As the title says, Reddit replied to my GDPR request to delete all my data saying I had to do it first, which I suspect is in violation of GDPR law.
Reddit’s argument is that to comply with GDPR, they just need to dossociate your account from your posts, so the latter cannot be traced back to you. However, the argument could be made that the posts themselves are enough data to be linked to you.
Is there any type of response that could be framed in legal terms to make reddit really remove all the content from my account?
I’m no lawyer, however, having gone through this a couple of times as a service provider this is my understanding:
GDPR and similar laws cover data which the provider has gathered about you and may have been shared with third parties.
Generally, user generated content is not covered under GDPR requests. Any content that you chose to post which is self-identifying was posted at your discretion.
The best examples of where this must be true are mailing list archives and Git reposities. E.g., the email address you gave to GitHub on signups and the email address that you attached to a git commit may have been the same, but only one use case provides for GDPR protection. Mostly.
In practice there’s a lot of gray area in GDPR and privacy lawyers often have to find the inflection point somewhere between clearly covered and clearly not covered.
Got it. Thanks for the explanation
Contact your Data Protection Authority and file a complaint.
Be patient, if you want your content deleted you will have an efficient way to do it soon. Don’t count on reddit to do this for you. It seems we have enough access to the API to do it ourselves.
What would be this efficient way that if coming soon?
I think it’s untested whether this is legal or not; it’s in a legal grey zone. Try to find an online script to help you delete all your posts. Alternatively turn the question to your national agency which handles GDPR compliance.
With the API shutting down, I believe there is no longer an automated way to delete all content. I would focus more attention on the latter suggestion.
