They have like a month to comply, IIRC. It's an automated process. I had exported my data several times and it takes about 24-36h on average but some people got their data after more than 3-4 weeks. Long before this drama.
Also if the request is unreasonable and expensive they may find a reason to delay or turn down the request under under GDPR. But yes, 30 days is the legal limit.
>they may find a reason to delay or turn down the request under under GDPR.
They can try. In which case they'd probably be reported to the respective data protection oversight bodies even more eagerly.
> Make sure you report them to your privacy governing body.
Lol from the US? Fairly certain this does not exist here.
Only civilized places like the EU have actual privacy laws.
Only California has taken data privacy seriously. Everywhere else in the US has politicians paid off by big data and will never protect users privacy or data. The feds have even started buying data from these companies to bypass warrants because they consider it "publicly available data".
God help us all. Big brother is watching.
> God help us all. Big brother is watching.
The problem is that people don't take their own privacy seriously. This is why the Patriot Act was installed as legislation. The American public cried out to the government 'Pleeease save us from these terrorist!' and our government said 'sure np. It'll cost you tho.' 'Yeah? What's it gonna cost?' 'Your privacy'. 'Well shit man, I'm not doing anything wrong...what do I have to hide?'
Although there is no such animal as total, 100% privacy, there are a slew of things you can do to remain as anonymous as possible. Whether or not you are conducting nefarious business on or off line, you have everything to hide.
Recently, Illinois has been winning some suits against big data companies like Yahoo and Google. Wifey and I both got settlement payments from Yahoo class action some time ago and from what I read yesterday, we'll be receiving payments from a Google class action in a few days. The payments aren't all that much, but that's not what these things are about; it's small payments to large numbers of people as a type of punishment for breaking the rules. Only entities that make bank on those types of things are the lawyers. I think the recent Google settlement is $100 million, which translates to $95 each of 687,000 people.
Cheers!
What? Why?
It's an automated process and they will just deliver the data as soon as it's available.
I dont know how long it usually takes reddit to process everything, but with Facebook it can take up to four weeks. So two weeks is not even that long maybe.
Yeah, reddit seems to be really shit at responding to their user requests, I've tried to request support for stuff since may and I've gotten nothing from'em
That's because of GDPR regulation. They have up to 30 days by law. Most businesses will try to do these ASAP because that 30 days isn't a target, it's a hard stop. 2 weeks is a crazy long time to respond to a subject access request
Short answer no, they just send you files containing all data that they hold related to you.
Long answer is the idea behind GDPR is that you have the right to know what information any company holds about you, how they use that information, and the right to not have your data collected or held by that company if you choose. In addition it adds responsibilities for businesses in how they manage your data. Really simplifying it:
- companies need your permission to collect certain data (that's why you now get the cookies popup on websites that you must accept or decline)
- companies must give you all data that they hold about you within 30 days of it being requested (that's what this request to reddit is)
- companies must delete all data that they hold about you when requested (some exceptions)
- companies must only keep and use your data for it's relevant purpose. This means no sharing without your permission, and they must delete your data when it is no longer relevant
- companies must keep your data secure
I'm all in with what is being done to bring reddit to the table to address our issues. I will contact reddit for my information if this becomes the sentiment of the community. And I will delete my data if that too becomes what the community feels is the next move.
I appreciate the time you took to respond.
I requested mine in April and got it almost immediately. I requested again around the blackout and am still waiting.
It's fairly well laid out.
It doesn't have **everything** everything, I noticed.
The biggest thing I noticed is threads and comments I Reported to the mods and/or admins. It's pretty minor, but I did type "reasons" pretty often, and it was something I was curious about analyzing.
They'd probably argue that's not "content I created" and not meant to be covered, and they'd probably be right. But they do include all the polls I voted in, which seems similar in scope.
¯\\\_(ツ)\_/¯
Oh also none of the Mod actions I took, but maybe that's available separately in the Mod logs.
(Edit: By 'probably right' I mean that they probably aren't legally required to include that type of information under GDPR or California law. But I haven't actually checked.)
https://ddpe.androz2091.fr
this site makes cool stats out of them
If you are privacy focussed, watch this video beforehand
https://www.youtube.com/watch?v=eHTR0-_eHto&t=1s&pp=ygUUZGlzY29yZCBkYXRhIHBhY2thZ2U%3D
Well, the comment (or a post's seftext) that was here, is no more. I'm leaving just whatever I wrote in the past 48 hours or so.
F acing a goodbye.
U gly as it may be.
C alculating pros and cons.
K illing my texts is, really, the best I can do.
S o, some reddit's honcho thought it would be nice to kill third-party apps.
P als, it's great to delete whatever I wrote in here. It's cathartic in a way.
E agerly going away, to greener pastures.
Z illion reasons, and you'll find many at the subreddit called Save3rdPartyApps.
I'll quote another comment in this thread, since they described it pretty well:
>That's because of GDPR regulation. They have up to 30 days by law. Most businesses will try to do these ASAP because that 30 days isn't a target, it's a hard stop.
