GDPR deletion is nonexistent (it won’t delete your username or your messages, making it less effective than on Discord, let alone Signal)
… Etc.
Ironically, older federated messaging systems like XMPP might be better by coincidence. Message archiving was an optional addition and some servers, such as the popular Riseup one, do not implement it.
Yeah, fair. It can’t delete your messages to the extent a centralized system, and that’s an indication of the lack of centralized control? It’s a different threat model I think many find satisfying (though perhaps not most).
in other words, devices don’t delete megolm keys after they’ve been used to decrypt history (which is why you can back them up and share them with your other devices in order to ensure that all your devices can read your history).
Still I could only find:
Your username is stored indefinitely to avoid account recycling.
Same for telegram. Most other messagers store only joins.
They don’t control other homeservers. You never know if there is some homeserver/instance that stores everything in Matrix/Mastodon/Lemmy/PeerTube/Pleroma/whatever-else. Still I could only find:
Your username is stored indefinitely to avoid account recycling.
EDIT:
We will forget your copy of your data upon your request. We will also forward your request to be forgotten onto federated homeservers. However - these homeservers are outside our span of control, so we cannot guarantee they will forget your data.
I’m sorry I wasn’t more specific. Since you would have an issue with these things if I had been clearer, allow me to elaborate.
your username will continue to be publicly associated with rooms in which you have participated, even after we have processed your [GDPR] request to be forgotten.
I don’t know how you missed this. Must have been an accident.
We will forget your copy of your data upon your [GDPR right to be forgotten] request
Means the other “copies” of your data are not deleted.
We will forget your copy of your data upon your [GDPR right to be forgotten] request
Means the other “copies” of your data are not deleted.
Looking at next sentence it seems to be either typo or even mistake. Better source would be Dendrite(or do they still use Synapse?) issue tracker. But also in last sentence they explicitly say that it is possible for not all copies to be deleted.
This is no mistake, just a loophole for them to claim GDPR compliance while not complying… Hiding “your copy” of the message from you is basically setting a “deletedForYou=true” flag on the message.
It’s possible to redact messages (which is closer to the spirit of what a normal person expects a deletion to be), but redaction preserves the message metadata, and you cannot ever redact anything for a room you’re no longer in. You can only manually redact one message at a time.
So you can request an account deletion, and you can redact single messages… These features are both built in to the protocol.
But account deletion will never cause any redactions.
I showed you the source. All you can say was “it seems to be either typo or even mistake.”
in last sentence they explicitly say that it is possible for not all copies to be deleted[*]
Same goes for SMTP.
Apples to oranges. Matrix is Matrix, not email.
I noticed you shifted this argument from “Matrix is responsibly deleting data” to “Matrix shouldn’t delete data because…”
* And to clarify, Matrix says “not all copies will be deleted” because they built their server intentionally to never delete any other copy of your messages when you request an account deletion.
Kind of ironic considering that with Matrix…
… Etc.
Ironically, older federated messaging systems like XMPP might be better by coincidence. Message archiving was an optional addition and some servers, such as the popular Riseup one, do not implement it.
Yeah, fair. It can’t delete your messages to the extent a centralized system, and that’s an indication of the lack of centralized control? It’s a different threat model I think many find satisfying (though perhaps not most).
All those points are about how one server communicates with itself. Federation doesn’t factor into it
huh, yeah that’s fair i did not actually notice that :/
EDIT:
I’m sorry I wasn’t more specific. Since you would have an issue with these things if I had been clearer, allow me to elaborate.
I don’t know how you missed this. Must have been an accident.
Means the other “copies” of your data are not deleted.
Looking at next sentence it seems to be either typo or even mistake. Better source would be Dendrite(or do they still use Synapse?) issue tracker. But also in last sentence they explicitly say that it is possible for not all copies to be deleted.
This is no mistake, just a loophole for them to claim GDPR compliance while not complying… Hiding “your copy” of the message from you is basically setting a “deletedForYou=true” flag on the message.
It’s possible to redact messages (which is closer to the spirit of what a normal person expects a deletion to be), but redaction preserves the message metadata, and you cannot ever redact anything for a room you’re no longer in. You can only manually redact one message at a time.
So you can request an account deletion, and you can redact single messages… These features are both built in to the protocol.
But account deletion will never cause any redactions.
By design.
Source please. Anyway:
Same goes for SMTP. Do you complain about SMTP in same way?
I showed you the source. All you can say was “it seems to be either typo or even mistake.”
Apples to oranges. Matrix is Matrix, not email.
I noticed you shifted this argument from “Matrix is responsibly deleting data” to “Matrix shouldn’t delete data because…”
* And to clarify, Matrix says “not all copies will be deleted” because they built their server intentionally to never delete any other copy of your messages when you request an account deletion.