Reddit may have a user agreement that allows them to use the data forever, but historical versions that were not visible (effectively soft-deleted on edit) puts this into a risk area as it removes the ability for someone to control the data thus transferring ownership far more explicitly to Reddit.
Reddit should be very cautious here... you only get a lot of protections (EU eCommerce Act, etc) but being mere conduit. Arguably volunteer moderators took on a lot of the liability by their act of moderating, and Reddit were able to distance themselves from a lot of the content on the platform.
But once Reddit go intervening in the content, choosing to make some old revisions public, they're now taking editorial decisions that strip them of a lot of the things that protect them.
This is an incredibly naive move in the big picture.
They already apparently provided a 2TB data dump of everything up to march of this year.
That's shockingly small. Like, can we just build some retro love-child of unison and NNTP, and just keep a copy of all the news groups on our laptops / the ones we care about on our phones?
Anyway, from a liability perspective, undeleting stuff older than that seems to be a moot point.
I think Reddit, like most U.S. web based companies aren't overly concerned with GDPR in many situations, and they are focused on what looks best for their IPO.
Firstly operating in the EU doesn't mean your entire global operation has to conform to EU regulations. Unless the user in question is in the EU, I think they would be hard pressed to apply fines.
But Reddit is a bit off the rails right now, I mean it is clear they aren't making good or smart choices, so even if this is solely bound to the confines of the EU, I don't think they are going to follow the rules, until they are made to.
Could be an intentional small-scale data rollback that has accidentally had far wider effect. Or some “eventually consistent” anomaly where nodes that never saw the changes/deletes have reasserted the version of reality they still see.
But back to the previous hand…
> seems like such an unwise thing for them to do
Doing unwise things then doubling down on them seems to be Reddit's MO at the moment, and that has been the case for a while so each re-doubling currently means a notable jump in unwiseness, so I'm not surprised enough by any given apparent iffy decision that I reach for other explanations by default.
Could be an issue with too many tombstones in their Cassandra cluster. If there is an increase in deleted data (very possible given the blackout), the cluster could be having some issues. No doubt they have regularly, scheduled repairs on their tables, but those are not fast operations on huge clusters.
Reddit has value no just through it's "new/live" content. Plenty of people search for "$topic Reddit" and fond some old threads with useful information. If the content is deleted, Reddit usefulness goes way down.
I’m not sure how that’s relevant to my question. He was drunk and being an idiot, that wasn’t a major management decision like disallowing deletion of comments which affects the entire platform.
That would be unprecedented in the history of social media to only allow permanent comments. Im also very skeptical comment deletion is happening at such a scale to be meaningful vs the billion new comments they get a year.
This all smacks of low quality speculation thats mostly a consequence of the current outrage cycle of the week.
I think the point being made is that somebody who would get drunk and edit comments on a forum they control is the LAST person who should run a forum of any sort.
Also, why do people who are defending him always refer to him being drunk? Is he granted some sort of “blame the booze” pass for those actions?
You do it before someone has replied to it. Once someone has replied, you can't delete your comment without destroying the context of their comment. It's not just about you at that point.
Does HN have to care about a GDPR request? HN doesn't have either servers or people in Europe, so far as I know.
Even so, that still may not save you. Say you decide you want your post here deleted. Say HN does so, but leaves my reply. And say my reply looks like this:
> We'll see about that the minute someone makes a GDPR request to delete their stuff.
Well, Paul-Craft, I don't think it's going to work like that...
[End of pretend reply.]
Now your post is quoted by mine, and your name is mentioned in mine as the author. Now you cannot delete all traces of your post without editing mine.
>Now you cannot delete all traces of your post without editing mine.
gdpr =/= right to be forgotten (I'm not even sure if the latter cares about that. That's more about search indexing than perfectly scrubbing your history). GDPR is there to ensure your data can't be stored indefinitely on some private server without your ability to withdraw it.
Paul-Craft being quoted saying something that one time on June 17th 2023 is 100x less valuable to a data harvester then a directly post from Paul-Craft himself.
Sure, when the CEO does it it's an excuse, and when I do it I get written up by HR.
>Im also very skeptical comment deletion is happening at such a scale to be meaningful vs the billion new comments they get a year.
I don't think GDPR cares about scale so much as compliance. Scale just affects the fine.
>This all smacks of low quality speculation thats mostly a consequence of the current outrage cycle of the week.
Sure, I don't disagree. As long as we agree we are both dabbling in speculation. could be an honest mistake, could be the next phase of panic from a sight that is flailing about to keep its valuation from dropping further. I won't claim any authority on the topic.
I do find it entertaining how thoroughly they are stumbling over this tho. And we still have over a week until the real action.
He was literally just on NPR defending his position. Stated that there has been no impact to the business and that paying "tens of millions a year on infra to support third party apps is not sustainable" but that he wont be changing any policy changes because they need to find a sustainable balance on the UGC ad model.
I wipe my comments about every 6 months. Not just delete, I overwrite them and then purge them with one of those browser scripts. Looking back, it appears my history has been completely restored going back 5 years. Beyond 5 years, they are still deleted.
Completely restored to the overwritten value you set before deleting, or completely restored to the actual original content as people have speculated could happen?
That means they went back to five-year-old backups. Delete actions which you took five years ago were undone.
This more or less tends to confirm that Reddit management handed down a mandate to restore everything being deleted, not only recently but going back as far as they have backups.
The restoration isn't perfect; it doesn't patch back the posts into your timeline, so when you search for your own posts, it appears empty. That is probably deliberate, the idea being that people don't notice the reverts.
When I re-delete a post manually, that action seems to stick. But for how long; they will probably be repeatedly restoring old posts from backups from now on.
Luckily, I have every single link to each one of my deleted posts. I told Shreddit to save them. The numerous .json files have all the info to re-delete the posts. Shreddit can be modified (or else a new program written) to use the .json files as input rather than obtaining a list of posts from the API.
I don’t think backups were used, likely all comments are just soft deleted and versioned.
So I think they just toggled off soft deleted comments, and reverted to older comment versions. That might show up as comments missing their added “edit:”s.
Another commenter here said they think this was an accident, I’m inclined to agree
I can confirm a comment I made in r/vmware has been restored. I typically delete my comments after 24 hours. I have a single comment from 20 days ago that was previously deleted now back on my profile.
Interesting. If it's alright to ask, why do you have this policy? In my case I never delete my posts/comments and always edit with a big "EDIT" disclosure.
I do the same. In my case, it's doxxing prevention. I don't like that someone can put my profile on one of the reddit inspector sites and get a detailed profile of me, including my age, where I live and my hobbies. I also don't like it when people can click on my name and get my entire history across all subreddits.
That's not the case here because I consider HN to be the equivalent of a single Subreddit, so the information is less diverse. I don't talk about every facet of my life here.
On the other hand, I'm the kind of person who uses a different username on every forum. It's a habit I picked up in the early days of the internet.
This is especially useful in this era where even news organization websites will quote your online username to add to their stories.
The trouble with throw away accounts is that there is technology to link the accounts by comparing your writing style to other accounts. Hacker news had a good demonstration of that awhile back.
Some might call me paranoid, but I also change my writing style between sensitive accounts.
Not all, because that would be a bother, but between accounts where I'm a moderator and those where I'm a normal user, I make sure to change my mindset.
On some accounts, I translate everything I write twice for greater anonymity.
I probably should have just said "cross-reference," but here's a hand-wavy scenario. The gist is, the more information you have on a persona, the more you can filter out identity candidates.
So, for example, if you have unique anonymous accounts for multiple online communities but use an identifiable "anonymization" scheme (and with the right heuristics and AI "magic" this need not be a targeted attack), I can correlate and build a profile on you: Military history enthusiast, knife owner, lives in Maine, Boston U alumni, class of 2001, active hours imply working 9-5, age 39, etc.
Which is probably enough to compare against public records, leaked data, whatever, to pinpoint a single individual.
I see that implementation now says "Site is closed as of 2023-03-01". Do we know of any alternatives? Ideally I'd like to see if my HN handle brings up my reddit handle, or other cross-site linkages.
Lots of subreddits have minimum account age and/or karma requirements due to how bad the bot situation has gotten, so unless you're willing to farm karma and wait a month to post each time (or maintain multiple semi-permanent "burner" accounts, which, as pointed out by Maximus9000, can still be linked together by writing style), it's easier to just purge your comment history on a regular basis.
my reddit account was deleted years ago, and I wasn't that strict. But the big thing that lead to me deleting and creating new accounts was basically mass taggers.
Long long story short, I probably made some comment on some apparently "bad" forum years ago (let's say, 2012). And hell, I was dwnvoted vehemently and was arguing a storm against it. But because those mass taggers just care about where you post, and not what you post, I was labeled as a bigot. No big deal. Years later (maybe 2015) I deleted most of my older comments anyway as some transition phase as I left college.
Then in 2018 or so some person called me that specific bigoted phrase. Remember, this would be 3 years ago, and I commented heavily. No way any human on a video game subreddit cared enough about me to dig through 3 years of comment history (which by then would be mostly video games and anime) to find comments they disagreed with. Especially when those comments don't exist on my profile. I was clearly mass tagged and someone wanted an easy insult.
So I just threw that all away. grabbed the saved posts I cared about, deleted some 6 year old account and restarted in a new handle. I didn't want to bother with any future drama that was already well behind me. Because reddit doesn't care if my account is 6 days old or 6 years old; there's no difference. Why bother trying to redeem some crude handle I made up on the spot in the beginning of college?
----
TLDR there are very annoying redditors who will troll histories and tag you without context and I was tired of dealing with that.
Exactly. And it's so sad when I find a thread that clearly had exactly the answer I was looking for to a question, with somebody replying "thanks so much that answers it perfectly!" only the answer itself was deleted. :(
A couple years ago I came across a deleted Reddit comment[1] and I wished that I could read it so badly I messaged the op and asked him what he said. He didn't remember, and I was hoping so badly it would've been restored after I read this news. Alas, it wasn't.
I believe KitchenAid stand mixers [assembled in America](https:\/\/www.youtube.com\/watch?v=0qKp-0h9P18), and the parts (edit: excepting the motor) do not appear to be sourced from China.\n\nHave a look around your local Ikea; a lot of their stuff, especially kitchen tools, are from Europe, Taiwan, etc, and not China. They label the source of all their stuff, so you can avoid stuff from China.\n\nZojirushi is a Japanese brand that makes all manner of appliances. Good quality. Work well. Hold up over time. Top-quality engineering.\n\nBlendtec blenders are also assembled in America. Their website casually avoid mentioning where parts are sourced, but they're at least an American firm.\n\nJapan also makes some pretty good knives, if you're in the market for those.\n\nFinally, there is always eBay. And for some appliances, such as toasters, you may in fact be able to get a better product than is available on shelves now.
This is why I quite like that Reddit by default just orphans comments on account deletion. One comment is usually not much of a PII danger, it's correlating them that builds up a picture. So this lets people leave their comments for others while reducing dox risk (well, unless the attacker uses Pushshift, in which case this is all futile)
If I wrote something especially noteworthy, I'll likely remember in my mind forevermore. If memory loss does occur someday, oh well. Am I going to remember to care?
The rest served its purpose at the time, but isn't something I will ever want to look back on again. What do you find so interesting in your old work?
It's not my old work I want to read, it's that of others. Comments are a frequently valuable shared annotation system for discussion on a post. Frequently I will search reddit for answers to questions I have and find a useful result in a comment.
Other times I want to get a summary of a new topic so I will find an applicable subreddit and sort by top from the last year to get an idea of what is interesting for this community.
Wherein lies the value of seeing that others read your work?
As the saying goes, work is done for those who pay for it. When I, like you, write comments on sites like these I am the one paying for it. I derive entertainment value for the cost I am sinking, so I find it to be an acceptable trade, but beyond that small window the entertainment is over and the value of what was produced is gone. To keep it around beyond that is just hoarding data.
I can appreciate that one might find value in feeling like they are helping out a greater community by allowing others to read their work. I commend those who see that value. But even that seems fleeting. If your work disappeared without you noticing, the value derived from that would not be lost. It is not the perpetual existence of the data that provides that value.
Although, I think the greater question here is: What value is there in allowing a for-profit company like Reddit to get rich selling the work you paid for?
