https://www.reddit.com/r/redditsync/comments/14e7ikp/lets_talk_about_lemmy/
https://www.reddit.com/r/SyncforLemmy/
Glad ljdawson is going to try to make this a thing!
ljdawson
My plan is to get an MVP out in the next 3-6 weeks.
What should make the first release?
https://thomashunter.name/posts/2023-06-19-how-to-delete-reddit-account-gdpr-ccpa
Looks like it’s not that easy
I just want to add that as a European citizen you also have a right to get a copy of all your data, and an explanation how and when this data has been used.
Also, I’m pretty sure that their response “you first have to delete your comments manually” does not comply with EU guidelines.
https://www.reddit.com/settings/data-request
As a European it is an option for me
Read the update at the bottom. Reddit doesn’t seem to want to comply with the requests. I guess you could use a deletion script.
Then they are in breach of GDPR regulations. If they don’t comply I could see some serious fines heading their way
Wouldn’t they have to have some sort of presence in the EU? If all of their operations are US based (I don’t know if they are or not), can the EU really do anything about it?
They serve people in the EU so they absolutely have to comply. If you have EU citizens on your website then EU GDPR regulations apply to you.
I have done enough GDPR compliance training to make me want to gouge my own brain out but I guess it came in handy lol
Suppose Reddit tells them to go away. What are they going to do about it?
In my case, I could go to the ICO and register a complaint with them if you live in Europe then you can try this page: https://edps.europa.eu/data-protection/our-role-supervisor/complaints_en
Outside of Europe, the UK and California you probably won’t have much luck to be honest, as they do not legally have to comply with you if you are not a citizen of any of those places.
As for if Reddit tells the EU to go away, that is suicide, whilst 49% of users are in the USA the rest of the 51% are everywhere else, that would be a very bad look for investors if the website was blocked in Europe and it would look especially bad for the company to be fined for gdpr non-compliance. So they would be in worse not to comply… Not to mention the loss in ad revenue. Nobody wants to serve ads when only half the site is going to see them. USA won’t be much affected but anyone in the EU will.
They could also increase the fine, and if they still refuse to pay, sue them and seize assets. Either way, a massive headache
I am more interested in the enforcement scenario where a US business just completely ignores the fines, lawsuits, etc.
“sue them and seize assets.”
How are they going to enforce that on a US company if what they did wasn’t illegal in the US and the act in question was done in the US?
I believe blocking reddit in the EU is an option.
How would they implement that?
Also found this blog post and made the request to Reddit for GDPR data removal. However I removed comments by using the Power delete suite (https://github.com/j0be/PowerDeleteSuite).
After few hours got email (similar as in the blog post) from reddit and followed by the instructions given in email (basically send as a reddit message confirming account deletion). Few hours passed again and got confirmation email from Reddit “We’ve now flagged your account for irreversible deletion. Please allow some time for this action to complete.”
Basically not much effort needed in case you’re willing to remove the comments (etc) manually or using scripts, extensions, etc.
However not sure if it would be GDPR compliant for Reddit to leave the comments if the user data is wiped out even if the username is removed from the posts.
Thanks, this is extremely helpful!