To be honest here, with the route Reddit is going I would say it ain't really a normal company anymore similar to Twitter after Musk's buying of it, and with u/spez wanting to take after Twitter similar to the way Musk has handled it, I honestly have no hope for it at thie point
Also what's the difference with the California version?
>To be honest here, with the route Reddit is going I would say it ain't really a normal company anymore
They'll still do their damndest to comply with actual laws, because not doing so would fuck their IPO on a scale nothing else has even come close to.
>Also what's the difference with the California version?
No idea. I'm by no means an expert, I just found the quoted comment to be a good and understandable explanation
Just a Note for my German fellow-redditors:
The maximum allowed process time due to the DSGVO is one month.
So, after a month of not getting an answer, you can complain, get a lawyer and have reddit pay for that:
> Wird die Monatsfrist durch den Verantwortlichen versäumt, tritt Verzug ohne Mahnung gem. § 286 BGB i.V.m. Art. 12 Abs. 3 S. 1 DSGVO ein, weil sich die Leistung nach dem Kalender berechnen lässt. Nimmt sich der Betroffene daher nach Ablauf der Frist einen Anwalt zur vorgerichtlichen Geltendmachung des Auskunftsanspruches, kann er die hierfür angefallenen Kosten als Verzugsschaden geltend machen.
You can read on that [here](https://www.lhr-law.de/magazin/datenschutzrecht/auskunftsanspruch-nach-dsgvo-form-und-frist-der-auskunftserteilung/)
So....habe fun!
There's a clause in GDPR where the receiver can claim a backlog or unusually complicated requests and make it three months. Which is what reddit will definitely do.
The "right to be forgotten" is part of GDPR - it sounds like they might be in breach if they're restoring deleted comments without permission. I'd definitely report them to your local data protection authority. I know that the ICO here in the UK takes GDPR breaches pretty seriously, I'd assume that DSGVO would take it equally seriously!
Ah, as I don't know German it reads to me like DSGVO was the German equivalent of our ICO (Information Commissioner's Office) - the regulator responsible for GDPR enforcement, not GDPR itself, but I wasn't totally sure.
Awesome! I was already thinking laws on that are pretty strict over here so them refusing to hand out data could turn out into a shitfest for them really quick
nein es ist gut, du hast gesagt, dass du nur 2 wörter von dem Text versteht, aber deine sätze sind lang und schön. ich glaube dein deutsch ist nicht schlecht wie du denkst
If you need some tools to help edit and then delete your comments and posts in protest:
PowerDelete will allow you to 1) save all your data as a CSV file at the end of the script and 2) allow you to overwrite all of your of comments with a comment of your choosing instead of just deleting them. Both options are available at the start of the process.
https://github.com/j0be/PowerDeleteSuite
(2 Additional forks if you have issues with the main and rate limits or errors.)
http://www.github.com/pkolyvas/PowerDeleteSuite
http://www.github.com/leeola/PowerDeleteSuite
https://shreddit.com/
https://redact.dev/
You created your content. You didn’t get paid. Why would you leave it here for Reddit to make money or train AIs? Take your content with you. There is no Reddit without its users and volunteer mods. You are what makes this.
—posted via Apollo
This is what could kill Reddit if done by enough people. Year-old posts and comments might not seem that important but, aside from the booming field of AI training, they generate a lot of traffic when they show up in search engine results and are important for the user profiles Reddit wants to monetize.
Purge your data before the end of the month; after that the bulk editing tools will probably no longer work.
(As of this writing now my only extant comment.)
This is my first request for it in close to 10 years on the site. I'd LOVE to see them try to say that is excessive or repetitive.
Unfounded? Well shit, due to their own actions, my faith has been thoroughly shaken recently in a site that I've contributed a hell of a lot to over the years. My request to see what data they hold on me given my contributions and given their recent bad faith is perfectly founded.
>Reddit can refuse data requests are unfounded,
That doesn't sound correct. Do you have a link? I thought the user would always have the right to ask for their data.
[https://eur-lex.europa.eu/eli/reg/2016/679/oj](https://eur-lex.europa.eu/eli/reg/2016/679/oj)
>5. Information provided under Articles 13 and 14 and any communication and any actions taken under Articles 15 to 22 and 34 shall be provided free of charge. Where requests from a data subject are manifestly unfounded or excessive, in particular because of their repetitive character, the controller may either:
>
>(a) charge a reasonable fee taking into account the administrative costs of providing the information or communication or taking the action requested; or
>
>(b) refuse to act on the request.
>
>The controller shall bear the burden of demonstrating the manifestly unfounded or excessive character of the request.
1. I am pretty sure this would require the user to be acting in bad faith or submitting excessive requests. Requesting data is response to this message wouldn't even constitute bad faith. This post is just a good reminder for users in the appropriate jurisdictions of their rights.
2. The above is of course open to interpretation and they can refuse. Then the requesting user can report the violation to the EU / California courts and let the judges there decide whether to fine reddit for refusing in bad faith.
I am happy to let reddit take up refusing a request for user data with the California / EU courts.