I wanted to delete my old posts so that Reddit doesn't get any value out of them.
That's exactly why they put in dirty hacks to defend against this.
Reddit depends on all the old content because it's indexed by search engines. People add "Reddit" when they search and then they navigate to the site. Old content brings in visitors.
>you would rather no one in the world get any kind of value from them since you are not getting any anymore?
I'd rather not get harrased from old comments in arguments I long forgotten about. Because some redditors will stalk you that persistently. I just don't want to bother to begin with.
If that cost some useful advice, I apologize. Rotten apples and all that.
I would delete comments that are past their prime like I would discard expired food in my fridge, yes. What are you going to gain from keeping something that is now rotten?
It's not about you, it's about everyone else who might benefit from reading your comment. What are you taking that benefit away from them? Why do you dislike other internet users like that?
Also comments don't rot on the internet, nothing is ever "past its prime". Why do you think comments lose value to other people? In fact, there's quite likely a long tail of future users who would benefit, who are even larger than the short tail of people in the current 24h.
This person is either really playing up their Ayn Randian philosophy or they are deluded. I think you can be somewhat relieved knowing that the comments which are deleted are probably in line with the ones made by the person today -- worthless.
Absolutely they would be worthless to others. After all, if there was value available to others, others would be willing to pay for it. And that's just not going to happen for anything I am capable of writing. There is good reason why I'm the one paying for it even though it is quite common to pay others for what they write. It is not unusual at all to pay those skilled in writing for their work. For the rest of us, it's just a hobby. And that's okay. Not all work has to be for others.
Although, of course, what you say about money is true. In fact, I can see from my not deleted HN history that I wrote that money is just an IOU only three days ago. I guess there is some value in being able to look back on my work! But is it value enough?
Human nature is to be transactional. If I offer you my time to write a comment for you, I am going to expect something in return. That in return could be nothing more than the smile you give me when you read it. It doesn't have to be some elaborate, grandiose thing, but there has to be some kind of payment or one will quickly sour to the ordeal.
If I were to write for you now, what would you give me in return? I suspect nothing because there is nothing of value I could offer you with my writing. Conversely, I offer you nothing. Will you write something for me? I expect not. Why would you?
Do you find this attitude makes your life more pleasant, or does it make it that when people at a social event find out you are on the way to join them, they sigh silently and look at the ground and make a wish that you would have gotten over your reductive, sophomoric, and joyless 'everything is a transaction' philosophy because it makes you tedious?
>does it make it that when people at a social event find out you are on the way to join them, they sigh silently and look at the ground
you're not making the best case yourself. You'd be the person coming that the host would spend half the party trying to separate from certain others becuase you'll just get into a huge fight over a bike shed and ruin the night for every.
A person on the internet deletes their comments. It's not that deep.
So long as I am paying for it, it is absolutely about me. I would consider offers to write for others if they see the value, but it is quite apparent that what I write does not actually provide value to others. Which is fine. I'm happy to leave that work to the professionals.
Why do you feel entitled to the work I have paid for? It is one thing if I generously offer it to you, but to expect it?
Reddit is free, you don't need to pay to write comments. You're not paying for anything. And whether future users find value is up to them to decide, not you. You can't read their minds.
And you're going out of your way to delete something you already wrote. That's extra work for you. Why do you hate the future users who might find value?
There is most definitely a cost in preparing the comments I write. I have to pay for my energy, pay for the lost opportunity, and I have to pay to recoup past investments that came together to allow me to formulate the comment. As I find entertainment in writing the comments, I am willing to pay the price, but it absolutely does not come free.
Other people don't enter the picture. There is no hate towards them, they simply don't exist in the sphere the comments are created in. It is a false premise to think that they are involved.
It would be easier to write them and then close the tab before hitting the button to post them. If you truly only derive value from writing them and none from anybody reading them.
And then it still "costs" you to delete them, by your logic. What is the value you get from that? If it's not from a desire to remove value for others, which you claim it isn't?
I would say that 90% of the entertainment is in formulating the comment. On that front, yes, writing and then closing the tab would be sufficient. However, 10% of the entertainment is in seeing the silly outputs from the forum software after pressing submit.
The forum software which outputs those silly outputs does provide value. For instance, Reddit and I established an agreement where if I pay even more of my time to look at their ads, which gives them value, they will provide me with those silly outputs, which I find valuable. It has been a mutually beneficial trade.
Should the cost of using Reddit go higher, as it seems it will, then the calculator will come out and I will have to determine if the cost is still in line with the benefit. With only 10% of the value coming from there, there isn't a whole lot room for them to play with, especially when you have HN graciously offering essentially the same service for a much lower cost.
I post for the benefit of the silly outputs produced by their software.
It is quite possible that those outputs originate from people, but there is nothing in the service to indicate that they do come from people. They could just as easily come from a cleverly designed random number generator (think GPT). There is no real way for me to really know for sure, and it really makes no difference so long as I am sufficiently entertained by the silliness of the software outputs.
Such implementation details are well beyond my concern and not a part of the value being exchanged between me and Reddit. As they say in the world of software, "nobody cares that you used language X". While the developers writing the software may find value in "X", it makes no difference to the end user. The same applies here.
Cleaning out your fridge takes effort. I have never been happy any time I have relaxed on those efforts, though. While I am sure there is someone starving in the world that would enjoy the food about to be tossed, that does not provide sufficient reason to hoard that which is past its prime.
Comments that are left to rot can continue to produce unwelcome silliness long after it is no longer entertaining. There is value in removing it from the metaphorical fridge before you have to subject yourself to the foul stench that can emit out of a comment that is past its prime.
I think you need to face the fact that you derive value from other people's comments, even if they were posted more than a day ago, yet you're depriving others of the same, leaving one-sided exchanges behind you. And that's not a fair exchange.
There's no "foul stench" of comments more than a day old, that's nonsensical.
You're obviously under no legal obligation to leave your comments up, but it's simply not playing nice with others.
I'm not going to comment here any more but I sincerely hope you're able to think about this. And take in the fact that there are actual real-life people having a conversation with you. We're not "software". And you might have a more rewarding experience online if you're able to take that in. Good luck.
Bold claim that there are people involved. We can see in the parallel thread taking place signs of an LLM-style hallucination, inventing a narrative about money where there was none before.
There very well could be people involved, but that is just an implementation detail hidden from the user. These services only present arbitrary characters of faceless and unknown origin. What lies beneath is a mystery. Which, in fairness, is a lot of the appeal. Going outside will always provide a better experience for when you want to involve other people! We come here because we want to spend some time away from other people to collect our own thoughts just for ourselves.
The foul stench is the continued silliness that persists after the entertainment is over. The design of HN is not so bad for this, but Reddit will put it right in your face if it has more to output. Once the entertainment is over, it's too much. I don't care. Silly is only entertaining for a short period of time and needs to end when that time has elapsed.
I've had some interesting discussions replying to 10+ year old comments I find in Google ever since Reddit allowed subs to opt in to replies to older threads.
random reddit posts have saved my butt several times in "oh god oh god I broke the data lake" or similar situations.
Some rando post from 2 years ago, too. Deleting them after 24 hours just kinda takes away the value prop for reddit. If I want a real-ish-time convo with someone then i'll get on Discord; the value of reddit is the posts live on.
Yes, I deleted all of my comments and posts using shreddit last week. This from both subreddits that went dark and those that did not. Tens of thousands of comments. They were gone until two days ago when they suddenly all reappeared. I deleted them all again yesterday. I plan on keep deleting them until they stay deleted for a significant amount of time, then delete my account.
This will be interesting if reddit conducts business (sells ads) in the EU. Hard to see how having such old backups of user content isn't in violation of the GDPR.
GDPR only covers personally identifiable data, which most of these messages are not.
And even if they contain personally identifiable data, the user would need to request the deletion of these ¨PI data from reddit. I am not sure simply deleting your messages yourself counts as requesting the deletion of personal data under GDP.
the concept of 'personal data' under GDPR is quite broad. the mere presence of a username relates those messages to a possibly identifiable person. and asking for something to be deleted is asking for it to be deleted.
IANAL but having dealt with GDPR lawyers in a past career, GDPR allows you to anonymize user data as in, if there is no link between the user and the data, that satisfies a right to erasure request. That is not what is happening here but it is not as if reddit has no way to keep deleted comments and still be GDPR compliant.
> if there is no link between the user and the data, that satisfies a right to erasure request. That is not what is happening here
Clearly not, as the data and links to user profile has been restored.
> but it is not as if reddit has no way to keep deleted comments and still be GDPR compliant.
They would have to prove that the data is irreversibly anonymized - which is tricky. Say they keep threads by supplanting an opaque (guuid) user id - and a single message in a single thread mentions a users full name, phone number or email in a reply? Now all of that users messages are associated with a
person....
How do you work GDPR in the context of a site like Wikipedia where the data is licensed CC and iterated on repeatedly by other users in the future? Do you have to flatly delete every sentence (or word) they’ve worked on?
Does publishing the dataset as CC sidestep GDPR? Because Reddit has published their dataset via fh-bigquery:Reddit in the past etc.
Using GDPR adversarially like this is interesting and I’m not sure where it stops. Technically all IP is originated by a human at some point and then sublicensed to an employer etc. Can you just ragequit and demand your workplace GDPR everything? How is the consideration of cash employment fundamentally different from the consideration of using the social network?
Not saying it should or shouldn’t be upheld but under maximalist interpretations GDPR is incompatible with IP sublicensing in general, if the originator always has the option to take back their content how do you ever reach an enforceable license?
Licensing doesn't really enter into it. Being "a public good"/general publication does (a public figure can't automatically refuse to have a page on wp).
That said things like the talk pages might fall under the GDPR - though one could argue that talk pages and edit history has a public value and so overrides the GDPR.
As for logging IPs, that is something no one is generally allowed to do indefinitely - you need an overriding reason - like an audit trail for security and spam/abuse prevention - but that will generally only allow for 6 months at a maximum.
Sure, but this is ignoring the pointed question I was posing here: everyone on Reddit knows they're contributing to a social body of knowledge of the same type (but a somewhat different form) as wikipedia. This isn't facebook storing your family vacation status updates and personal photos, this isn't a bigbox store maintaining an account so you can place orders... the overwhelming majority of content on reddit has always been intended to be a "public good"/general publication, for other people to interact with and respond directly to. Even if a minority of private content is in sheltered places (as it also is on wikipedia) it doesn't change that nature - you comment, other people reply and agree/disagree.
If I demand that all my posts reviewing and discussing vacuum cleaners and sharing DIY home remodeling tips be removed, then that diminishes the public good, just as with wikipedia, and really can't even be entirely done (what about fragments of your comments that are quoted in other comments?).
GDPR being used to protect personal information is a bit different than GDPR being used as a hammer to retroactively undo the licensing agreements you make with these websites even if GDPR regards that content as being personal information. And those licensing agreements are not dissimilar in kind to many other licensing agreements. Sure, you retain the copyright, but you also granted Reddit an unlimited irrevocable perpetual license, so does that really matter? Can GDPR be used to undo these perpetual licenses? At the end of the day someone always created it, machines cannot be copyright originators, can they always just invoke GDPR and break any license contracts they wish?
Again, I'm generally pro-GDPR but at the maximalist interpretation of "I can use GDPR to revoke the license to any content I've ever created from any licensee if it was ever input into a computer" is a bit of a cliff, and in many cases there is not a clear brightline for sites like Reddit (and HN). Are youtube comments a "public good"? They're intended for other people to interact and reply to, for sure.
BTW if you send a GDPR request to HN you're going to get the same explanation from dang, HN simply do not allow you to "shreddit" content by blocking edits after a certain point, and does not honor GDPR takedowns. They'll remove your username and specific PII from the content but they regard the actual interaction as being a public good. Other people considered it and replied to it and it's unfair to the other users to allow that content to be yoinked from the public sphere after it's been made part of the communal discourse. And they are a for-profit company too. Same thing as Reddit.
If Reddit does the same, and strips your username off the posts, and responds to requests to takedown any PII that's leaked into other comment (username mentions etc) doesn't that satisfy GDPR's requirements to remove PII? Do they have to take down the public-good portion of the content, even if it's non-PII, simply because you generated it? And if so, how can durable IP licenses ever exist under that model if GDPR revocations completely vacate all licenses no matter how irrevocable you word them to be?
