Reddit is an American company, and while the first amendment allows a lot of horrible kinds of speech, there’s a few exceptions. Unfortunately, defamation laws are weak, so generally, you can defame just about anyone in practice.
What’s interesting is this:
Reddit argues handing over the information will create a chill among other users, explaining in its court filings that “anonymity is not just a user preference but a defining feature of Reddit’s business model and identity.”
If Reddit actually cared about anonymity, they wouldn’t even have that information to begin with. It would be wiped. They likely share user information with advertisers and other third parties for profit, so they’re more than happy to keep it.
This is just Reddit refusing to comply, because they like the PR of making a show of “protecting users.”
Destroying documentation while a court case is pending tends to be highly illegal.
Any Lemmy instance stores identifying information for technical reasons. I couldn’t say if reddit stores more information for longer. Quite plausibly, your instance has more on you. Reddit is internationally exposed to various regulations and must make a professional effort to comply.
If the information is not explicitly required by law to be retained, then there is no penalty for deleting expired information in accordance with the firm’s retention policy.
Having designed and implemented site retention policies in a country with GDPR-like laws, what this means in practice is that you’re a fool to retain anything longer than you absolutely have to for compliance or essential business reasons. Retained information is a liability and a legal risk.
I think you’re putting the cart before the horse. I’m not suggesting they destroy information after a court order.
They do have to comply with various laws, but they are not required to store user information at times when there’s not pending legal filings, and they are not required to store that information for every single user even if there were filings. Courts have to make very concise requests for information. They can’t just say, “Give me your entire database,” unless there was a prescient reason why the entire database was required to make the case (and a judge would have to weigh whether collecting the information of unrelated parties was too invasive).
Any Lemmy instance stores identifying information for technical reasons
Yes, but they do not have to. They do, in order to service their instances, but unless there is a law that compels storing identifying information, they do not have to do it.
If identifying-information-storage was so vital, logless VPNs wouldn’t exist.
Anyway, all of that is beside the point. No business will break the law for you. They’re “refusing” to comply, because they don’t have to (jurisdiction), they have had a torrent of bad press lately, and they’re trying to put on an air of being user-centric to entice people to stay.
If identifying-information-storage was so vital, logless VPNs wouldn’t exist.
I see no technical reason why a VPN would need to store outgoing connections. I would be surprised if they didn’t store incoming connections, but I don’t actually know.
Anyway, just don’t make stuff up. You’re not making the world a better place. You ever heard of these Qanon guys? They made up a lot of shit and they didn’t make the world a better place.
I see no technical reason why a VPN would need to store outgoing connections. I would be surprised if they didn’t store incoming connections, but I don’t actually know.
I do. Which is why I used that example. If you want to get really technical, they do store that information, but only for a very short time and only in RAM. That means that when the server power cycles or the system does garbage collection, those temporary logs are gone. Your personal incredulity or ignorance is not my problem.
Anyway, just don’t make stuff up. You’re not making the world a better place. You ever heard of these Qanon guys? They made up a lot of shit and they didn’t make the world a better place.
How dare you accuse me of being of the same caliber as Qanon. You don’t know me. Fuck off with your Reddit apologetics.
Arrogance aside, there are also technical reasons to persist connection data longer than would make sense in RAM. Supporting after-the-fact problem investigation is one big one. If your incident-reponse SLA is one working day, you need to keep the data at least that long.
Yes, but that’s not the only reason. It’s also done to track users; specifically to detect ban evasion and such things. Detecting DDoS attacks or scrapers might also be a purpose. Your instance only gives the first as a purpose, though. EU sites are legally required, per GDPR, to disclose such things.
I don’t know how I should reply to this level of aggressive ignorance and willful disinformation in a way that does not appear arrogant.
How dare you accuse me of being of the same caliber as Qanon. You don’t know me.
I know that you recklessly spread disinformation and react to proposed facts with hostility rather than curiosity. I don’t know more about the qanon people either.
is this some freeze peach bullshit i’m to european to understand?
hate speech, difamation, etc should be prosecuted. period.
Reddit is an American company, and while the first amendment allows a lot of horrible kinds of speech, there’s a few exceptions. Unfortunately, defamation laws are weak, so generally, you can defame just about anyone in practice.
What’s interesting is this:
If Reddit actually cared about anonymity, they wouldn’t even have that information to begin with. It would be wiped. They likely share user information with advertisers and other third parties for profit, so they’re more than happy to keep it.
This is just Reddit refusing to comply, because they like the PR of making a show of “protecting users.”
I’d bet spez would gladly share that info if the court paid for the data rather than request it via legal.
Nailed it. This platform needs awards.
Well it is open source if you can stomach working with the devs lol.
Destroying documentation while a court case is pending tends to be highly illegal.
Any Lemmy instance stores identifying information for technical reasons. I couldn’t say if reddit stores more information for longer. Quite plausibly, your instance has more on you. Reddit is internationally exposed to various regulations and must make a professional effort to comply.
If the information is not explicitly required by law to be retained, then there is no penalty for deleting expired information in accordance with the firm’s retention policy.
Having designed and implemented site retention policies in a country with GDPR-like laws, what this means in practice is that you’re a fool to retain anything longer than you absolutely have to for compliance or essential business reasons. Retained information is a liability and a legal risk.
Yes, which is why I think a company like Reddit plausibly holds less information than an Australian Lemmy instance.
I think you’re putting the cart before the horse. I’m not suggesting they destroy information after a court order.
They do have to comply with various laws, but they are not required to store user information at times when there’s not pending legal filings, and they are not required to store that information for every single user even if there were filings. Courts have to make very concise requests for information. They can’t just say, “Give me your entire database,” unless there was a prescient reason why the entire database was required to make the case (and a judge would have to weigh whether collecting the information of unrelated parties was too invasive).
Yes, but they do not have to. They do, in order to service their instances, but unless there is a law that compels storing identifying information, they do not have to do it.
If identifying-information-storage was so vital, logless VPNs wouldn’t exist.
Anyway, all of that is beside the point. No business will break the law for you. They’re “refusing” to comply, because they don’t have to (jurisdiction), they have had a torrent of bad press lately, and they’re trying to put on an air of being user-centric to entice people to stay.
I see no technical reason why a VPN would need to store outgoing connections. I would be surprised if they didn’t store incoming connections, but I don’t actually know.
Anyway, just don’t make stuff up. You’re not making the world a better place. You ever heard of these Qanon guys? They made up a lot of shit and they didn’t make the world a better place.
I do. Which is why I used that example. If you want to get really technical, they do store that information, but only for a very short time and only in RAM. That means that when the server power cycles or the system does garbage collection, those temporary logs are gone. Your personal incredulity or ignorance is not my problem.
How dare you accuse me of being of the same caliber as Qanon. You don’t know me. Fuck off with your Reddit apologetics.
Arrogance aside, there are also technical reasons to persist connection data longer than would make sense in RAM. Supporting after-the-fact problem investigation is one big one. If your incident-reponse SLA is one working day, you need to keep the data at least that long.
Yes, but that’s not the only reason. It’s also done to track users; specifically to detect ban evasion and such things. Detecting DDoS attacks or scrapers might also be a purpose. Your instance only gives the first as a purpose, though. EU sites are legally required, per GDPR, to disclose such things.
I don’t know how I should reply to this level of aggressive ignorance and willful disinformation in a way that does not appear arrogant.
I know that you recklessly spread disinformation and react to proposed facts with hostility rather than curiosity. I don’t know more about the qanon people either.
Prove it.