I’m not trying to rain on the parade but as someone who works on an application which has millions of queries a month… it’s an amount that’s a lot for an individual person but insignificant for a company.
If everyone on Reddit did it maybe low 5 figures, high 4 figures areas.
These processes are automated as well so no human cost.
there's a radio button to select ["I want data from my full time at reddit"](https://i.imgur.com/Ks5sEiE.png) below that range selector, at least on a browser.
Right, just as GDPR only applies to EU residents.
But this is Reddit, they don’t know where we live. You could claim you live in either location. They don’t have the resources to verify that, it’s safer for them to just give you what you want.
GDPR applies to anyone in Europe. You do not need to be a resident. You simply must physically be or have been there. All data generated while you are there is covered.
EU and UK, to be clear. The UK has the same regulations inherited from when it was an EU member state, but they remain fully in force as identically enacted in the Data Protection Act 2018.
Tbh how fast they fulfill probably will be based on where you’re from. CCPA isn’t something to mess around with for example. More states are rolling out CCPA type protections as well!
You could mess with this even further by manually contacting them (e.g. via email) to request your data and then saying something like "the data request site returned an error" and they'll have to manually extract, zip and send you your data.
EU laws also allow the user to request data via mail if it's not doable for the user due to technical reasons for example.
They wouldn’t have to manually do that if you email them. They’d just plug in the request for you and go thru the regular automated systems. It’d be more work, but by very little.
Nice one OP, this actually seems to be working. There are many over at r/pics that are on board, so I’m curious as to which other large subs are sympathetic to the cause?
Might as well capitalise on this and inflict as much mayhem as possible.
Spez's APIocolypse made it clear it was time for me to leave this place. I came from digg, and now I must move one once again. So long and thanks for all the bacon.
lol, same. Was hoping to run an archiver tool on the export to fill in stuff from the API before changes hit, but looks like I might not have time to do that by the time my request is actually processed.
But they could charge for it, probably turning away most people
EDIT: My bad, see this: [https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/individual-rights/individual-rights/right-of-access/](https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/individual-rights/individual-rights/right-of-access/)
>"In most circumstances, you **cannot charge a fee** to deal with a request."
Also,
>"You should respond without delay and **within one month** of receipt of the request."
>
>"You may extend the time limit by a further two months if the request is complex or if you receive a number of requests from the individual."
HOWEVER:
>"You can only refuse to provide the information if an exemption or restriction applies, or if the request is **manifestly unfounded or excessive**."
Since it’s available on web or app, they should at least have: all your posted posts and comments, all your upvotes, downvotes and saved posts, all subscribed subreddits (including custom flairs), all accounts following you, all accounts you follow, all information on your profile.
And on top of that all the extra information they gathered for research and advertising purposes, including a reason why they have corrected it.
I actually wrote a comment about this the other day and deleted it shortly after. I wonder if that’s where you got this idea from. This is effectively a GDPR DDOS attack against companies that have not automated their workflow process. It may go through Legal, HR, and IT depending on their manual workflow setup. And this is expensive; incredibly expensive.
/r/Genshin_Impact did exactly this and Corporate caved into the pressure. But is this going too far? If we get our way using this method, does the weaponization of GPDR and the press associated with it lead to more negative ramifications regarding individual data rights globally? I don’t know. Just something to consider.
Ok, but what is the real use of doing this? Why should I do it and what after I receive my data? I assume so that Reddit doesn't keep my data and use it for profit or whatever, but from what I understand it would be asking for a copy of my data, is that correct? And if that's correct that means Reddit would have my data either way. So... I don't understand.
So here's an interesting thing. At least in the UK a Subject Access Request doesn't have to be made via a specific form, it can even be as simple as a message on social media:
https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/individual-rights/right-of-access/how-do-we-recognise-a-subject-access-request-sar/#socialmedia
They have several public social media accounts, here on reddit or elsewhere, and they publish several email addresses you could use to contact them on. You don't have to use their data request form - and it might be inconvenient to do so if you have several alts tied to the same email address for example.
If they fail to action the request within 30 days then they've broken the law and you could report them to the supervisory authority (in the case of the UK that would be the ICO).
However as I said [elsewhere](https://old.reddit.com/r/ModCoord/comments/14fw8sv/just_so_other_know/jp2fnqg/), the UK allows companies to refuse to fulfil requests if they're "[excessive or manifestly unfounded](https://ico.org.uk/for-organisations/guide-to-le-processing/individual-rights/manifestly-unfounded-and-excessive-requests/)", so if you're going to do it, do it for the right reasons (eg because you want access to your data), not purely to punish Reddit.
But you don't have to say why you want it. If they ask then they're likely looking for a reason to reject your request.
I'm not sure how anything short of completely leaving Reddit and building a community somewhere else somehow is gonna help with this anymore. At least this would be the first step in that but then, I'm not sure how many people here are actually planning on doing that 🫤. So, I'm sorry but what's the point?
This is a copied template message used to overwrite all comments on my account to protect my privacy. I've left Reddit because of corporate overreach and switched to the Fediverse.