And again, to make it worse, Reddit has already published the comment dataset under CC via the API, and it's archived by fh-bigquery:reddit and Pushift in forms that can't really be taken down. It's already in torrents around the net, what do you want them to do about it? And does mere openness change any of the licensing/public-good aspects of this? How can you draw a line here without also clobbering wikipedia?
I'm not certain how the GDPR applies to these things (i don't think anyone are) - but the GDPR is enacted as law, and "but all my friends break the law" or "your law is stupid" or "it's easier for me to break the law than to comply" - aren't really legal arguments.
What is interesting is that reddit claimed they couldn't show mods deleted comments for "lawyercat" reasons[1]. Mods used to be able to check deleted comments for harassment via Pushshift. Has the legal calculus changed so much in the past month that reviving comments to the general public is now okay?
I don't see how GDPR can't force them to remove all comments? Additionally, there is no reason Europeans can't own multiple accounts and that accounts can't change hands. So a single European should be able to delete thousands of accounts?
Reddit will anonymize -- well, "anonymize" -- the data by disassociating posts and comments from the username. This is potentially gdpr compliant (anonymity is a valid way to do things!). There's separately a balancing act: eg a post is valuable to everyone who commented in the thread.
So it's not clear that this is wrong, and forcing them to go further will be a slow process involving complaining to a country-specific DPA; getting that DPA to take on what will be a very low-priority case; letting the DPA process play out; and seeing if Reddit will appeal.
Anyone who has used Reddit for any period of time (or basically any similar site, which includes FB, Twitter, and even HN), has seen data consistency issues during high load (like periods of activism). Shards die or fall out of quorum, work queues get purged, etc. That's the reality of systems with a lot of very low value data.
Eventually consistent, but also perpetually inconsistent.
That would easily explain comments coming back that were hours old or even days old, but it's extremely unlikely to explain comments coming back that were months or years old, as others in this thread have found.
No database shard would ever have been left that far out of date due to high load.
The only Hanlon's razor I can imagine here is somebody wrote a query to try to undelete something small (intending a single user or something) and forgot the WHERE clause and started to undelete everything. And didn't realize until the query had been executing for several minutes.
Yikes.
(I do actually think this is the most likely, not because of spez's motivations, but because there's zero benefit for Reddit here. It might make sense for them to force subreddits back to public, but undeleting old comments has no strategic value right now.)
The metrics you use to attract investment are things like monthly active users, and whether a comment was deleted after it was made doesn't affect that at all.
From what I gather, a lot of Reddit usage comes from Google referrals, similar to how StackOverflow gets a lot of its traffic. If people leaving Reddit delete or scramble their comments (which some are definitely doing), they also screw up Reddit’s referral value and Google ranking, so Reddit has quite some motivation for trying to restore those comments.
People are going back to revisit things they think they deleted a long time ago to find it not deleted.
It's possible that those items were deleted, and then suddenly undeleted over the past few days as Reddit plies its nefarious plans. Far more likely, they were never deleted in the first place, or had the same temporal issue and reappeared a short while after deletion, but long long ago. The person thought it was deleted, but it wasn't for the same reason people are finding deletes not to stick now in some cases.
I've worked on many eventually consistent systems, up to exascale at one of the companies you mention, and that explanation just seems extremely unlikely. In a system using tombstones, those should (and generally will) go the same place as the originals so "missing shard" doesn't work. Over that time scale there should then have been multiple rounds of compaction, including those forced by disk or server replacements, which would have also purged that deleted/overwritten data. Nobody at that scale can afford to let uncompacted garbage accumulate forever. Therefore, if not tombstones, they must be deliberately keeping old versions, but in that case the issue just moves to the index and doesn't really change much. The only way I can see this happening is if there was an unrecoverable data loss that required restoring from backup. Also, let's not forget that true deletion is sometimes required under various regulatory systems. I know that at least two of the companies you mention have systems specifically dedicated to satisfying those requirements.
It's still possible that this is innocent(ish), but at low enough probability that malice really does seem like a compelling alternative explanation. After all, spez has been caught doing something very similar before. There's proof of malicious nature, not just an assumption. When a component in a system has a certain known behavior or limit, you don't just discard that knowledge due to some handy rule of thumb.
Maybe I have this wrong but looking at academic torrents, the entire pushshift archive from 2005 to 2022 is 2TB compressed. Are they really operating at a massive scale that you are describing? Pushshift is supposed to have ingested all of Reddit's comment data no?
(Of course this is assuming pushsift has gotten the majority of comments)
Well, let me put it this way: if they're operating at such a small scale, they have no reason to be using any eventually consistent data store, so explanations about missing shards etc. still don't work. There are still other possibilities, as I and others have outlined, but not enough to dismiss the possibility that spez is just up to his old tricks.
That would be a reasonable hypothesis if our information was limited to a few isolated inconsistency issues.
The more posts we see deleted the less likely it is that it's an accident. I just checked and found out that posts from an account that I scrubbed and deleted 5 years ago are popping back up. That stretches "eventual" pretty thin.
We also have a large amount of external information that suggests that reddit is not acting in good faith, much of it from Spez himself.
Between the two of those, malice is more likely than stupidity to be the motivating factor.
Its not a shock to anyone who knows how cheap data is, but it just proves there is no true 'delete'. I never deleted my facebook profile/pictures because I didn't want to shine a spotlight on my account.
I care more about what a 'deleted' post says, than any other post in a thread. I imagine there is a good reason for that.
Yeah people are going into overdrive right now with speculating all the bad things reddit is doing. Someone claimed that reddit admins had taken over their local city's subreddit to install new mods, as if that was a priority for them right now.
Sure. I can't wait to see all the lawsuits and fines overwhelming Reddit, and any other service that have occasional data consistency issues. This is heavily regulated by law, of course.
Of course this isn't "heavily regulated". No law demands 100% consistency when you run some third party script during an outage. Clicking "delete" on a comment, or having a script do it, is not some GPDR enforced action.
You are incredibly wrong about this. Consent for data processing is the meat & potatoes of both GDPR and the largest enforcement actions that have happened through it. The delete button revoked consent.
Reddit's privacy policy here seems to be pretty clear [0]
> Deleting Your Account
> You may delete your account information at any time from the user preferences page. You can also submit a request to delete the personal information Reddit maintains about you by following the process described below this table. When you delete your account, your profile is no longer visible to other users and disassociated from content you posted under that account. Please note, however, that the posts, comments, and messages you submitted prior to deleting your account will still be visible to others unless you first delete the specific content. After you submit a request to delete your account, it may take up to 90 days for our purge script to complete deletion. We may also retain certain information about you as required by law or for legitimate business purposes.
If you say you are deleting information and they don't do it, they are violating their privacy agreement.
Of course, that is in clear conflict with their TOS. [1]
> When Your Content is created with or submitted to the Services, you grant us a worldwide, royalty-free, perpetual, irrevocable, non-exclusive, transferable, and sublicensable license to use, copy, modify, adapt, prepare derivative works of, distribute, store, perform, and display Your Content and any name, username, voice, or likeness provided in connection with Your Content in all media formats and channels now known or later developed anywhere in the world. This license includes the right for us to make Your Content available for syndication, broadcast, distribution, or publication by other companies, organizations, or individuals who partner with Reddit. You also agree that we may remove metadata associated with Your Content, and you irrevocably waive any claims and assertions of moral rights or attribution with respect to Your Content.
This is slightly different than account deletions. They’re also restoring individually deleted comments.
I, for example, deleted every comment I ever posted on Reddit, but left my account itself in place. As of this morning, many of my comments appear to have been restored.
I checked my profile by visiting old.reddit.com/user/[username]/comments.
Then I used shreddit to edit/delete my comments, and kept viewing that page to confirm comments were being removed. I also picked a handful of comments and confirmed they appeared as “deleted/removed” in the threads in which they appeared.
When shreddit was done, I checked my profile comments list to confirm it was empty. I double checked 1 and 12 hours later in case there was some cacheing.
But people here are saying not all appear on the profile pages. I've checked mine and indeed there are a handful of undeleted stuff. My last purge was before the blackout and I'm sure it was completely clean as I had to do a couple more passes to catch all the sumbission/comments that for some reason weren't wiped (edited & deleted) on the first pass.
I also use old.reddit but I believe on the new.reddit you can limit a search to only a defined user comment. Maybe with some wildcards or regex one can get to them? Otherwise you'd need to know of a submission or a direct link to your comment.
Note this line that you quoted: "Please note, however, that the posts, comments, and messages you submitted prior to deleting your account will still be visible to others unless you first delete the specific content."
The privacy policy is explicitly saying that deleting your account does not delete your comments.
This makes sense for a site where all content is publicly available. Even if reddit were to cascade delete every comment and post a user had created, the data would be trivially available through web archives and public data dumps.
Changing the username to indicate the deletion of an account is helpful to show that a user cannot be interacted with any more, but no deletion process could truly remove content a user had created from the internet.
It seems that Reddit has stopped responding to data requests. If this is because their servers are overloaded, or if this is intentional, I'm not sure.
I haven't heard back on my data request but I expect they are dealing with a higher than usual volume. I got an export when I mass deleted my comment history so I am not too concerned. My main interest in the data request now is as confirmation that my content has been deleted.
Isn't this potentially a safety risk? Some people have deleted comments due to accidentally posting personal information and some people are also genuinely at risk from real-world harassers and stalkers.
Having said that - people are scraping and archiving Reddit all the time for both good and not so good purposes - so maybe it's not a big deal?
That’s wild given that their reddiquette doc specific says the precise opposite
> Repost deleted/removed information. Remember that comment someone just deleted because it had personal information in it or was a picture of gore? Resist the urge to repost it. It doesn't matter what the content was. If it was deleted/removed, it should stay deleted/removed.
Yea.. this is why you don't delete, because god knows it isn't actually deleted. You edit, and even then it's as crapshoot because it might not be gone. If they store versions of old comments then even editing wouldn't help (which tbh, would make sense in case there were ban-worthy content being hidden via edit).
Plus of course the rest of the internet still likely has your deleted/edited comment. So nothing public is really lost, with any assurance at least heh.
Don't remember where I heard this, but I've always held the idea that anything you type into a text box, whether you remove it before hitting "cancel", delete it after submitting, or edit it, should be considered non-revocable and "out there". IIRC Facebook got caught recording what users typed up, changed their mind, and never thought they were submitting?
That is so wrong. In cases where long input is required, I, for some reason, have a habit of writing things down in plain text editor, and then copying that to forms. Did not know that I need to make this a required step.
Not OP, but i could see hypothetically laws that prevent recording user data unknowingly. The same logic could say that just because i'm running your process does not mean you can monitor all my other processes/keystrokes/network-traffic/etc; could be used (hypothetically!) to say that if it's not obvious the user has submitted data, that you can't record it.
Obviously it gets into the weeds, but where does it stop? Clearly there's some boundaries. If i have an app actively open/selected, what does it have access to?
I could see an argument where if the user didn't think they were sending it, then the user has not acknowledged to transferring "ownership" of data. As nebulous as ownership is in this context, i'm simplifying.
I'm not making any statement here. Just posing a hypothetical to attempt to illustrate where privacy arguments could be made.
I was more asking about the interview process they described. They’re typing into a shared text box where the other person sees it in real time. There’s no submission. This is the same as typing into a google document. I don’t understand their position that live shared documents might not be legal.
I think Facebook's argument was, if you're using it on several devices, then you can continue what you're typing on a different device! (Like how GMail saves your draft every few seconds). But of course they don't mention they might do analysis on what you wrote but never sent...
And some online shops do that too at checkout; if you fill in your email but then abandon it, you might get an email that says "Hey, you didn't finish your purchase!". My worst experience was with a phone provider, I just wanted to see how much a mobile package was priced, but I had to add it to a cart. I put in my real number and email and the fuckers added me to their marketing database, sending me SMS ads. Fuck youuu salt.ch!
Comment on the previous submission says edits are undone too. Some guy said he regularly overwrites then deletes his comments and they're all restored to original values up to 5 years back
If they were storing previous versions of posts, one would think they'd allow others to view it instead of letting people append cringeworthy "EDIT: " trailers to their posts.
