Deleting posts or comments is a best effort attempt at removing it from public view.

Due to the federated nature of Lemmy, any time content is posted and sent to other instances, we lose control over what happens next. When content is marked as deleted on our end, this sends a “please delete this” message to other instances, but there is no way to enforce this, as that content is no longer stored on our infrastructure. Once content is publicly accessible on the internet, there is no way to ensure that it gets removed again. Even if all fediverse instances are cooperating and honoring deletion requests, there may be federation issues causing the deletion request being lost, or external actors that just scrape Lemmy or the larger internet to collect as much data as they can, with no chance of the original creator being able to get it purged. Depending on the data, this may no be legal in some jurisdictions, such as EU having the “right to be forgotten” and similar laws.

Additionally, the Lemmy version we are currently using has a bug, where under some circumstances contents of deleted and removed comments are still being displayed to users. While this is expected for mod-removed comments to be visible in the modlog, this is neither expected for deleted comments nor should the comments still be displayed normally. We are looking forward to address this with the next Lemmy update we will be deploying, but we will likely have to build some custom patch for Lemmy to ensure that this does not significantly reduce our moderation experience, as the solution implemented in Lemmy essentially prevents anyone, including site admins and community moderators from seeing removed and deleted comments entirely.

This is further extended by Lemmy having a scheduled task (already in the version we are using here), which runs daily to overwrite deleted posts and comments to remove their contents once they are older than 30 days.

As is right now, if you have sensitive information that you accidentally shared in a comment or post, we recommend editing the contents prior to deletion and removing that.

edit: typo

We will be posting an announcement explaining the current plans and issues in the coming days.

I doubt it

I wouldn’t say usually, but they can happen from time to time for a variety of reasons.

It can be caused by overly aggressive WAF (web application firewall) configurations, proxy server misconfigurations, bugs in Lemmy and probably some more.

Proxy server misconfiguration is a common one we’ve seen other instances have issues with from time to time, especially when it works between Lemmy instances but e.g. Mastodon -> Lemmy not working properly, as the proxy configuration would only be specifically matching Lemmys behavior rather than spec-compliant requests.

Overly aggressive WAF configurations tend to usually being a result of instances being attacked/overloaded either by DDoS or aggressive AI service crawlers.

Usually, when there are no configuration changes on either side, issues like this don’t just show up randomly.

In this case, while there was a change on the lemmy.ml side and we don’t believe a change on our side fell into the time this started happening (we don’t have the exact date for when the underlying issue started happening), while the behavior on the sending side might have changed with the Lemmy update, and other instances might just randomly not be affected. We currently believe that this is likely just exposing an issue on our end that already existed prior to changes on lemmy.ml, except the specific logic was previously not used.

this comment section is not a place to rant about other instances

I don’t believe it is.

There weren’t any network related changes from 0.19.6 to 0.19.7 and we haven’t seen this behavior with any of the 0.19.6 instances yet.

The requests are visible with details (domain, path, headers) in Cloudflare, but they’re not showing on our proxy server logs at all.

at this point we don’t believe that this will allow anyone to act as someone else, but we are aware of the issue. it’s still unclear what is actually causing this, as the pages are not supposed to be cacheable when there is authentication attached.

are you sure about the username? i can’t even find a user remotely matching that name.

some of the issues introduced in 0.19.4 or 0.19.5 include

• actions of remote moderators not federating properly
• modlog filtering by acting moderator not working
• mastodon urls could no longer directly be resolved in lemmy
• admins can no longer see contents of removed or deleted comments

No software is ever free of bugs, especially not one starting with a zero version number.

nobody is talking about it being free of bugs, but we try to go for versions that at least don’t have any major bugs.

ther must be no avoidable delay in the deletion request of user data

is there a definition for “no avoidable delay” as interpreted by courts? your definition and mine clearly don’t overlap here.

That said, there is no communication of news and roadmaps. Maybe on proprietary Discord but not here.

there is no additional information about roadmaps on discord.

https://lemmy.world/post/20234434 is one of the places this was discussed previously.

we currently don’t have any announcements about this. afaik we’ve only been doing these for when we actually plan to do something with an actual estimated timeline, but i agree that it would be good to have this information more accessible by having a post in our announcement community rather than just comments on posts in other communities.

your calculations seem to be off.

0.19.7 is only 4 versions ahead of 0.19.3, not 8.

there were significant issues with 0.19.4, which resulted in 0.19.5. there are still some issues that are important for us, although they may not be as important for smaller instances, that were an issue in 0.19.5.

0.19.6 was released 10 days ago and already had a followup release 0.19.7 to fix some new issues that were introduced in 0.19.6. there are still pending issues like https://github.com/LemmyNet/lemmy/issues/5208, so i imagine it might not take too long for a 0.19.8 release.

we’re aiming to provide a stable experience and also try to avoid regressions resulting in reducing moderator capabilities.

most of the issues we saw reported for versions above 0.19.3 however have been fixed in the newer versions since, so there aren’t as many issues remaining that would prevent an upgrade to 0.19.8 or a 0.19.7 with extra patches, but at this time 0.19.7 hasn’t seen widespread use yet, which tends to be what brings up more bug reports if there are new issues.

LW is currently still violating privacy laws because users cannot delete uploaded media.

this statement is ridiculous. while you cannot currently delete them yourself, this is in no way violating any laws. if people want to have their uploaded media deleted they can just raise a support ticket or send a message to @lwadmin@lemmy.world and we’ll take care of it.

if there are any laws stating that this is required to be possible as self-service i’d love to see references for that, because for all i know this is not the case.

no, there are currently no options to customize the viewing experience, such as custom css.

as others already mentioned, forcing light mode on people is generally not well received anyway.

trending communities are going away in the next release iirc due to the current implementation not really being useful.

a moderator on another instance than the community instance

that was a logic flaw for the selection of which reports are considered for alerting. a fix is currently being deployed, but you should be good for the next 2 days anyway.

which browser and OS are you using? i haven’t seen this yet with firefox, only not being logged in while it’s loading

it doesn’t work from the post listing, but if you go to the post directly the option should show up

This section is fully removed in the next Lemmy release: https://github.com/LemmyNet/lemmy-ui/pull/2639

The animal abuse alleged at the time was that there was supposedly no healthy vegan cat food.

While the section of the rules was the same (violent content), animal abuse was a separate sentence, not the one about visual depictions:

No visual content depicting executions, murder, suicide, dismemberment, visible innards, excessive gore, or charred bodies. No content depicting, promoting or enabling animal abuse. No erotic or otherwise suggestive media or text content featuring depictions of rape, sexual assault, or non-consensual violence. All other violent content should be tagged NSFW.

This is the exact same paragraph we have today and we had before these changes.

If there was no healthy vegan cat food then this would be considered content enabling animal abuse.

The ToS had no rules on misinformation at the time.

it still had rules about animal abuse, which this misinformation, had it actually been misinformation, would have lead to. while the removal reason could have been more clear, the justification was still covered by our ToS.

new rules created to back their talking points

the additional rules provided more clarification on what we intend to achieve with them, but they would not be required. based on what we know today the removal was neither justified by the original ToS nor by the updated ones.

thanks, fixed on our end. i believe there was a change in one of the newer lemmy releases that should improve this if the activity of unfeaturing got lost somehow.

https://lemmy.world/modlog?page=1&actionType=ModBanFromCommunity&userId=9023060