Mastodon thinks Lemmy’s privacy stinks. What say you?

elbowmacaroni@beehaw.org to Technology@beehaw.org – 160 points – Warning: Lemmy doesn't care about your privacy, everything is tracked and stored forever, even if you delete it
raddle.me

Federated services have always had privacy issues but I expected Lemmy would have the fewest, but it's visibly worse for privacy than even Reddit.

  • Deleted comments remain on the server but hidden to non-admins, the username remains visible
  • Deleted account usernames remain visible too
  • Anything remains visible on federated servers!
  • When you delete your account, media does not get deleted on any server
269

You are viewing a single comment
View all comments

Deleted comments remain on the server but hidden to non-admins, the username remains visible

This is a negative behavior by Lemmy, in my opinion. Deleted comments should be purged after some time. Tildes does the same thing - I think with 30 days?

Deleted account usernames remain visible too

These should be replaced with some random string of characters or something like DeleteUser<numberhere> or something.

Anything remains visible on federated servers!

This is just a concession of federation.

When you delete your account, media does not get deleted on any server

This is an issue, too, in my opinion.

Honestly, this is definitely something that can be added - and in fact it might even be beneficial to server costs. Alongside optional deletion of cached data from other instances maybe a year or two after the data arrived.

People need to remember that Lemmy is an alpha software - we haven't even reached the big 1.0 release

can't anyone who runs a lemmy instance script all that in the db? alternately, can't anyone who claims to do so just not do it in the db? it's not like you would ever know.

A sketchy instance operator isn’t really a solid defense against implementation of better privacy features in the source code.