There has been a constant stream of negative top HN posts about Reddit for a few weeks now, even if they often get manually pushed down from the front page. Was there ever a comparable shitstorm on HN against a big corp? Will this go down as the fastest suicide of a social media company?
I don't think Reddit will die because of this nor I think this is the first time HN gets sensitive against a corporation's actions. It's happened several times in the past. The most recent I remember is the beef with Meta and WhatsApp, where a good chunk of HN was very sure everybody would move over to Signal and WhatsApp would be left to rot. Similar thing happened with Twitter and Mastodon. People get very emotional and cannot see through the fog.
It's just the same cycle over and over. As time has demonstrated dozens of times, HN isn't good at forecasting nor is representative at all of most end-users. The great majority of Reddit users (and this doesn't include me) use the official app or the official website and therefore besides this very short protest which will end soon as like many other protests in the past for different reasons, Reddit will just continue to be as popular.
WhatsApp is fundamentally different from Reddit. WA matters if the people you want are on that platform or a different one. Reddit has a network-effect but you care less about specific people and more about content/discussion. If my brother in law is on WA then I might have to be on WA, Reddit is much more fluid. If somewhere pops up with enough content/participation then I'm good to move.
The other major difference is content. On WA you only care about the content your direct friends/family create, on Reddit the masses are dependent on a few to submit comment (and even comment, there are a ton of lurkers who never comment, might not even up/down vote). If WA content goes to shit you can tell your BIL to stop sending you crap, if Reddit content goes to shit (due to loss of power users or moderation) it's a much harder problem to solve.
The WA exodus always struck me as way too difficult, getting friends/family to switch messaging platforms is super hard. Reddit? Might be unlikely but I was in the Digg->Reddit migration and I'm 100% looking for where I want to move now that Reddit is acting this way.
As time has demonstrated dozens of times, platforms, behaviors and manias come an go in regular (though not quite predictable) bursts.
Betting that nothing ever changes is not consistent with the general arc of developments in the broader technology space.
Actually the opposite is likely true. The digital landscape is very "disruptable" and relies on various dark patterns (oligopolies, user illiteracy) to lock-in some "stability".
The individual events you mention are not the flood, they are the thunder indicating a thunderstorm is brewing.
I mean if a group of people is constantly "predicting" that X will go down then some day indeed they'll be correct.
I'm not saying things don't change because it'd be dumb to believe that given known human history. However I just despise the fact that even here in HN, any event happening in corporate that's otherwise minor outside of these doors is confidently defined as the tipping point ("fastest suicide" is maybe one of the most dramatic ways) and the company will go bust. Just wanted to clarify that, I agree with your sentiment.
We're more sensitive about Reddit becoming an unusable mess for people like us. I don't care what happens to Reddit anymore, I'm going to Lemmy because it's the experience I wanted when I joined Reddit 12 years ago.
Worth noting that HN has become a Reddit-refugee outpost so this will probably continue if not get worse.
See the other Reddit post (one about Reddit punting mods if they act against the interests of Reddit itself, which has always been true it's worth noting) with 100s of comments, folded into pages and pages of continuations.
I mean does anyone honestly seriously believe Reddit purposefully undeleted this guy's comments? Reddit suspends accounts en mass, and when they do they nuke their entire history of comments on the site [I have been corrected, though I've strangely seen accounts get removed and all of their comments disappear too, though maybe they're running a script]. Reddit just really doesn't care about this guy's comments as much as he thinks they do.
> Reddit suspends accounts en mass, and when they do they nuke their entire history of comments on the site.
That's not quite true, if an account is permanently suspended, the user page is unavailable for viewing, but the comments still remain in their respective threads.
It's only if an account is shadowbanned site-wide that all the comments are automatically removed too. This is intended only for spammer accounts, but can hit genuine users who are both newly created and end up being downvoted below a certain threshold.
I can’t speak to whether it was purposeful or not, but many of the comments I have deleted on Reddit have also been restored.
It seems unlikely that their comments specifically were targeted, but it seems entirely plausible that a site-wide restoration took place that included their comments.
Musk has gotten several. The elonjet Twitter shit got days of 500+ comment posts, and that's just the most recent example I can think of. Twitter didn't die, I doubt reddit will.
Hey give it time in the case of Twitter. Last I checked they have a distinct strong lack of profitability, which tanked further the second Musk started spooking advertisers. Obviously he can afford to personally bankroll it, though, but it seems like a bad ROI.
> Will this go down as the fastest suicide of a social media company?
While that would be nice, I doubt it. The quality of content might suffer and smaller subreddits will finally be where large ones have been for a long time, but for the vast majority of users who doomscroll and share memes, nothing much will change and reddit will continue.
> the vast majority of users who doomscroll and share memes
this might be true, but this content is not what made reddit valuable
as with twitter, the fundamental question is: where do the large numbers of contributors of quality information / discussion (a small fraction of billions is still a huge number) go for a sane, long-term sustainable online platform that will not turn into the next Library of Alexandria
I don't think it is a suicide but a pivot into a new phase of their business. A phase that is focused more on mainstream content, increased monetisation etc. The rushed API change and poor communication appeared to be incompetent but possibly they are happy to endure some negative publicity and subscriber loss to restructure the business around promoting products to granny while she looks at reposts of cat pics.
I don't think I will be returning to reddit. Just deleted a decade and thousands of comments. There are clearly many other ways to build online communities and I think a lot of people are more motivated than ever to develop those alternatives now. Eventually one of those alternatives will possibly kill reddit but I don't think the current exodus and subreddit protests will.
I think it's justified and strangely on-brand, since Reddit is OpenAI's moat and feeds ChatGPT pretty directly. It's the nexus of a lot of interests that are dead center to what Hacker News is about.
I can also confirm. I nuked an alt account last year using an app that replaces the content with [deleted] before deleting the post. I'd say at least about 40% of those posts have been restored to full text.
Where does the idea come from that not allowing users to delete content is against the law/GPDR?
You have the right to ask for deletion of personal information they store, and even that has certain limits. You don't have the right to force the company to delete content unless they granted you that right via the licence somehow.
Whether this is a good or bad idea for a company to do is a different question. But I don't see a legal issue here like the linked post claims.
Well, within reason. You need a policy that allows this to happen, but, for example, it can't just reach into 3 months' worth of PIT database backups. But you can say "we will delete your user now, and your data will roll out of our backups after 3 months." That's reasonable while still delivering the main objective: companies can't keep your (identifiable) data forever.
No, you're thinking of the right to force the company to delete content that you yourself, and your interactions with their system (or the system's observations of you) were causal to generating within their systems.
For a clear example of the difference: I don't have the right under GDPR to tell Apple to reach into everyone else's iCloud address books to delete my phone number out of them. Neither I nor Apple put my phone number into other people's address books; those other people manually entered that info into their address books themselves. Which makes that their data, that they created — which just happens to reference me (and which is held in trust by a third party.)
If GDPR worked the way you're imagining, then someone deleting their WhatsApp account would require WhatsApp to tell my phone to delete my locally-saved WhatsApp chat-logs of conversations with that person.
No, check GDPR Article 4 (1): personal data means any information relating to an identified or identifiable person.
The content of a post is not personal data (in general) but the things like user name etc are. The content is not relating to an identifiable person (in general) while the user name is.
Depends on the content - not many people out there are directly doxxing themselves but indirectly? Maybe.
From my post history on Reddit, you'd know where I live, my age, gender, job, relationship status and a good amount about places I've been and my interests. There are already websites that collate that info from a profile to give a summary of the user. Under GDPR, that quite possibly adds up to personal data relating to an identifiable person.
And when this is combined with Facebook/Google/Apple/Microsoft shadow profiles, it's an almost certain guarantee that information is linked with your name, DOB, credit info, and tax ID number.
Not disagreeing with you or parent in general, that a post (or as you point out a history of posts) can be personal data.
What I'm saying is, in general it isn't. If you sign up to platform XYZ and make a post, in general, the content of the post is not personal data. It certainly can be. But by default it isn't. That's a misconception I want to dispel.
Yep I agree, if you posted on a specific subreddit this is already personal information about yourself. There is no way they are not violating GDPR if they deny a request to delete (but I guess they can block direct deletion in bad faith and tell you to submit a direct request).
I'm not saying the content of a post can not be personal data. I'm saying it is not by default.
The words "Hello world" posted on any subreddit is not personal data. In this case the company could simply delete the information relating to you such as user name, IP etc.
The content you post is not, in general, personal data. It certainly can be.
That's kind of funny, because "Hello World" gives a strong indication of your profession and interests. Not enough on its own to be PII, but a useful data point.
Something similar happens with HIPAA that people don’t understand.
Personal Health Information is only applicable in a specific setting (a covered entity). You telling your boss/friend/form about your health information does not make it PHI. You willingly disclosed that information.m, it loses its protected status.
That’s an interesting question in principle (even if there are some clear legal directives). You can try to reconstruct a user profile even just from a list of commonly visited subreddits. It can help gauge age, location, personal interests and political convictions. And if you have access to the content of the messages, well, even doxing may be possible.
What if it does? I am not under the impression that those fall under PII/GDPR (IANAL), so if you post that stuff online to a site you do not control, it certainly has the potential to remain there.
And that is the heart of one the problems with reddit or any other site that encourages people to post everything under the sun. You are giving up control of what then happens with your content.
GDPR protects any data which can be tied to an identifiable person. So, if reddit posts are attached to my username, and my username can ultimately be tied back to me (see: my username is my name), then reddit cannot disallow deletion of these posts. There may be a workaround by no longer identifying them with a specific user, but this would have to be done on the back end, as simply changing who the displayed user is would still leave the data intact.
I'm not sure about the specifics of GDPR, but it could be argued that even your style of writing personally identifies you. There are even projects that do just that to find alternate reddit accounts of people [1].
Your Reddit posts are not personal data. Okay, you can probably get specific ones removed that way where you explicitly include personal data. But this doesn't mean that you have a right to delete all content you write anywhere.
[0]European Commission defines personal data as:
>Personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data.
Thus, anything you wrote on any site, if it is not anonymised and still linked or could be traced to your account is a personal data.
And even when it is anonymised:
>Personal data that has been de-identified, encrypted or pseudonymised but can be used to re-identify a person remains personal data and falls within the scope of the GDPR.
Only if your personal posts are important for archiving purposes in the public interest, scientific research, historical research or statistical purposes where erasure is likely to render impossible or seriously impair the achievement of that processing.
This may legally be the case, but it is worth noting that there are various tools out there to try and find posts written by the same person under different names. They use word frequencies, I think.
So, this seems like a case of the law not 100% matching reality. Sometimes the EU adjusts their laws to keep up with reality, I think? (The idea of trying to make sensible laws is pretty foreign to me, but then I’m an American.
It's a weird interaction with Section 230 if Reddit can say "these posts are not ours, they are the posters" and yet the poster cannot edit/delete them.
Of course, HN itself kills your edit window after a certain time limit, so there is some legal way of doing it, I assume.
A freight company is generally not liable for contraband shipped without its knowledge. That does not mean that all shipments become the property of the freight company. Same thing.
> If Reddit says "your content is yours but you cannot delete it" they're in a bit of a cake-and-eat-it-too scenario.
Yes, but the user is also in a cake-and-eat-it-to scenario: they get to own the content and have it distributed for free.
Both sides of this come from the perpetual non-exclusive license that posting to Reddit or Twitter or anywhere confers. "Ownership" is too reductive a concept for IP, which is why the section 230 thing is a non sequitur.
But we're talking about mass deletion of all your content here. If you specifically mention your real name or address or something like that in a post, it's a different situation.
I think the fact that all of your posts are tagged with your userid means they can all be traced back to you, making them all personal information. It's not hard to see how, for example, some employer might get ahold of your Reddit userid and crawl through your post history, looking for any opinion of yours that they don't like.
There is almost 14 years of posts and comments linked to my account. While I'm always careful to not reveal any personal information online, if you mine through 14 years of reddit content I posted I guarantee you that there would be enough little nuggets of information there to figure out my actual identity.
If you were to post on another public website "My name is X, and my Reddit username is Y", would your anonymous Reddit posts now be considered personal data?
I suppose this would constitute indirect identification of a data subject under GDPR?