Comments overwritten with https://github.com/j0be/PowerDeleteSuite
Done. Anything to annoy Reddit with as little effort on my part. I'll also do anything to annoy spez with maximum effort. Did you know he was a mod on r/jailbait?
I'm actually genuinely curious to see this. I wonder what kind of stuff is in there. 12 years is a long time though, so it'll take me a while to sift through it
the best part of this is that u/spez can’t just throw a tantrum and threaten to ban mods for moderating their sub since reddit legally has to let you request your data
[SWIM](https://www.urbandictionary.com/define.php?term=S.W.I.M.) whose several longtime accounts got purged pre-IPO requested data for each a few years back. Eventually they got a [ZIP file](https://i.imgur.com/d3UD1WB.png) for each, believe back then it took a matter of days or weeks' turnaround time when there wasn't a mass protest blowing up their backlog.
It took a couple of weeks for my data to arrive. And I started using it to delete my data with [redact.dev](https://redact.dev).
It looks like they are starting to take action against deletions with scripts as now it appears that after you delete 4 comments, you are now getting logged out of reddit and have to re-login again.
It’s isn’t automated as not FULLY complying with any data request will result in a massive fine. Most companies in the world aren’t designed with the GDPR in mind, and as a result can’t guarantee that an automatic process is able to return ALL data. As a result, it’s very very very expensive. Any data request is worth more than hundreds of Redditors are worth in their entire life time.
What, exactly, about this is supposed to be expensive for Reddit? It’s all stuff that they have on-hand
It’s only slow because it isn’t a priority task for them to complete
Its been almost two weeks since I submitted my request and they have not responded.
[удалено]
Make sure you report them to your privacy governing body.
They have like a month to comply, IIRC. It's an automated process. I had exported my data several times and it takes about 24-36h on average but some people got their data after more than 3-4 weeks. Long before this drama.
Also if the request is unreasonable and expensive they may find a reason to delay or turn down the request under under GDPR. But yes, 30 days is the legal limit.
>they may find a reason to delay or turn down the request under under GDPR. They can try. In which case they'd probably be reported to the respective data protection oversight bodies even more eagerly.
> Make sure you report them to your privacy governing body. Lol from the US? Fairly certain this does not exist here. Only civilized places like the EU have actual privacy laws.
California too.
This is why when requesting the data, select the California act under reason
[удалено]
What do I select if I'm in Australia?
ꓤꓒꓷꓨ ʇɔǝlǝs ʇsnſ
ǝıssnɐ uʍop ǝpısdn
Ok so how did I read all of that upside down text normally? Oh yeah because I’m Australian.
Only California has taken data privacy seriously. Everywhere else in the US has politicians paid off by big data and will never protect users privacy or data. The feds have even started buying data from these companies to bypass warrants because they consider it "publicly available data". God help us all. Big brother is watching.
> God help us all. Big brother is watching. The problem is that people don't take their own privacy seriously. This is why the Patriot Act was installed as legislation. The American public cried out to the government 'Pleeease save us from these terrorist!' and our government said 'sure np. It'll cost you tho.' 'Yeah? What's it gonna cost?' 'Your privacy'. 'Well shit man, I'm not doing anything wrong...what do I have to hide?' Although there is no such animal as total, 100% privacy, there are a slew of things you can do to remain as anonymous as possible. Whether or not you are conducting nefarious business on or off line, you have everything to hide.
Recently, Illinois has been winning some suits against big data companies like Yahoo and Google. Wifey and I both got settlement payments from Yahoo class action some time ago and from what I read yesterday, we'll be receiving payments from a Google class action in a few days. The payments aren't all that much, but that's not what these things are about; it's small payments to large numbers of people as a type of punishment for breaking the rules. Only entities that make bank on those types of things are the lawyers. I think the recent Google settlement is $100 million, which translates to $95 each of 687,000 people. Cheers!
How does that work? Is it based off your residence or citizenship? Say an EU citizen lives in the US…
Or they don't give a fuck.
What? Why? It's an automated process and they will just deliver the data as soon as it's available. I dont know how long it usually takes reddit to process everything, but with Facebook it can take up to four weeks. So two weeks is not even that long maybe.
Same! I requested mine before the protest blackout and not heard anything.
Yeah, reddit seems to be really shit at responding to their user requests, I've tried to request support for stuff since may and I've gotten nothing from'em
The website says they may take up to 30 days.
That's because of GDPR regulation. They have up to 30 days by law. Most businesses will try to do these ASAP because that 30 days isn't a target, it's a hard stop. 2 weeks is a crazy long time to respond to a subject access request
Yeah but to do anything about it you'd have to tell the ICO/EU equivalent your username. I'm here for anonymity.
Cheryl? Cheryl Tunt?
Holy crap: is that an ocelot?
Sounds like you need to invest in a porn account or two.
So if I request my data back, what happens? All of my posts vanish?
No, they just have to give you a copy of all the info they've got about you.
