Federated services have always had privacy issues but I expected Lemmy would have the fewest, but it’s visibly worse for privacy than even Reddit.

  • Deleted comments remain on the server but hidden to non-admins, the username remains visible
  • Deleted account usernames remain visible too
  • Anything remains visible on federated servers!
  • When you delete your account, media does not get deleted on any server
  • Deleted comments remain on the server but hidden to non-admins, the username remains visible

    This is a negative behavior by Lemmy, in my opinion. Deleted comments should be purged after some time. Tildes does the same thing - I think with 30 days?

    Deleted account usernames remain visible too

    These should be replaced with some random string of characters or something like DeleteUser<numberhere> or something.

    Anything remains visible on federated servers!

    This is just a concession of federation.

    When you delete your account, media does not get deleted on any server

    This is an issue, too, in my opinion.

    • Honestly, this is definitely something that can be added - and in fact it might even be beneficial to server costs. Alongside optional deletion of cached data from other instances maybe a year or two after the data arrived.

      People need to remember that Lemmy is an alpha software - we haven’t even reached the big 1.0 release

    • can’t anyone who runs a lemmy instance script all that in the db? alternately, can’t anyone who claims to do so just not do it in the db? it’s not like you would ever know.

        • No, but it’s important with privacy features for people to actually understand how they function and what their limitations are.

          Lots of people think that incognito mode hides their activity from their ISPs. Last thing we want are people using Lemmy and thinking they can e.g. use it for secure communication, and getting caught by the feds.