The Reddit wars have begun. Users were misled to believe they have power. And now are completely bewildered when they realize they don’t have as much power as they thought.
The funny thing is that this is all over a stupid API that was causing more harm to Reddit than it was functioning as a public service. Apps were functioning as alternatives to the Reddit website and app.
The whole thing about API back in 2000s is it allows users to interface with Reddit programmably. Remember the first Web3.0? Who would have thought it would be used to create an entirely alternate app market?
Every platform eventually pivots to paid APIs. Twitter did a long time back by buying all of the alt apps.
Lesson: APIs are expensive to maintain and no real P̶r̶o̶f̶i̶t̶a̶b̶l̶e̶ (edit: profit-driven) business is going to keep them around unselfishly.
> Users were misled to believe they have power. And now are completely bewildered when they realize they don’t have as much power as they thought.
First of all: if Reddit really is doing this, then it is committing an illegal act. At least in the EU, I'm sure in other jurisdictions also. There are in fact laws protecting the users. Second of all: Reddit cannot force users to post and moderate, and without those things there is no Reddit. Have you heard of Digg, by any chance?
> The funny thing is that this is all over a stupid API that was causing more harm to Reddit than it was functioning as a public service.
It was absolutely functioning as a public service, because third-party apps are the only ones that are actually usable. Especially so for moderator activities (that Reddit depends on to exist) and even more especially so for blind people, to whom Reddit official app does not cater.
Do you know what else functions as a public service? Unpaid moderators!
> The whole thing about API back in 2000s is it allows users to interface with Reddit programmably.
I remember those times very well, and that was not "the whole thing" at all, there was a "bait and switch" from independent forums to centralized services based on a promise of openness forever. But I digress. Who cares what the "whole thing was about back in 2000s"? It doesn't matter what it was about, the only thing that matters is what the situation is now, and the situation is that Reddit as we know it is an interdependent partnership between a company and an extensive international community. This is what survived to 2023 and this is what matters in 2023.
> Lesson: APIs are expensive to maintain and no real profitable business is going to keep them around unselfishly.
Another lesson: a profitable business cannot extract value from the unpaid work of enthusiasts while at the same time expecting to be able to treat said enthusiasts as valueless replaceable cogs.
I think the current pricing of Reddit's API isn't meant to recoup costs of maintaining the API, it's meant to kill 3rd party apps so people switch to the official app, which shows ads. It's not so much the cost of maintaining the API than it is the cost of missed ad revenue.
Wouldn't it have made sense for Reddit to get the official app in some kind of shape, with all the needed accessibility features and moderator controls, before killing third party apps?
They just seem to be doing things out of order. Another example: alienate long-time users and mods by making it abundantly clear that they're product and free labor really should have come after the IPO.
> The funny thing is that this is all over a stupid API that was causing more harm to Reddit than it was functioning as a public service.
Better: it's about introducing pricing for said API without proper advance, so apps consuming it couldn't in turn adjust their pricing because they had plenty people on annual subscriptions.
With enough forewarning the market would have adjusted to the new pricing, but that didn't happen.
This sounds like some kind of political move. If someone resurrected all of your deleted emails, it would seem like an act of aggression. What's going on?
Long time lurker, I checked my old account that I had used scripts to EDIT and DELETE every post, I used this script 3+ years ago and my 4+ year old comments are BACK. Only 2 of them were visible from my user page but ALL of them are back on subreddits. I had to go hunt one down and BAM, there's my comment and name etc. This is CRAZY!
I really think they are just misunderstanding something. When I look at my profile, there's no comments, but I know there should be some. Isn't it more likely that when a subreddit you posted in goes private, the comments don't show up. The people in the linked thread ran the delete script after some subreddits went private. Now when some are made public again, so are their comments. Comments that were never deleted with the tool as they were hidden because of the subreddit being private.
I used Power Delete Suite to remove all comments from all public and private subs. They all came back today. So I re-deleted them again.
I suspect it's more likely the site didn't process the deletions properly, rather than maliciously bringing them back, or as you suggest, that they were private.
Edit: It's possible that the deletion only worked on public posts, after all, it seems?
I've got a decade old account on which I've made a habit of manually deleting comments older than 6 - 9 months, since they get so little visibility and there's no value in leaving a breadcrumb trail.
Checking just now I see that comments up to 3 - 4 years old have been restored.
I'm not going to speculate as to why (beyond agreeing it's more likely to be incompetence than malice) but in my case at least there are definitely long deleted comments that have been restored.
I’m astounded and confused that you and a lot of other commenters are giving Reddit the benefit of the doubt. At a time when tensions between Reddit management and its users are at an all-time high, and both sides are maliciously striking back and forth, most commenters are assuming that an act like this is due to incompetence rather than malice? I don’t understand the thought process.
Innocent until proven guilty can be a decent philosophy even outside the courtroom. Especially when tensions are high. Both sides giving the other the benefit of the doubt can help to deescalate.
That's the thing: you are deemed innocent until proven, guilty or innocent.This framework supposes there is a common search for truth and working together. The current situation is not that: there is no accountability of reddit, no desire to be open or to listen to the users, contempt towards users for years,...
If there's no due process, reddit doesn't deserve to be held innocent.
There are different thresholds in the legal system for criminal (beyond a reasonable doubt) versus civil (the preponderance of the evidence.) It already varies by venue and consequence. This is a social discussion. 4 year old comments being restored means Reddit is doing something to restore them now, which they didn’t do before.
> I’m astounded and confused that you and a lot of other commenters are giving Reddit the benefit of the doubt.
I think it makes sense for anyone who values objective truth above any other agenda. "Benefit of the doubt" is just acknowledging that we don't know for sure.
Because there's no apparent benefit to reddit to bring back long deleted comments from arbitrary users. When you can think of no motive for malicious behavior, it is unparsimonious to assume malicious behavior.
Of course there is a benefit. If users leave and remove their comments in protest, the data content available on Reddit is lowered, thereby lowering one of the IPO metrics. By un-deleting comments, the site's message count and user activity goes up, and thereby its IPO value.
It is in this case. They don't "need" the data themselves, they need Googlebot to see it to get traffic, which is their lifeblood both in general and for IPO.
Have you heard the recent popular saying that Googling things barely even works anymore unless you append reddit to the query, which tends to bring up actual information instead of SEO trash?
> Thanks to the web, it's now perfectly normal to believe the worst of people for no better reason than to fuel one's own anger issues.
I believe that in this case it's more that Reddit's management has completely lost any sort of trust, it's not so much to fuel one's own anger issues but give the current context there's very little in terms of Reddit's management being trustworthy, transparent. Spez was caught lying in the open, how can one still have any trust they aren't lying in other aspects?
Let's agree that this particular case is not a baseless witch hunt, Reddit's management own dishonest actions have brought a dissatisfied lynching mob to them.
Isn't the fact that they're able to restore deleted comments from that far back itself an indication of malice, or at least irresponsibility? I could understand if it was comments from the past month, but after 3 years I'd expect the only remnant to be on very old backups if at all. The fact that they're visible again adds a lot of weight to the common suspicion that they're just setting a delete bit and keeping them in the live database
I do seem to recall that their database schema is mostly a big unstructured key-value table, so it's possible that this is part of the explanation - and they've never cleaned up any garbage/orphans in at least 3 years?
> Isn't the fact that they're able to restore deleted comments from that far back itself an indication of malice, or at least irresponsibility?
Meh. You're not exactly wrong but I think it's pretty common for user-generated content sites to follow a logical delete strategy. It holds open the door to being able to restore data deleted by end-user error, and within the bounds of their data retention policy keeps data around that may be useful for internal analysis.
Actually come to think of it seems plausible that they only have ~3 years of logically deleted data, having purged deleted records older than that.
It's also plausible they had all the is-logically-deleted information in some redis datastore that wasn't being reliably persisted to disk and the process had to be restarted for the first time 3 years.
I'm actually leaving my restored comments untouched for now out of curiosity about what they'll do about it now that the issue is known. I think that will probably answer the question about whether this was accidental or intentional.
So it looks more like a database restore of some data. I'm inclined to think it was a rollback of some sort - to fix something that needed more QA time.
This was more or less my working theory. It's not _all_ of my comments that have been restored, it's only my comments going back to 2020 (and I can't be sure that _all_ of the comments in that time range were restored either, but it looks pretty thorough).
I wouldn't put it past Reddit to restore old comments given sufficient motivation, I just have a hard time imaging how the cost/benefit analysis would say that this is a good idea at this specific point in time.
It seems plausible that with all the other churn going on at Reddit - and as others have noted a large number of people deleting comments and accounts and maybe subs - that they accidentally restored some data-store to the wrong snapshot or something.
I just don't understand how the difference between "we HAVE N million comments" and "N million comments HAVE BEEN posted" in some investment deck could be worth the risk to reputation and good will, not to mention potential GDPR violations or bad press from doxing stalking victims or whatever.
Someone else mentioned SEO as a possible motivation. I might buy that. If Reddit is losing PV and DAU and restoring a bunch of old content would offset some of that with organic search traffic, that seems like something they might do.
If they have done this to an EU citizens I am fairly sure they have broken GDPR in some way or another.
For most users this isn't going to be a problem but my guess is there is a rather big chance for a number of the comments that were restored there were really good reason why they were deleted and now Reddit are responsible for them being online again.
I did the same a week ago, deleting fifteen years worth and several thousand comments using Shreddit, by editing and deleting, however mine have not been restored, so I doubt this was some kind of broad action.
I very much doubt Reddit cares at all about the small number of us that have done this.
Apparently not. I deleted my comments with shreddit, editing first, and at least a large portion of them appear to have been restored to their original text.
Absolutely this. I highly doubt Reddit would want to fuck this up at this point for seemingly minimal gain. Much more likely that a 10x increase in deletions caused some pipeline to collapse somewhere.
As much as I hate to give Reddit the benefit of the doubt, I think you’re right that Hanlon’s razor may well apply here, albeit substituting incompetence for stupidity.
I can see this starting a positive feedback loop of issues. More people get upset; so more people start deleting -- cascading failures start occurring. Hopefully their team can keep it under control.
But would the current upset userbase even believe reddit if they came out and said "our deletes arent working right now. please try again later."
Which is itself a problem IMO. Discord is the same, but at least they have a tiny excuse (being very charitable here) in that they'd have to add a new UI view for that, but Reddit already has the profile view where a user should be able to see all the comments they've made
Ok, r/funny just went public, and one of my comments re-appeared in my profile. So I am confident that what's happening is the deletion of comments isn't happening on subreddits that are private (as r/funny was when I ran my delete script). As soon as the subreddit goes public, they "re-appear"
They don't mention being able to delete from private subs, and their method of deletion sounds like it would fail when the subs are set to private.
I'll admit Reddit barely deserves the benefit of the doubt at this point, but I have no idea how you would delete posts on private subs except through some GDPR way that must exist.
If I comment in a sub that has since been set to private, can I not see my own comments on my own profile page? If so, do those comments not have an edit/delete button under them?
Yes, comments you made in private subs don't show in your comment history. I recently made a browser extension that deletes your entire reddit history and ran into this while testing.
Also important to note that this is an indicator that Reddit has lost all trust from (this part of) the community. Even if that is a plausible explanations, many will not give Reddit's current management the benefit of doubt. I simply would not put it past Hoffman to be that petty that he would do it, he seems to be taking after Musk more and more lately. Wasted so much goodwill. That will be tough to navigate for them, because once you have lost your user base's trust even an untrue allegation will cause a stir.
The adage that “If you’re not paying for it, you’re the product” cuts both ways.
Musk and Hoffman seem to be intent on waging war with their own product. They both get a lot of unpaid labour producing their content and then complain that the unpaid labour isn’t paying for the privilege.
Huffman (spez) has his reasons for the reddit changes, but they do seem a bit short-sighted. But there comes a point where these online services have to make money. It's as simple as that. So is he waging war on users, or making a business decision?
Also, Musk is waging war against advertisers. Running a site that is controlled by advertisers is the epitome of extreme centralization, since the site's income can be halted if an advertiser gets upset. Musk is charging on Twitter so the users aren't the product.
As for reddit, I think limiting API access to accounts with reddit gold seems like it would've been fair. That would've solved the income issues (the stated reason for the API changes), but then reddit wouldn't get all the telemetry data associated with users on their first party app.