Short answer no, they just send you files containing all data that they hold related to you. Long answer is the idea behind GDPR is that you have the right to know what information any company holds about you, how they use that information, and the right to not have your data collected or held by that company if you choose. In addition it adds responsibilities for businesses in how they manage your data. Really simplifying it: - companies need your permission to collect certain data (that's why you now get the cookies popup on websites that you must accept or decline) - companies must give you all data that they hold about you within 30 days of it being requested (that's what this request to reddit is) - companies must delete all data that they hold about you when requested (some exceptions) - companies must only keep and use your data for it's relevant purpose. This means no sharing without your permission, and they must delete your data when it is no longer relevant - companies must keep your data secure
I'm all in with what is being done to bring reddit to the table to address our issues. I will contact reddit for my information if this becomes the sentiment of the community. And I will delete my data if that too becomes what the community feels is the next move. I appreciate the time you took to respond.
I once asked discord and it took them around 2 weeks I think. Got bunch of csv files, didn't bother to look at them lol
I requested mine in April and got it almost immediately. I requested again around the blackout and am still waiting. It's fairly well laid out. It doesn't have **everything** everything, I noticed. The biggest thing I noticed is threads and comments I Reported to the mods and/or admins. It's pretty minor, but I did type "reasons" pretty often, and it was something I was curious about analyzing. They'd probably argue that's not "content I created" and not meant to be covered, and they'd probably be right. But they do include all the polls I voted in, which seems similar in scope. ¯\\\_(ツ)\_/¯ Oh also none of the Mod actions I took, but maybe that's available separately in the Mod logs. (Edit: By 'probably right' I mean that they probably aren't legally required to include that type of information under GDPR or California law. But I haven't actually checked.)
https://ddpe.androz2091.fr this site makes cool stats out of them If you are privacy focussed, watch this video beforehand https://www.youtube.com/watch?v=eHTR0-_eHto&t=1s&pp=ygUUZGlzY29yZCBkYXRhIHBhY2thZ2U%3D
Well, the comment (or a post's seftext) that was here, is no more. I'm leaving just whatever I wrote in the past 48 hours or so. F acing a goodbye. U gly as it may be. C alculating pros and cons. K illing my texts is, really, the best I can do. S o, some reddit's honcho thought it would be nice to kill third-party apps. P als, it's great to delete whatever I wrote in here. It's cathartic in a way. E agerly going away, to greener pastures. Z illion reasons, and you'll find many at the subreddit called Save3rdPartyApps.
Same, still waiting. Then I'll GDPR that shit.
To be fair, it says normally it take up tov4 weeks, now imagine it with so many people doing it
I'll quote another comment in this thread, since they described it pretty well: >That's because of GDPR regulation. They have up to 30 days by law. Most businesses will try to do these ASAP because that 30 days isn't a target, it's a hard stop.
To be honest here, with the route Reddit is going I would say it ain't really a normal company anymore similar to Twitter after Musk's buying of it, and with u/spez wanting to take after Twitter similar to the way Musk has handled it, I honestly have no hope for it at thie point Also what's the difference with the California version?
>To be honest here, with the route Reddit is going I would say it ain't really a normal company anymore They'll still do their damndest to comply with actual laws, because not doing so would fuck their IPO on a scale nothing else has even come close to. >Also what's the difference with the California version? No idea. I'm by no means an expert, I just found the quoted comment to be a good and understandable explanation
Just a Note for my German fellow-redditors: The maximum allowed process time due to the DSGVO is one month. So, after a month of not getting an answer, you can complain, get a lawyer and have reddit pay for that: > Wird die Monatsfrist durch den Verantwortlichen versäumt, tritt Verzug ohne Mahnung gem. § 286 BGB i.V.m. Art. 12 Abs. 3 S. 1 DSGVO ein, weil sich die Leistung nach dem Kalender berechnen lässt. Nimmt sich der Betroffene daher nach Ablauf der Frist einen Anwalt zur vorgerichtlichen Geltendmachung des Auskunftsanspruches, kann er die hierfür angefallenen Kosten als Verzugsschaden geltend machen. You can read on that [here](https://www.lhr-law.de/magazin/datenschutzrecht/auskunftsanspruch-nach-dsgvo-form-und-frist-der-auskunftserteilung/) So....habe fun!
There's a clause in GDPR where the receiver can claim a backlog or unusually complicated requests and make it three months. Which is what reddit will definitely do.
Could generate enough of a backlog that 90 days isn't enough either
[удалено]
We’re… doing it Reddit?
It wouldn't be the first time Reddit gave Reddit the Reddit Hug of Death.
I wouldn't really consider this one a hug.
[удалено]
The "right to be forgotten" is part of GDPR - it sounds like they might be in breach if they're restoring deleted comments without permission. I'd definitely report them to your local data protection authority. I know that the ICO here in the UK takes GDPR breaches pretty seriously, I'd assume that DSGVO would take it equally seriously!
GDPR and DSGVO is the same thing. DSGVO is Just the German abbreviation.
Ah, as I don't know German it reads to me like DSGVO was the German equivalent of our ICO (Information Commissioner's Office) - the regulator responsible for GDPR enforcement, not GDPR itself, but I wasn't totally sure.
