• Blackmist@feddit.uk
    link
    fedilink
    English
    arrow-up
    9
    ·
    10 months ago

    As I understand it:

    As long as the link between data and user is severed, they are compliant with GDPR. Anonymising data (proper non-reversable anonymisation, rather than pseudo-anonymisation) is as good as deleting. As long as it’s not personally identifiable, it’s OK.

    I suspect anyone else expecting the EU to purge reddit of their comments will be equally disappointed.

    • LWD@lemm.ee
      link
      fedilink
      arrow-up
      3
      ·
      10 months ago

      According to how the UK’s Matrix/Element “privacy” messager app acts, that is correct. If, for example, you request a GDPR compliant data deletion of your messages in a room that contains 100 people, they will continue storing your data and delivering it to those 100 people, as well as propagating your data across any other servers where those people may be.

      If you’ve lost access to any of those rooms, screw you, your data doesn’t belong to you but it does belong to anybody who was there at the time.

    • sibachian@lemmy.ml
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      1
      ·
      10 months ago

      what about the whole knowing who is who based on word pattern/habit, and connected content and/or opinion?

      • Blackmist@feddit.uk
        link
        fedilink
        English
        arrow-up
        3
        ·
        10 months ago

        None of that really seems to count for GDPR. And good luck picking any one person out of a sea of a million orphaned comments.