It seems like Huffman (spez) got greedy and wanted gold subscriptions, and the telemetry data from their first party app. It's usually one or the other (ads vs. user payment).
I also want to end this by saying that I'm not trying to start an argument, but I know a lot of users on this site are very trigger happy with the downvote whenever anyone speaks objectively about Musk. If you don't agree with me, just chime in and we can discuss it.
If it was indeed a business decision, then Huffman is breathtakingly incompetent. To the degree that, were the company public, I would be agitating for the board to remove him as his actions negatively impact my investment.
A number of ways this could have been handled better in no particular order:
1. Give more than 30 days notice to third party app developers.
2. Mandate that third-party clients display advertising as delivered by the API and return telemetry.
3. Keep the API changes but exempt paying subscribers.
4. Refrain from making bad-faith lies about the developer of the most popular application, which he then had to disprove using call recordings, and then after that, don't try to play off your actions as misunderstandings or mistakes.
5. Don't lie about deliverables for years and years to the point where the community memes on you for your history of lying.
6. Don't fuck around in the production database to edit comments critical of you.
Even just a little bit of giving concessions to legacy customers would have been fine. It's not like you need to completely give up on your new pricing model just because your have existing customers. It's crab.
> Musk is charging on Twitter so the users aren't the product.
I think the adage is a little wrong. In Twitter's case users are still part of the product as the existing network effects and ability to communicate with users are part of the product, and thus it's users are. Not to such a significant degree as when advertisers are sweeping up every bit of data about you, but still to some degree.
My point was more in reference to GP's comment where even on a paid service, waging war on on users is waging war on your product. Though, after typing this out, that would seem to be even more so the case since that's where your money is coming from.
> But there comes a point where these online services have to make money.
Reddit is 18 old, and you're telling me that they are just thinking about making money now? How come 4chan and Wikipedia are both profitable, but not Reddit? And how is it a problem with their users and not their management?
> How come 4chan and Wikipedia are both profitable, but not Reddit
reddit has 1.7 billion visits per month[5], with an astronomical amount of persistent storage, with the content never being deleted. reddit is ranked #18 globally.
4chan has 51 million visits per month[4], has very little persistent storage (posts are deleted once the thread slides to the bottom of the board list), and strict size limits for the posts that exist at any given time. 4chan is ranked #708 globally.
Wikipedia does get 4.7 billion monthly visits[3], but they do have a public list of large donors[1], and the entire wikipedia catalog can fit onto a 20gb microSD card [2]
So I can't give a solid answer, but it seems like the other 2 sites you mentioned have a slightly better design when it comes to infra costs.
If reddit had stuck to what it is good at: threaded, in-depth text conversations and links, it wouldn't need such a large amount of storage or bandwidth. Yes, I know that 1.7 billion users is a lot of text, but (1) there wouldn't be 1.7billion users if it were only text and links (2) the users who wouldn't be on reddit without multimedia offerings I am sure use a almost exclusively multimedia and account for the lions share.
Go back a few years, nix the 'let's host video and pictures and live chat and ignore every single thing the users are asking for so that we can bring in the eyeballs' idea and instead of that monetize the regulars using the their content and site's ability to guide google to it.
Keep 150,000,000 dedicated users who reliably generate valuable content for you and keep the site spam free for you, and all you have to do is keep some devs on hand to add tooling and site features that are useful. The caveat is that Stevey Huff has to live with one or two fewer commas on the balance in his bank account.
> Reddit has 1.7 billion visits per month
> […]
> 4chan has 51 million visits per month[4],
This has an impact on their costs, but in an ad-driven business, it increases their revenues by as much.
> with an astronomical amount of persistent storage, with the content never being deleted
I'd like to know the actual amount of storage, but I really doubt it is actually “astronomical” (unlike Youtube).
Moreover, I suspect that the biggest part of that storage is actually video, which isn't really where the value (for the users at least) is.
Overall, if their costs are to high compare to other players their revenues, it's first and foremost a management and cost effectiveness issue, not a lack of revenues.
VC money. VC money gambles on big wins. They'd rather have a huge blow-out than a small success. So you take VC money, they want you to grow. They care about that more than making a profit. For a long time. Then, when you are huge, then they want money.
This sometimes works, sometimes doesn't. But Google and Facebook started out without a profitability plan.
> Also important to note that this is an indicator that Reddit has lost all trust from (this part of) the community.
Assuming the worst, ignoring details that violate the narrative, and circulating ragebait without verification are all staples of mainstream Reddit content.
It’s not surprising that the Reddit outrage/grievance machine has turned on itself and is now assuming the worst and getting outraged at every turn.
All it would have taken is a single post to prove that it really wasn’t her, but no. Radio silence. For over three years.
It’s not like somebody is protesting being defamed here either… nobody has any idea who this person is, if not Ghislaine Maxwell herself. Do you have some proof that this isn’t her? Other than the assurance of a single other person, I have never seen any.
I’ve been forced to re-examine my views on this, going from the idea that it’s utterly preposterous to, well, yeah, maybe it’s true. Do you have evidence to refute it? If so, please share. I really don’t want to believe it’s the case that an established sex-trafficker and pedophile/pedophile-enabler was one of the most influential mods on Reddit for over a decade, but at this point I’m having a hard time concluding otherwise.
This attitude is exactly why if I was the mod in question, I would just ditch the account. You're asking them to prove a negative, no amount of proof they could provide would ever be enough. They'd be forever hounded by internet lunatics.
Not at all. A single post on the account would be enough to completely disprove the theory. The whole reason the theory exists is that the account was previously extremely active, and all activity stopped abruptly when Maxwell was arrested. I don’t think you can say “no amount of proof would ever be enough” when no proof at all has been provided.
I think the lack of activity since the conspiracy theory started could be easily explained by the user being creeped out by the witch hunt and abandoning their account. I know if I was accused of secretly being a hated figure like Maxwell on an account that wasn't connected my real identity, I wouldn't come out and deny it, I'd just ditch my account and make a new one.
It also seems unlikely to me that someone like Ghislaine Maxwell would have the time to be such a prolific Reddit user, and that she would write like a Redditor - for example calling someone "butt-hurt" in one comment.
> I think the lack of activity since the conspiracy theory started could be easily explained by the user being creeped out by the witch hunt and abandoning their account.
The problem there is that nobody made the connection until after the activity on the account stopped abruptly, coinciding with Maxwell’s arrest.
> I know if I was accused of secretly being a hated figure like Maxwell on an account that wasn't connected my real identity, I wouldn't come out and deny it, I'd just ditch my account and make a new one.
If you’re a power mod that has spent years building up influence and control over numerous subreddits, that’s not so simple. You could leave, of course, but continuing with an alternate account wouldn’t really be feasible.
> It also seems unlikely to me that someone like Ghislaine Maxwell would have the time to be such a prolific Reddit user, and that she would write like a Redditor - for example calling someone "butt-hurt" in one comment.
Who knows? It also didn’t seem likely that someone like Ghislaine Maxwell was engaged in a massive sex trafficking operation.
I’m still not 100% convinced the account actually did belong to Maxwell, but at first I scoffed at the idea as ridiculous and insane, and now I’m not so sure about that.
Sounds crazy, but the more you look into it [0]... And don't forget the blackmail! You know, which Huffman projected onto Apollo's developer, even after being proved a liar by Christian's recordings.
This is actually quite important, because Huffman and 'maxwellhill' go way, way back.
For a while it seemed that while this was true, edits were at least destructive: so a lot of mass-deletion tools would edit the comments, then optionally delete them. But I wouldn't be surprised if this is no longer the case (TBH, making the edit history of comments public is a good idea in general).
I disagree. Making edit history public would turn the discussion into a total shitshow. Reddit would drown in stuff like: "I see from your second edit you said ... so clearly you're a ignoramus and a bigot."
Delete Suite's main feature is actually that it edits your comment to be junk, rather than just deleting it. I come across some corpses linking to it every now and then.
You could argue that it's not the comments themselves that are personally identifiable, but the association between comment and username (and IP etc). Following that argument, you could retain the comments as long as you delete the username and other identifying info.
Not sure if that would hold up, as some comments can be pretty identifying. But it's a compromise that a company could try.
Yeah, the mention of June 14th suggests the same to me. I can attest that comments from private subreddits don't show up on your own profile. The deletion script won't be able to find them nor delete them.
From my observation you're right about how comments work regarding private communities, so this is plausible. Before going straight to a conclusion, I'll just caution it's also possible that both things are true.
I'll wait and see how this plays out (while deleting my comments from the previously private communities.)
I supposedly deleted all my Reddit posts recently. While I don't see anything in my profile post timeline, the posts are still there, if they are accessed by other means, like context links from old inbox messages.
Not only is the post accessible, but when you go from that to the entire Reddit submission, you can clearly see that it's not deleted.
Reddit not only does not have a bona fide implementation of deletion, but has hacks in place to thwart deletions that replace text by random "lorem ipsum" before deleting. These changes affect your post timeline only, not the in-thread originals.
My argument is that the regulator itself is useless and will stonewall you.
Not to mention, even in a hypothetical world where the regulator actually did their job, Reddit can still ignore them as they have no EU-based presence to be fined.
More people are finding out that when a site or company says or pretends they have "deleted" something, that's not necessarily the case. Soon more will find out it's not just reddit, that holds on to or even transfers data for all kinds of undisclosed purposes or profit, that people think was gone or forgotten.
Part of the problem of course is that users want both soft deletes and hard deletes at the same time. The number of deleted things people later said was deleted in error and can we please restore is too damn high.
The true issue here is that reddit by design NEVER deletes anything. Ever. It's only levels of visibility. In practice the 4 obvious levels are:
* Unregistered users: Public, non-age restricted content(whether that be as a subreddit requirement or post-specific thing).
* Registered users: same as above, minus content that was published by individual users and deleted afterwards, content removed by moderators or in more extreme cases reddit themselves(last one is a bit of a special case, I'll come to that part later).
* Moderators: they see everything that was posted by other users and subsequently removed by the moderators for whatever reason. If a user deletes their contribution personally, then moderators won't see it either.
* Content removed by reddit: visible by reddit employees, appears as "Removed by Reddit" to anyone else. In this particular instance, reddit may remove contents that was removed by moderators already.
I'm a moderator of 2 large subs and a few smaller ones. Luckily I developed a backup system, which effectively backs up everything that was ever published on the sub(plus a ton of other stuff, including image recognition, lightweight nlp and tracking what reddit removes. Without saying which subreddit I'm talking about, I can tell you that a lot more is happening in large communities(20+k people online at any given time) than you might think.
So in the case mentioned here, it's simply a case of some "status" field in some database that was flicked. Which is kind of concerning, given the amount of contents me and the other mods have removed. Truth be told, the moderation tools that reddit provide are rat shit. I ended up developing a ton of custom ones(completely nuking a specific user's history, chained comments or entire comment sections. Things, which reddit has been promosing for years but never delivered. Funny enough, all of those are a question of 30 lines of code in total, if we are talking about a single-script type of thing. But it is worrying that stuff like this happened. Just earlier today I used one of those scripts to nuke 300+ comments in a post. I also keep a backup of the mod log so in theory I could undo the damage. Question is, how long would that take. We are talking about 500k action we've collectively taken over the past year. Some through a script, plenty manually however.
Despite all the drama lately, I don't think that's a deliberate retaliation from reddit due to the blackout, more likely a "woops" moment that happened at a very inconvenient time for reddit.
That could be outright dangerous to people involved. For example, something innocent posted 2 years ago, could get you many years of jail now in certain countries.
This is actually egregious. I was indifferent about the whole API pricing controversy, but I saw that a few posts I'd deleted for various reasons are back up. I'm deleting my entire message history and will not be posting on Reddit again. Luckily I never posted identifying personal information, but I guarantee plenty of people have deleted posts containing sensitive information and those are now back up for all to see.
Especially now that user generated content is AI training gold.
User data has always been the core of freemium apps and “aggregators”: land-grab as many users as you can with a free, great product, so you can own a lot user data. We just didn’t have an obvious use for all that data until now.
Reddit won’t budge on the API pricing because they can make more selling datasets. But if they are smart, they’d rate limit free API access, and charge for the firehose — because then they’d have a user-generated content farm. But you still have the issue that people keep expecting their free apps to be free, not realizing they have been selling their data all along.