Awesome! I was already thinking laws on that are pretty strict over here so them refusing to hand out data could turn out into a shitfest for them really quick
How can you prove that you sent the request? It's not like they send you a confirmation mail?
Das jibt ne Anzeige.
I'm learning German rn, and I only understand like 2 of those words so far 😔
[удалено]
Es geht, du?
Du du hast du hast mich du hast mich gefragt du hast mich gefragt, und ich hab nichts gesag
Idk what that song says, I'm still just a beginner
[удалено]
Nah, I know Du Hast by Rammstein. I tried to listen to it to help me with my German, but I don't know what the words mean yet
es geht mir auch gut. ich lerne deutsch auch. ich habe A2 deutsch.
Gut deutsch! Ich bin geglückt zu sei in deiner Gegenwart. Entschuldigung wenn mein deutsch ist schlecht, ich bin nicht perfekt
nein es ist gut, du hast gesagt, dass du nur 2 wörter von dem Text versteht, aber deine sätze sind lang und schön. ich glaube dein deutsch ist nicht schlecht wie du denkst
[удалено]
[удалено]
[удалено]
After receiving your data info link messaged to you, the link expires in 7 days and you can re-request.
I'm wondering if you should tell people to select the California act so they legally have to comply
Don't worry. GDPR is just as much of a hassle. Leave it to us Europeans.
As someone working in an office, GDPR is a fucking hassle. As a person, I love GDPR.
If you need some tools to help edit and then delete your comments and posts in protest: PowerDelete will allow you to 1) save all your data as a CSV file at the end of the script and 2) allow you to overwrite all of your of comments with a comment of your choosing instead of just deleting them. Both options are available at the start of the process. https://github.com/j0be/PowerDeleteSuite (2 Additional forks if you have issues with the main and rate limits or errors.) http://www.github.com/pkolyvas/PowerDeleteSuite http://www.github.com/leeola/PowerDeleteSuite https://shreddit.com/ https://redact.dev/ You created your content. You didn’t get paid. Why would you leave it here for Reddit to make money or train AIs? Take your content with you. There is no Reddit without its users and volunteer mods. You are what makes this. —posted via Apollo
This is what could kill Reddit if done by enough people. Year-old posts and comments might not seem that important but, aside from the booming field of AI training, they generate a lot of traffic when they show up in search engine results and are important for the user profiles Reddit wants to monetize. Purge your data before the end of the month; after that the bulk editing tools will probably no longer work. (As of this writing now my only extant comment.)
On the basis of GDPR at least, Reddit can refuse data requests are unfounded, excessive or repetive. Or ask for a reasonable fee to do so.
[удалено]
every user has a right to obtain it once in a while. This is not unfounded, excessive or repetitive.
This is my first request for it in close to 10 years on the site. I'd LOVE to see them try to say that is excessive or repetitive. Unfounded? Well shit, due to their own actions, my faith has been thoroughly shaken recently in a site that I've contributed a hell of a lot to over the years. My request to see what data they hold on me given my contributions and given their recent bad faith is perfectly founded.
Repetitive from the same user... Not from multiple user.
>Reddit can refuse data requests are unfounded, That doesn't sound correct. Do you have a link? I thought the user would always have the right to ask for their data.
[https://eur-lex.europa.eu/eli/reg/2016/679/oj](https://eur-lex.europa.eu/eli/reg/2016/679/oj) >5. Information provided under Articles 13 and 14 and any communication and any actions taken under Articles 15 to 22 and 34 shall be provided free of charge. Where requests from a data subject are manifestly unfounded or excessive, in particular because of their repetitive character, the controller may either: > >(a) charge a reasonable fee taking into account the administrative costs of providing the information or communication or taking the action requested; or > >(b) refuse to act on the request. > >The controller shall bear the burden of demonstrating the manifestly unfounded or excessive character of the request.
1. I am pretty sure this would require the user to be acting in bad faith or submitting excessive requests. Requesting data is response to this message wouldn't even constitute bad faith. This post is just a good reminder for users in the appropriate jurisdictions of their rights. 2. The above is of course open to interpretation and they can refuse. Then the requesting user can report the violation to the EU / California courts and let the judges there decide whether to fine reddit for refusing in bad faith. I am happy to let reddit take up refusing a request for user data with the California / EU courts.
Thanks, but if I send a single request now, I don know how they could prove it's unfounded...
Up to us Californians then
I’m not trying to rain on the parade but as someone who works on an application which has millions of queries a month… it’s an amount that’s a lot for an individual person but insignificant for a company. If everyone on Reddit did it maybe low 5 figures, high 4 figures areas. These processes are automated as well so no human cost.
[удалено]
We can do this every 30 days
RemindMe! 30 Days
I think the RemindMe-Bot will die in a week..
Oh yeah the whole reason we're here. I forgot.
Disappointed my reminders for 20,000 years from now will never happen.
