objecting to it, it does not give you the right to your own data above all else.
That’s not true. I edited (nearly) all my comments. Then did a GDPR request. All the comments I touched were overwritten in there.
I didn’t catch all of them though, it’s damn tough to get every single one. If you just go through your profile page by page they don’t show all. If you select “Top” comments you find more. If you select “Controversial” you find even more and so on. So I only managed to overwrite maybe 95% or something, but it’s good enough.
Oh and they also have caching and spam protection. So you have to slowly overwrite comments, about one comment every 3 seconds or you get rate limited. And directly after overwriting the comment it might still show up in the old version till their caching servers catch up. So maybe you thought you overwrote your comments, but in reality the requests failed in the background because you went too fast.
Whilst I totally understand your comments and even appreciate them, I still believe I am right.
About four years ago I used NukeReddit - a similar script that loads your comment history, edits each posts, replaces the text with nonsense and saves it. Then deletes the post. I did that because someone got close to identifying me IRL and I didn’t want them to, and wanted to tidy up my own data leakage.
After that, I continued using Reddit until the recent nonsense when I decided to leave to good. First, I used Power Delete, repeating it over several days to delete thousands of comments and hundreds of posts. About a week after that, I submitted a GDPR data request. Another week, I deleted my account. About a week after /that/, I received the GDPR response containing several CSV files containing my data. That included posts and comments I’d made from 11 years ago when I had created that account.
That data had survived two quite thorough scrubs and deletions, and whilst I no longer have access to that account, I believe my data and my account are still there - just unavailable to me.
I do know a little about data and databases, and in many mature projects, deleting posts simply sets an is_deleted column with the date it’s deleted. Editing a message simply creates a copy of that message, sets the original as is_deleted with a date, and sets the copy with the edited text. That’s standard and honestly, I don’t know why Reddit would not do that.
Also consider that Reddit may be under a legal obligation NOT to delete data. If there is a criminal investigation at a later date, they will need to be able to provide that information. “Sorry Mr Government, we deleted Bin Laden’s posts where he incited terrorism to dozens of other suspects” is not going to be received well.
The bottom line is that only Reddit architects will know for certain, but I’d put real money on betting that I’m right.#
You can believe what you want, but I literally did this a month ago. Editing my comments, then submitting a GDPR request and getting a large package of my data. Showing every up and downvote for example (which was over a million entries, ouch) and every comment and post I ever made in the last 11 years.
Deleting your comment does not delete the database entry. It’s up to discussion if that conforms to GDPR, because theoretically you could have personal data in your comment… but for now they don’t delete them. So obviously your GDPR request will contain deleted comments, as they are still right where you left them (and you agreed to the terms and conditions of Reddit which technically make any content you post on their platform their content legal wise).
If you edited your comment and then deleted it and the GDPR request showed the original comment… then that’s a different matter. As far as I tried out they don’t keep the comment from before the edit around. Though if you do it too fast, instant edit and delete maybe something gets messed up and the edit doesn’t stick. But this hasn’t happened to me yet (except I edit more than one comment in 3 seconds, then it gets rate limited).
Reddit admitted they only keep the last version of your comments around, so if you edit them with random crap it’s as close to deletion as you can get.