Remember FourSquare? They started as a neat way for people to socially compete in “checkins” for a place. They found their profit in selling that location data for business analytics and real estate analysis. The implications extend beyond commercial concerns when datasets like that are purchased by governments to circumvent wiretapping warrant requirements.
> But if they are smart, they’d rate limit free API access
They are, up to 100 requests per minute is still free post change
Someone could make a lot of money by building a paid Reddit app with everything people want, and a BYO API key, similar to what people are doing with OpenAI keys
Who knows. Maybe this will actually make people hesitate to trust everything to a private 'platform'. Maybe this will finally be the straw that breaks the camel's back and maybe even makes people consider the real issue at play ( platforms vs protocols ) and maybe even make appropriate conclusions. I am a dreamer.
I think the only right answer here is: it depends on use case.
Not everyone wants everything archived for potential future use. Some people not only want, but are also mandated by law to have an appropriate archive of their communications.
My point is that we should be able to figure out options for both and anything in between, where user has control over it. This is the important part. As a user, I used to be able to have some modicum of control over what happens on the machines I own and the data I send to others. Over the years, that control was slowly wrangled from the population under various guises ( cloud, convenience and so on ).
But instead of discussing protocols that would, hopefully, behave in deterministic and predictable ways, we discuss platforms and their pinkyswear promises not to do something.
It is a lot to ask these days, because a lot of people got really used to 'easy' and 'free' internet. And that is before we get to the technical issues you mention.
99.9%+ plus of the time, no one really cares about most things that most people post on the web. And you can probably get it deleted from something like The Wayback Machine. But if you actually post something that attracts attention, it's probably gotten copied and is out of the bottle without even any real mechanism to request its deletion.
Not anything with a reasonable expectation of privacy, which would either only be federated to the nodes of the people who are supposed to see it or not at all.
Decentralized platforms are identical to the vast majority of the internet in their archivability, the distinction is in their administration.
IDK what's so fun about it man. We used to think that agreements between users and providers were binding. That they were stronger than good faith. US law is based on that, I think. Everything that's not based in Europe is fucked and it's not even remotely fun.
This behavior of "user says he wants to delete the data, company says it deleted it, but they actually haven't" has happened so many times just in my life time. What's so funny about it is that some people STILL haven't learned their lesson.
I learned the lesson the very first time I've seen it happen.
I have a mental test that I always do when trying to evaluate the privacy protection guarantee offered by an online service, it goes like this: imagine if a malicious actor is holding the top most owner of the service at gun point, and demanding for my user data, will the owner risk their own life to obey the privacy agreement?
Probably not. Of course, the mental test is very extreme, but it proofs that the guarantees offered will fail and be violated when some threshold is exceed. It's not a sign and done deal.
Good thing they included a "you essentially transfer ownership to us and allow us to do anything we want" clause in their little terms of service document that nobody actually reads.
Murphy's Law applies, as always. Once it's on the internet, it's public forever, with one exception: if you need to find it again later, it's guaranteed to have link-rotted.
Trying to delete things is an exercise in futility.
Individuals have a Right to be Forgotten. It seems this action is almost certainly in gross violation of GDPR. Reddit not only has EU users but employees and physical assets in Europe, are they trying to be made an example of?
I made an extension that lets you delete Reddit posts and comments, but if Reddit is doing this maybe I can add a feature to periodically check if comments actually stayed deleted and if not delete them again.
The adage means something very different though. It's about the fact that once you've posted it, someone will have made a screenshot or scrape of the content, which will resurface at the most inopportune times.
I.e what unddit.com did for reddit
What're reddit decided to do here is almost certainly against european law and I expect we'll hear more about it over the following months.
Undesirable resharing of personal information is only one consequence. In my time on the internet I've known it to be said in the context of other consequences, be it archiving, digital archaeology, datahoarding, etc.
I do like legislation that stops big players from using their resources to be exploitive, and I understand the right to be forgotten for individuals.
The other edge of the sword is all the reasons why information wants to be free. I am biased towards this side.
Either way, I think it's important to remember to operate under the axiom that nothing is deleted from the internet. Deletion (by legislation or by privacy tools and services) is a cludge, and saving and resharing is the natural force.
Little off topic but this kbin.social site seems really nice. Very short and clear privacy/terms, very good default settings, nice design. Slow though.
If i understood correctly the migration brought lots of users that were not expected and the instance is getting overwhelmed. It should get back on its feet if they mindfully upgrade it
If someone resurrected your deleted texts and emails - deletion being the explicit expression of your non-consent to sharing, it would be difficult not to interpret it as an act of aggression.
If they don't respect your consent, why should anyone respect theirs?
Consent. You either respect it or not. If you believe you don't need someones consent and they believe you do, you have a pretty serious conflict in front of you.
Ah, maybe they finally see an impact on revenue! That was their last argument against changing course. Although if we accept they are restoring deleted comments then its not so much 'changing course' as it is 'doubling down'. I wonder if the Reddit management even know the difference?
I firmly believe that in the future, what you say doesn't matter. What matters is what you can prove you've said.
What's the difference between the following two? (a) You say something and someone takes a screenshot of it, and (b) Someone just conjures up a fake screenshot of you saying something. These are indistinguishable. With LLM and SD, these fakes will become easier and easier.
The solution is some crypto that allows you to do two things: (a) Be able to prove that you said something, and (b) later revoke it, such that your prove doesn't work anymore and there's no trace it was ever used.
I think the problem here is that content that the user expected to be deleted from Reddit's databases is popping up in public forums. Not to downplay it but the problem you mention is the inverse of the current issue.
> Also worth noting: according to the ToS Reddit can actually do whatever they want with existing content, apparently we agreed to this when signing up.
What they've done though it go way too far - so far they are undeleting posts from over a decade ago. Reddit didn't actually delete anything, only soft deletes.
In the image posted there are also cached thumbnails from YouTube - those videos no longer exist.
I've already had one trans person confirm there are posts appearing from before their transition.
The IPO is really going great for them with such a huge GDPR Privacy violation...
I wonder if this includes content that was removed for violating terms and conditions like threats, doxxed info, images. If so, there might be some legal issues that arise from this no?
I just had another cluster of deleted comments reappear, this time all that had been posted in r/Unexpected, which leads me to suspect this is happening on a per-subreddit occurance, perhaps as a side effect of some other subreddit-specific shenanigans that reddit is doing.
I think it's been a long time, if ever, since the editing-before-deleting worked on Reddit. Why wouldn't they store older comments/editing history? Even if they don't have them in the main DB, they will of course still remain in backups, snapshots etc.
How would you feel if the comments were restored but not associated to your account?
That way the discussion is still there for people in the diture to follow but someone can't go through your comment history to learn about your political view or wealth or whatever people look for.
That could be interesting. I have seen accounts making racist or violent remarks and just deleting them afterwards after a few hours.
That accounts seem of normal people engaging in normal conversations. But they spit hate everywhere they go, it is just not reflected in their history.
Looks like every time a lemmy instance gets posted, that instance gets nuked off the planet. Maybe if you want to post something from lemmy, you should find the mirror on lemmy.world or lemmy.directory and see if that can handle the traffic.
I know a lot of users are nuking their accounts and deleting everything, I really hope spez and the gang aren't restoring them from backups to sell to their new LLM overlords. That would be very very unwise considering GDPR
Unwise, yes, but if they do in fact know that the fundamental value to their proposition is exactly what's being deleted, they might be in a desperation mode. Law might mean nothing to them now.
I really wonder how it's gonna turn when discord is gonna do the same kind of thing. I'm so amazed that people think they can use big social media websites for free AND not see ad nor have their data stolen.
I really wonder how it's gonna turn when discord is gonna do the same kind of thing. I'm so amazed that people think they can use big social media apps for free AND not see ad nor have their data stolen.
What's the root cause of all the recent reddit tumult? Is it essentially that reddit is trying to keep away web scrapers so it can retain exclusive access to its data and sell to LLM companies?
If so, this seems like an impulsive miscalculation, based on how easy it would be for any determined actor to scrape reddit. So why annoy users in order to attempt to do something that has a high probability of failure?
The situation sounds a lot like news website paywalling circa 2010, which was a flop for most sites.
This is crazy! I like the following comment on kbin:
> I said it before and I say it again: if you have the patience to do so then make sure you overwrite your content with chatgpt generated content, as the future AI that will feed on your post HATE feeding on already AI generated stuff. It makes the AI diverge.
People should not be deleting their posts but actually just replacing them with random AI generated content. This will make Reddit a mess.
They own deleted data too. If I would be selling this data I would just cleanup all edits and deletes starting from a few weeks ago to a time when the Internet gets bored with the drama.
In modern chaotic world usually the best weapon against something you don't like is to just ignore it (there are exceptions of course).
Why not use a bot to automatically post brand new chatgpt-generated fake comments in between edits with fake stuff? Or automate making edits that insert/delete/replace one word with a random word?
There's many different things to do that could trash the data and make it worthless for training AI. With the right tools, this sort of automation can also be made very difficult to detect (randomize the time interval between edits and the time of day on which they occur [normally distributed during prime time]).
People will get bored with manipulations and they can just ignore current timespan.
Even currently, creative individuals is 0.01% of users which is easy to spot with simple heuristics especially given such a small percentage and the fact that false positives don't hurt.
Detecting automated / fake content and silently marking it is probably 90% of what coders do there even without the drama. I think they are pretty decent at it.
Even if they couldn't distinguish fake content, there's a good chance neither could its buyers so nobody cares.
Why not shut down the whole site then? They already have an archive of everything from before then. The question is what you do about future content? If it can no longer be trusted then it’s worthless as a dataset for training.
This is basically spamming, but with a time delay so the moderators won’t see it.
Worse, the data is already archived by the data collection services. The people who suffer are going to be average users trying to find some answer to a question by searching Reddit, only to discover jumbled messes of words that don’t make sense.
> The people who suffer are going to be average users
I already notice this just with the blackout. Some stuff I find on Google is in private subs now, so I can't view it on Reddit. Sure, there might be ways around it, but regular people won't know that.
Every niche technical issue I've googled this week has at least one privated subreddit link now. As much as it sucks we needed a wake up call yet again. No one learned when forums would vanish with vast amounts of information.
Personally I'd love to have an upvote and subreddit filter. So "delete all comments except the ones on /r/askscience or the ones with above 100 upvotes".
ares isn't on the firefox store anymore and PowerDeleteSuite gets responses that are "success: false" 99% of the time because it doesn't fit the throttling they have very well so it leaves huge gaps of un-edited posts in your history
Ares can be installed manually but the building process has a few holes, namely, you need to rollback your node version to 13.14.0 and it's not mentioned in the readme. You can use nvm to do that (nvm install 13.14.0 && nvm use 13.14.0), then the normal stuff (npm install && npm run build)
I looked for a reddit history editor a while back and found those two as well, it's sad it's hard to make them work unless your account happens to have the throttle it expects
It’s pretty simple to do yourself. Last time I did this, I injected jQuery and wrote a few lines to delete a comment, wait a few seconds, delete another… then you reload the page and do it again. I would imagine that most HN members could do that fairly easily.
I’ve never created an account on Reddit, but in general, I’m surprised to hear they even allow editing older content. Most discussion-based/social media sites have logic that locks the comment after so much time (often some timespan less than 1 day), and only allow deletion after that point.
I would also be surprised if Reddit didn’t add such logic if they figure out this (editing older content to replace it with gibberish) is happening. It seems like reasonable logic to have in place anyway.
To be clear, I’m not siding with Reddit on this. Just saying it seems odd they even allow it in the first place, especially for comments — the top level post may make sense to allow edits, but even then there’s usually a publicly visible edit history.
I've actually been thinking about building this sort of thing as a Chrome extension, a generic comment/tweet deleting app. More for privacy reasons than protest ones. The web based services that do this via APIs never seem to stick around long which is why a browser extension makes more sense IMO.
That reasoning is similar to the one that I've found in r/RedditAlternatives: they're proposing to replace the content with random crap from a conlang generator.
Yes, but that's even crazier when the platform is basically messing with your posts and comments. That's not what a community is. They can generate content that fits their content strategy themselve then, this way they don't need users!
