I’m trying to understand how safe it is to use an account on lemmy.world to post dissenting opinions regarding the U.S. government. I have three questions:

  1. If a subpoena is issued for IP records for a user or their comments, will all historical IP data be available to provide?
  2. Is there a time limit on how long IP records are kept?
  3. When a user deletes their account on lemmy.world, are their comments and/or IP records also deleted?

Asking for a friend…

  • @[email protected]
    link
    fedilink
    214 days ago

    Assume that anything you do can be linked to you, and act accordingly.

    Only use a VPN to connect to the internet, and choose a server in a country without an information sharing agreement with the country you’re in.

    Use an email service that allows you to generate aliases so your actual email isn’t on record.

    Even if they’re not doing those things, they could always start. I year Proton for these things, but you can research the best provider for you.

    • @s38b35M5
      link
      English
      54 days ago

      Only use a VPN…

      This instance disallows posting from known VPN IP addresses. Just FYI

    • Jo Miran
      link
      fedilink
      64 days ago

      I suggest using internet access at public libraries or a dedicated, anonymized, linux based (Tails) laptop and connect to public wifi access points. Coffee shops with outside seating and only outdoor cameras are a good choice.

  • Scrubbles
    link
    fedilink
    English
    104 days ago

    The fediverse is different than online social media. You have one server who has the data yes, but you are essentially blasting out all of your opinions across the entirety of the fediverse, where anyone or any entity can have a listener. There are no deletes either, meaning that whoever is listening does not have obey the delete request.

    We have our open world free from takedowns and corporate, but the tradeoff is privacy. Expect anyone to be listening

    • copygirl
      link
      fedilink
      English
      54 days ago

      Whenever you post something publicly on the internet, it’s best to assume that you may not be able to delete it. Scrapers, search engines, caches, people taking screenshots, … This is of course especially true with the fediverse, where posts are duplicated across servers. (Typically deletion requests are honored, but they might not, or they don’t go through because of an issue, and even then the previously listed issues are still present.)

      However, this is only regarding information that’s either public or shared through the protocol, which doesn’t include your IP address or the email address used to register. These are only available to the server your account is on and the client you connect with, if you’re using an app. This information is I believe what OP was asking about, not the posts themselves.

      (Without a proxy / VPN (comes with its own up- and downsides) your internet provider can also check some of your internet traffic, such as who you’re connecting to, though typically not what data is being exchanged, due to encryption, like HTTPS.)

    • @[email protected]
      link
      fedilink
      24 days ago

      whoever is listening does not have to obey the delete request

      Say it louder for those in back. I kept getting downvoted when I said that the GDPR won’t help them on the fediverse as there are instances in places it won’t help.

      • Scrubbles
        link
        fedilink
        English
        04 days ago

        I know me too, I love it here don’t get me wrong, but literally anyone can host an instance. GDPR is great overall, but it doesn’t cover when you blast your data to N number of other servers. There’s no clawback, and even then like we both said, there’s nothing stopping a 3 letter agency for listening and just ignoring the delete request. I love it here, but I’m not going to just give out private info either. If you want encrypted messaging, go to Matrix

    • @Burn_The_RightOP
      link
      64 days ago

      Thanks for the reply. I have read the privacy policy, but it is rather unspecific. But, I thank you for the link. I think it’s probably safest to delete my account now.

  • @solrize
    link
    54 days ago

    Lemmy is pretty bad at privacy, tracking not only your posts, but which posts you have read, which comments you have up or down voted, etc. Most “privacy” VPN services are scams, so don’t expect privacy from them. Someone suggested using internet at public libraries, but those usually want you to log in with your library card, so that goes back to you too.

    Best thing to do, I think, is run your own lemmy instance so it receives all of the posts and comments, so you can read what interests you without having the reads tracked on someone else’s computer. Then avoid posting on edgy topics.

    It disappoints me that Lemmy tracks reads and votes on the server. Reading should tracked only on the client (if at all), like with Usenet. Having your reading examined is even more invasive than having your posts examined. I’d be happy if voting were eliminated altogether, but if not, it could be made more private too.