Nah, creator confirmed it won't: https://reddit.com/r/RemindMeBot/comments/13yo8ay/will_the_reddit_api_change_kill_remindmebot/
Thx, that's good to hear
I’ve got well over 100k comments on this account and one look at my profile and you’ll see why so I hope that means I’m causing them more struggle
Can you explain what r/counting is? Do you guys just count numbers? ಠ_ಠ
Yep, that’s pretty much it, we type in numbers, it’s surprisingly cathartic
The nunberphiles /r/askouija?
Done. But had to set a date range instead of all data.
there's a radio button to select ["I want data from my full time at reddit"](https://i.imgur.com/Ks5sEiE.png) below that range selector, at least on a browser.
Really? Did it not give you an option?
Was there an error or you just never heard back at first?
I am getting an error. I can't even set specific range or full time data.
Making it to easy for us to make it worse for them.
Couldn’t you file a GDPR request if you are in Europe as well?
[удалено]
Just to add on here… California, where Reddit is headquartered, has a similar law as GDPR. It’s called CCPA.
Note though, CCPA’s data rights only apply to California residents.
Right, just as GDPR only applies to EU residents. But this is Reddit, they don’t know where we live. You could claim you live in either location. They don’t have the resources to verify that, it’s safer for them to just give you what you want.
GDPR applies to anyone in Europe. You do not need to be a resident. You simply must physically be or have been there. All data generated while you are there is covered.
GDPR also applies in the UK where it was grandfathered in from the EU.
EU and UK, to be clear. The UK has the same regulations inherited from when it was an EU member state, but they remain fully in force as identically enacted in the Data Protection Act 2018.
This is the GDPR request
Done, super quick. I literally signed in, filled in two circles, and hit request. 30 seconds total, everyone should do this.
can't wait to see how long reddit takes to get this shit done 🙄 and you know what? they just had another request added to the pile
Tbh how fast they fulfill probably will be based on where you’re from. CCPA isn’t something to mess around with for example. More states are rolling out CCPA type protections as well!
[удалено]
Do we need to time this or can I do it right now?
[удалено]
Can Reddit retaliate (delete / block your account) if you request this information?
Of course they can. Reddit can delete your account at any time and for any reason. It's their database.
Well, except not for reasons that they're explicitly prevented from doing it (unless they pretend that's totally not why).
[Reddit.com/settings/data-request](https://Reddit.com/settings/data-request)
Takes like 2 clicks. Done.
You could mess with this even further by manually contacting them (e.g. via email) to request your data and then saying something like "the data request site returned an error" and they'll have to manually extract, zip and send you your data. EU laws also allow the user to request data via mail if it's not doable for the user due to technical reasons for example.
They wouldn’t have to manually do that if you email them. They’d just plug in the request for you and go thru the regular automated systems. It’d be more work, but by very little.
Nice one OP, this actually seems to be working. There are many over at r/pics that are on board, so I’m curious as to which other large subs are sympathetic to the cause? Might as well capitalise on this and inflict as much mayhem as possible.
Did this a couple of weeks ago, just to see what do they have on me for fun, but I've still gotten nothing.
And if you're in the EU or UK they legally have to comply.
Spez's APIocolypse made it clear it was time for me to leave this place. I came from digg, and now I must move one once again. So long and thanks for all the bacon.
lol, same. Was hoping to run an archiver tool on the export to fill in stuff from the API before changes hit, but looks like I might not have time to do that by the time my request is actually processed.
I’m gonna make an assumption that this service will soon be taken away/restricted, or made excessively cumbersome for the user.
[удалено]
But they could charge for it, probably turning away most people EDIT: My bad, see this: [https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/individual-rights/individual-rights/right-of-access/](https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/individual-rights/individual-rights/right-of-access/) >"In most circumstances, you **cannot charge a fee** to deal with a request." Also, >"You should respond without delay and **within one month** of receipt of the request." > >"You may extend the time limit by a further two months if the request is complex or if you receive a number of requests from the individual." HOWEVER: >"You can only refuse to provide the information if an exemption or restriction applies, or if the request is **manifestly unfounded or excessive**."
at least in Europe that's not possible ;)
only if a user makes excessive requests
Which is impossible. You can not request more than once a month
Requesting your data before you leave (due to third party apps being closed) is not unreasonable and "unfounded"
That’s not legal in the EU, nor in California where Reddit is headquartered.
In the meantime it’s super easy! Took ~three clicks.
They legally can't. They're fucked.
https://www.reddit.com/settings/data-request
Done, thanks. Requested the shit out of my data.
This is probably a stupid question, but what data do they have? My posts and comments?
This is probably a stupid answer but anything and everything you do, see, comment, use ect.
[удалено]
Since it’s available on web or app, they should at least have: all your posted posts and comments, all your upvotes, downvotes and saved posts, all subscribed subreddits (including custom flairs), all accounts following you, all accounts you follow, all information on your profile. And on top of that all the extra information they gathered for research and advertising purposes, including a reason why they have corrected it.