Even that won't work because there are companies like Pushshift (I think it's pushshift anyway) that are constantly archiving comments, so they have the old comment and the overwritten one. I think you can request pushshift delete your data under GDPR so at least you can remove your data from there, but I believe they are not the only ones doing this.
Pushshift only blocked such data from being queried via their API. All these users' posts and comments are still in their data dumps, which now have tens of thousands of copies after being released as torrents.
Seems like a game of whack-a-mole. A person might get Reddit and Pushshift to delete their comments, but surely there are other less well-known companies mirroring Reddit. Maybe even clandestinely.
I am not commenting on whether this is a good thing or not, from my POV that's for each person to decide themselves.
However, if this catches on and becomes more prevalent (and I could see that happening), then I'd expect some kind of cyber-vandalism law to be enacted. They can't prosecute based on hacking, because it isn't. But it could be argued you're 'defacing/destroying' digital property by editing to add content that knowingly will mess with their algs. Sooner than that though will be an addition to the EULA, that users cannot enter AI generated content or they agree to get fined, or some such nastiness.
The Cyberpunk RPG came out in 1988, and I was in my early 20s. Each decade since I've marvelled at how much closer to that dystopian world we've gotten, and the slope of the downward slide increases every decade.
Why do I say that?
Because the image of Reddit that's been in my head until today is of an Open Source type thing started by Aaron Schwartz. He was a founder, but that is not today's Reddit. I did some cursory digging and found Reddit is primarily owned (majority shareholder) by Advance Publications, Inc. These are the same people who own, or majorly own (primary or major shareholder): Conde Nast and all its subsidiaries (which now owns Ars Technica), American City Business Journals, Charter Communications, Warner Bros. Discovery, the Ironman Triathlons, many newspapers, Turnitin.com, and probably more. In 2019 Advance Publications was named the largest privately owned American company.
> But it could be argued you're 'defacing/destroying' digital property
But it's your comment. While I'm sure there's legalese in the T's & C's that you hand over all rights to your comment over to Reddit or release it under a permissive license, that doesn't make it right or just.
And I think reddit and other communities rely on keeping up the appearance that they respect you and your works, even if they're just shitpost comments.
> The Services may contain information, text, links, graphics, photos, videos, audio, streams, or other materials (“Content”), including Content created with or submitted to the Services by you or through your Account (“Your Content”). We take no responsibility for and we do not expressly or implicitly endorse, support, or guarantee the completeness, truthfulness, accuracy, or reliability of any of Your Content.
> By submitting Your Content to the Services, you represent and warrant that you have all rights, power, and authority necessary to grant the rights to Your Content contained within these Terms. Because you alone are responsible for Your Content, you may expose yourself to liability if you post or share Content without all necessary rights.
> You retain any ownership rights you have in Your Content, but you grant Reddit the following license to use that Content:
This applies to all their users, not just EU. Only difference is that US TOS make you waive your moral rights. I grant Reddit a right to copy them, but they're mine. If I destroy them, Reddit no longer has them.
Which is really just one more proof that reddit's added value is about zero and that looking to profit from _my_ content shows really the kind of leeches that they are.
It's not Reddit's content, it's your content and you grant them a license to it. The difference matters for a few reasons:
1. It means the cyber-vandalism law that the grandparent proposed wouldn't have any teeth here because it legally still belongs to you.
2. They can't change that provision because a good chunk of the TOS is about how the fact that it's your content means they're not liable for it. Their nonliability looks a lot fishier if they're also claiming copyright.
>But it could be argued you're 'defacing/destroying' digital property by editing to add content that knowingly will mess with their algs.
It cannot. Source: Reddit's ToS and reality:
>d. User Content. Reddit user photos, text and videos ("User Content") are owned by the users and not by Reddit.
If I want to replace what I posted with seventy five consecutive poop emojis, I am fully in my right to. Coupled with the right to be forgotten and the illegality for reddit to prevent me from doing so, it serves as a perfect tool to poison LLMs.
Additionally, if they leave the edit functionality intact for older posts they would have no legal grounds to stand on. It's not "hacking", or in any way unlawful, for a user to use an option provided by a company.
I predict that if they want to do something about this they'll go the HN route and just make posts uneditable/undeleteable after some time.
I’m actually glad this is happening because I’m sick and tired of looking for information on Reddit and seeing someone reply to a deleted comment with “Wow thank you that information was very useful!”
It’s user hostile, and prevents the spread of knowledge.
IF that were the agreement we made when we commented on Reddit that would be one thing.
IF that was their past behavior when this happened (what you describe has been happening since the inception of Reddit) that would be one thing.
Neither of those things are the case, Reddit has shown they have always had the ability to create these features (vote out mods, fix modding tools, improve accessibility, prevent comment deletion) but refused to do so until it actually hurt their bottom line. That's scummy.
People delete posts for all kinds of reasons - including accidentally violating NDA, or posting NSFW pics you no longer want "out there". Undeleting this stuff is opening Pandora's Box.
It’s naive to think deleting solves the problem. Once you post something on the internet, it’s out there forever potentially. Someone could easily saved whatever you posted, even if it’s under NDA or it’s a NSFW pic.
This is technically true, but then why does any website bother with content moderation? It's one thing for something to be archived on a hard drive somewhere and another for it to be google-searchable.
It says in the answer right there, the company must either be in the EU or you are in the EU.
Unfortunately, to protect user privacy we don’t know or store your IP address so you will have to provide some other proof that you are actually in the EU. An IP of course is also easily doubted, you need to provide legal documentation.
Probably not. I checked on a post where someone said something really stupid to me and then deleted it after I responded and it’s still deleted. I’m betting this was directed at the people who recently used tools to delete all of their posts.
Edit: On further inspection, maybe so. It’s possible they’re still in process or maybe I had it cached.
I have blacklisted reddit.com on my DNS, but I will keep an eye out if my comments are restored. I deleted thousands of comments, all of them, earlier this month.
And then what? I looked at the request form and it's pretty clear that they've automated those as a regular batch job, so other than a spike on some graph they're unlikely to notice that.
I don't see how they can argue that they own the data, and then turn around and say they have no way of making sure there is no PII - if a user thinks that a comment or post contains their PII and delete it, then either the user owns it or reddit needs to respect that is was deleted for that reason
Post something personal, then put in a 1st GDPR request and ask for all the servers (and their jurisdictions), all the backups, all the 3rd parties with access related to the post itself. Then ask for the security certifications and GDPR policies of each entity named. Then ask the company to delete the post for you in a 3rd GDPR request.
Wow wow, Isn't this the violation of the Europen GDPR privacy laws. If you deletd it then they should actually be deleted, otherwise you are violating the laws.
Yes and the irony is I was in Oslo today, showing to people within the EU our PoC demo for IKEA.com - on how we can provide recommendations with no third party data - and with the idea of consumers controlling exactly what is used to provide it - including the right to delete it all.
This is the way we're going - totally the opposite way.
I want to go with you. The US is so awful for privacy, not just at an administrative level, but we have too many citizens that do not care ('nothing to hide') and believe in an internet that can only be funded by giving up privacy. (Just look to HN for many "well, how else do you pay for it?!" arms tossed up comments)
For a people that seem to think we're synonymous with 'freedom,' the paths we choose sure seem to indicate a fucked up vision of what 'freedom' looks like going forward.
Too many attitudes feel defeated and resigned to abusive things today.
I believe you can absolutely revoke your consent to Reddit processing your data and demand that they remove any and all PII from their records. That will force them to go through your entire comment history and identify any such information.
Most reddit posts wouldn't be considered PII and I'm not sure the 'delete' function on a reddit post constitutes a GDPR removal request (it's not clear how this user purged their data).
The reddit FAQ around deleting your account[0] suggests that they'll just 'dissociate' your posts from your account (so the user says [deleted]) and remove your account data which should be fine for GDPR purposes.
This[1] support page says mods/admins can't recover your deleted posts for you but stops a little short of saying that it's impossible for them to do it for themselves.
So pretty scummy behaviour but I don't think anything they're doing is illegal (IANAL!).
Maybe Reddit users don't qualify for "Right to Erasure" because Reddit is still going, their data is being used, they technically didn't revoke "consent" and so on?
For instance, Article 9 in relation to Article 17 seems pretty solid:
> the data subject withdraws consent on which the processing is based according to point (a) of Article 6(1), or point (a) of Article 9(2), and where there is no other legal ground for the processing
> Processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation shall be prohibited.
But perhaps deleting an account + posts does not qualify as revoking consent?
I dunno anything about GDPR, but Reddit would have to be confident about every condition in Article 17. It makes me think these undeletions are a considered decision, not a knee jerk response.
The right to keep data beyond when a user requests it's deletion is contingent on it being needed for ongoing business requirements like tax and other audit requirements, not for content.
It's not possible under GDPR to automatically license user submitted content via a ToS or something. If you want to keep content beyond when a user clicks a delete button you would need a contract that provides reasonable compensation for licensing that content.
The GDPR itself is purposefully vague but is generally interpreted favouring the user so I would err on the side of it being revocation. We have always treated this way in SaaS startups I have worked at and I don't imagine you would get a more charitable reading of that as a social network an in EU court.
Add that to the minefield of GDPR issues Reddit has to confront. They've provided the whole Reddit comment corpus to researchers, several located in Europe, though the PushShift dataset. There are no real privacy controls on that dataset (anyone can query it) and apparently no way to process removal requests.
I understand that the GDPR allows you to request deletion of your private data, but content you’ve published isn’t quite the same. At the very least, Reddit’s TOS claim a perpetual irrevocable license to that content
Does the GDPR have a separate provision for requesting the deletion of published content, or are people just assuming it falls under the private data rules?
Most of it isn't. GDPR covers only personally identifiable data, not all user-related data. Unless you doxxed yourself in your comment, there's no personally identifiable data in those.
I wonder if there is a legal difference between submitting an official GDPR request for deletion and simply hitting the delete button on the platform itself.
With how quickly Reddit and Twitter have destroyed their reputations, it almost feels like it's been intentional to bring down our giant public communication platforms as we enter a new age of misinformation.
I dare to argue that the reputation was destroyed for people who are less likely to be influenced by media. In other words, critical thinker’s probably didn’t trust the platforms just for their reputation to begin with.
Maybe it's a good thing. If people will grow up and realise that "everything you see on the internet is by default a piece of bullshit crafted to manipulate you", world will become a better place. The less trust we have, the better.
I would like to say yes but, if it's a comment being restored containing personally identifiable information of the person that deleted it than I would say no. With that said I believe you need to have a formal request to remove PII and I have some doubts if deleting or obfuscating a reddit comment you made qualifies as such.
GDPR is principles-based regulation. No specific thing you mentioned actually matters, what matters is whether anyone's privacy rights will be violated by rolling back years worth of deletes or edits.
wow this is a massive privacy violation / gdpr issue. What can we do about this?
Tangent: I used to love reddit, i would actively pay for reddit gold just to support the site. I still have a hard time moving on, but this latest fiasco has set things in stone for me. RIP Reddit.
In the role an evil reddit CEO, I would restore bulk-deleted comments but disconnected from the accounts that made them and allow GDPR requests via carefully hidden form.
This would disable my users / victims from deleting their stuff (thus decreasing the value of my platform temporarily) while probably complying with GDPR.
I would also consider copying Twitters URL shortener.
Looks like the owners of “kbin.social” are learning the hard way that hosting your own social media service isn’t easy. Just 25 minutes on HN in the early morning US time brought them down.
>> It's equivalent to a librarian restoring some of their books that have been vandalised by a disgruntled author.
No, your analogy is idiotic.
Librarian had a sign up: Authors are allowed to vandalise their books. Then they restored it.
Every single reddit post has a "delete" link. If Reddit doesn't want people to delete their posts ... then I will go out on a limb and will suggest to ... remove the "delete" link?
The library bought those books and as such possess the physical copy. If somebody vandalizes it, that's destruction of property and bad.
Reddit never paid anybody. Reddit is made up of comments made by people, and those people can decide to delete these comments. Reddit is a for profit company looking to squeeze maximum shareholder value from the value provided by others people comments, and doesn't enjoy the same leniency that a public library would, IMHO.
This seems like such an unwise thing for them to do that I feel like there must be another explanation.