PSA: You can't delete photos uploaded to Lemmy. So don't (accidentally) upload a nude

You can't delete any text in comments or posts either - or at least not reliably, as any federated instance could choose to ignore deletions.

You should basically consider what you write or post here public, and probably public for good. But here's the thing - same goes for the entire rest of the Internet as well, basically.

Welcome to the hell of being a lemmy admin. There's a reason why lemmy admins are fed up with the developers.

So what have they been doing to nuke the csam images, editing the database directly?

So when I accidentally uploaded those Death Star plans...

How exactly does Lemmy remain in compliance with laws regarding, for example, a user's right to have all data associated with their account deleted (right to erasure, etc), or ensure that it is only kept for a time period reasonable while the user is actively using your services (data protection retention periods, etc)?

It's not a big deal for me, just strange to think Lemmy of all places would be built to be so anti user's data rights. The user is ultimately the one that decides what is done with their information/property, after all.

That is crazy. He really did seem knowledgeable, and apart from the upload of a sensitive image, he really did what he could.

Or do.

OH NO,

Anyway....

What exactly is a KYC selfie? Is it a photo of an ID card? I figured out WUI is WebUI. The author uses some strange acronyms I never heard before.

It's very American that they can steal your identity with just one photo. My European state issued ID has data on both sides, so if someone would take a photo of it won't be enough for anything. Also if you loose it you just get a new one and noone can use the old one for anything.

Dear aussie.zone users,

I can delete photos. Just give me the url of the photo you need killed and I'll happily delete it for you. But also, don't (accidentally) upload a nude.

I’m a developer of a Lemmy client. When you upload an image to a Lemmy instance, the instance returns a “delete token”. Later, you can ask the instance to delete the image attached to the delete token. So as long as you keep hold of the delete token for a specific image, you’re able to delete it later.

Lemmy-ui (the official frontend) will give you the option to delete an image again shortly after uploading it. However, it’s not possible to remove the image after actually creating the post, as the delete token associated with that post isn’t remembered anywhere on the Lemmy backend.

As for other Lemmy clients, YMMV. The client I work on (Mlem) deletes images if you remove them from a post before posting it, but has the same pitfall as Lemmy-ui in that it won’t delete the image if you’ve already created the post.

It would be possible to locally save the delete tokens of every image you upload, so that you can request that they be removed later. I don’t know of any clients that can do this yet, though (if someone knows of one, feel free to mention it).

Edit: clarity

I hate to use it, but this is why I still find imgur useful. It works.

Some stuff on Lemmy just doesn’t have a robust feature set yet. Especially around content moderation.

This got me curious on how many images are on all Lemmy instances combined and how much storage it all takes up.

You can consider almost anything publicly posted to Lemmy as permanent. As I keep saying, please be careful.

I do think a way to automatically store the uploaded image urls and associated delete keys under your user is a necessary feature.

For personal image hosting I use postimage, but any external host that lets you modify/remove images under your account will do.

What happens when you share a link to an image? Does Lemmy just save the link or does it make a copy of the image?

Seems that one of the problems with regards to this post has been recently fixed and will be included in the next release :)

https://github.com/LemmyNet/lemmy-ui/pull/2385

I’ll be honest, didn’t realize this was news to anyone online in general. What is posted online stays online, particularly if you wish it didn’t. Most especially if you make a stink about it.

If you upload an image from your browser, there's a little popup in the corner for a few seconds that allows you to delete it again. No such thing exists in the apps though and if you miss the popup, that's it.

Isn't this in violation of the gdpr?

If you ask the instance admin nicely, they might delete it for you, with a small risk of taking down the instance if they mess with pictrs wrong.

https://media1.tenor.com/m/EDYebu-b3KwAAAAC/dont-tell-me-what-i-cant-do.gif

takes off pant

Are you asking?😉😉

I can't upload any image so I'm way ahead of you

That's scary. I must be certain to not mix up my dick pics with my memes.

I've posted a selfie and cat pics.

I am unimportant and have little to steal. Though if someone starts shooting at me for paraphrasing far left theory, I'll know I hit a nerve.

Might be worth heeding with anything else sensitive too. Like bank details, emails etc. Dont dox yourself.

Oh really I thought it would be the other way around where private companies always keep a copy and fediverses don't 😅

You're telling me my penis can have a legacy?

Lawsuit waiting to happen.

PSA for admins and mods: GDPR fines can go up to 20 million euros per case. To give you an idea, Meta has been fined over 2.5 billion euros in recent years. If you think that's bad, the real worry is Germany's NetzDG.

Are you sure you want to insert a cheat code?

Yes.

Allyournudesarebelongtous

Cheat activated!

How hard can it be to fix?