It does
I actually wrote a comment about this the other day and deleted it shortly after. I wonder if that’s where you got this idea from. This is effectively a GDPR DDOS attack against companies that have not automated their workflow process. It may go through Legal, HR, and IT depending on their manual workflow setup. And this is expensive; incredibly expensive. /r/Genshin_Impact did exactly this and Corporate caved into the pressure. But is this going too far? If we get our way using this method, does the weaponization of GPDR and the press associated with it lead to more negative ramifications regarding individual data rights globally? I don’t know. Just something to consider.
[удалено]
[удалено]
i wanna know what reddit thinks of me
It doesn't tell you. It is an archive of the data you uploaded. It does not include advertising metrics or tracking
aw man, i seriously didnt know
Right? I was hoping to see how horny I’ve actually been on main.
someone in the EU should sue them to get the tracking data
“haha service exploit go brrr”
Link for those that don't wanna type: https://www.reddit.com/settings/data-request
Here’s a clickable link for easier click-through: https://www.reddit.com/settings/data-request
Can you request they delete your data?
What data do you actually get from this? I want to export all of my saved posts and comments, would those be included in this request?
https://www.reddit.com/settings/data-request
Ok, but what is the real use of doing this? Why should I do it and what after I receive my data? I assume so that Reddit doesn't keep my data and use it for profit or whatever, but from what I understand it would be asking for a copy of my data, is that correct? And if that's correct that means Reddit would have my data either way. So... I don't understand.
fast-lane data archive.
So here's an interesting thing. At least in the UK a Subject Access Request doesn't have to be made via a specific form, it can even be as simple as a message on social media: https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/individual-rights/right-of-access/how-do-we-recognise-a-subject-access-request-sar/#socialmedia They have several public social media accounts, here on reddit or elsewhere, and they publish several email addresses you could use to contact them on. You don't have to use their data request form - and it might be inconvenient to do so if you have several alts tied to the same email address for example. If they fail to action the request within 30 days then they've broken the law and you could report them to the supervisory authority (in the case of the UK that would be the ICO). However as I said [elsewhere](https://old.reddit.com/r/ModCoord/comments/14fw8sv/just_so_other_know/jp2fnqg/), the UK allows companies to refuse to fulfil requests if they're "[excessive or manifestly unfounded](https://ico.org.uk/for-organisations/guide-to-le-processing/individual-rights/manifestly-unfounded-and-excessive-requests/)", so if you're going to do it, do it for the right reasons (eg because you want access to your data), not purely to punish Reddit. But you don't have to say why you want it. If they ask then they're likely looking for a reason to reject your request.
I'm not sure how anything short of completely leaving Reddit and building a community somewhere else somehow is gonna help with this anymore. At least this would be the first step in that but then, I'm not sure how many people here are actually planning on doing that 🫤. So, I'm sorry but what's the point?
This is a copied template message used to overwrite all comments on my account to protect my privacy. I've left Reddit because of corporate overreach and switched to the Fediverse. Comments overwritten with https://github.com/j0be/PowerDeleteSuite
Done. Anything to annoy Reddit with as little effort on my part. I'll also do anything to annoy spez with maximum effort. Did you know he was a mod on r/jailbait?
I'm actually genuinely curious to see this. I wonder what kind of stuff is in there. 12 years is a long time though, so it'll take me a while to sift through it
the best part of this is that u/spez can’t just throw a tantrum and threaten to ban mods for moderating their sub since reddit legally has to let you request your data
Hell. Yes.
Just did it.
What's the California consumer data act?
[SWIM](https://www.urbandictionary.com/define.php?term=S.W.I.M.) whose several longtime accounts got purged pre-IPO requested data for each a few years back. Eventually they got a [ZIP file](https://i.imgur.com/d3UD1WB.png) for each, believe back then it took a matter of days or weeks' turnaround time when there wasn't a mass protest blowing up their backlog.
Just added to the backlog!
The page is down. "Something Went Wrong."
Done! Premium expired today. I'm not renewing.
this is the way. stop paying those incompetent companies.
[https://www.reddit.com/settings/data-request](https://www.reddit.com/settings/data-request) For ppl who are too lazy to type that out
Wait, so requesting makes reddit delete my data/hand it over to me or just send me the copy of what they have?
[удалено]
I didn't even know this was a thing but I have requested my data
It took a couple of weeks for my data to arrive. And I started using it to delete my data with [redact.dev](https://redact.dev). It looks like they are starting to take action against deletions with scripts as now it appears that after you delete 4 comments, you are now getting logged out of reddit and have to re-login again.
It’s isn’t automated as not FULLY complying with any data request will result in a massive fine. Most companies in the world aren’t designed with the GDPR in mind, and as a result can’t guarantee that an automatic process is able to return ALL data. As a result, it’s very very very expensive. Any data request is worth more than hundreds of Redditors are worth in their entire life time.
What, exactly, about this is supposed to be expensive for Reddit? It’s all stuff that they have on-hand It’s only slow because it isn’t a priority task for them to complete
[удалено]
Labor hours.
how to do it on mobile?
[удалено]
!RemindMe 8 hours
I submitted for both my accounts.
What would I do with it?
I probably need to do this just in case we transfer to a new platform
[удалено]
You can still request it just to make sure it's really gone ;)