lemmy icon indicating copy to clipboard operation
lemmy copied to clipboard
verified publisher icon LemmyNet

[Bug]: Unable to delete account as banned user

Open IzzyData opened this issue 2 years ago • 11 comments

Requirements

  • [X] Is this a bug report? For questions or discussions use https://lemmy.ml/c/lemmy_support
  • [X] Did you check to see if this issue already exists?
  • [X] Is this only a single bug? Do not put multiple bugs in one issue.
  • [X] Is this a backend issue? Use the lemmy-ui repo for UI / frontend issues.

Summary

Having a banned account prevents that user from self deleting their account in settings due to not being able to log in.

It might make sense to to allow that user to log in and take no actions other than modify their own settings and delete the account.

Steps to Reproduce

  1. Ban a user
  2. Attempt to log in

Technical Details

This will be the case for all environments.

Version

BE: 0.18.4

Lemmy Instance URL

lemmy.ml lemmy.world

IzzyData avatar Sep 20 '23 13:09 IzzyData

I would agree with that, people should be able to delete comments or posts they've made even when banned, as well as be able to purge their account if they so choose. Though I don't really think changing settings is a good idea since they could still abuse that.

Here's what I think people should be allowed to do in a Banned account:

  • Delete Posts and Comments
  • Initiate Account Deletion
  • Possibly Message Admins

Things they shouldn't be able to do:

  • Vote
  • Post
  • Comment
  • Message Users
  • Upload Images
  • Alter User Settings

Reddit has a similar feature with account suspension. When a user is suspended they are still able to log in but they cannot vote, comment, create posts, send messages to users (only to Admins). They can however delete posts and comments and also delete their account.

DraconicNEO avatar Sep 21 '23 08:09 DraconicNEO

I agree with DraconicNEO's assessment. I've found this to be the way most similar sites to Lemmy work

IzzyData avatar Sep 21 '23 12:09 IzzyData

This should be high priority. Currently it means that lemmy instance admins that have banned any users in the EU are violating the "Right to Erasure" of the GDPR.

The fines for this violation are commonly millions of euros or a percent of of revenue, whichever is higher. At the time of writing, websites have been fined 98.4 million EUR for violating this class of GDPR violation (Insufficient fulfilment of data subjects rights).

This law applies to any website operating anywhere in the world (not just to websites or businesses located in the EU) that has users who are residents of the EU (so it likely affects >90% of public lemmy instances with >100 active users).

maltfield avatar Feb 07 '24 17:02 maltfield

See also [Bug]: Delete Account should delete uploaded media (pictures) too (GDPR right to erasure violation)

maltfield avatar Feb 07 '24 17:02 maltfield

@DraconicNEO you commented in the wrong ticket, but the answer is no.

Please continue any further discussion in the relevant ticket.

maltfield avatar Feb 07 '24 18:02 maltfield

@DraconicNEO you commented in the wrong ticket, but the answer is no.

Please continue any further discussion in the relevant ticket.

Nevermind was wrong, deleted my comment, like it never even happened.

DraconicNEO avatar Feb 07 '24 19:02 DraconicNEO

@maltfield could you take on this issue? We're a little swamped at the moment.

dessalines avatar Feb 08 '24 04:02 dessalines

I don't think this is strictly required by the GDPR. The GDPR allows retaining data for some purposes, it seems to me that preventing abuse would be a perfectly valid reason. If the GDPR would really allow banned users to delete their data, then bans would have no effect, as users could simply evade them with GDPR data deletion at any time, right?

Edit: looked into it a bit more, found this on law.stackexchange.com which seems to support my understanding: https://law.stackexchange.com/a/37916

sunaurus avatar Feb 08 '24 05:02 sunaurus

I don't think this is strictly required by the GDPR. The GDPR allows retaining data for some purposes, it seems to me that preventing abuse would be a perfectly valid reason. If the GDPR would really allow banned users to delete their data, then bans would have no effect, as users could simply evade them with GDPR data deletion at any time, right?

Edit: looked into it a bit more, found this on law.stackexchange.com which seems to support my understanding: https://law.stackexchange.com/a/37916

I mean when a user is banned we still keep the appropriate records on hand, their name is still in the bans list and so is their email and whatever other data is used. Posts and comments aren't part of that needed data, nor are their profile entries.

IMO giving people the ability to login but not do anything other than Deleting or exporting basically kills any chance of them being able to use regulation against an instance, as it gives them the ability to do it then and there. It's likely why Reddit opted to have account suspensions that fully restrict the account as opposed to locking them out, and they have the money and time to deal with legal trolls, smaller Lemmy instances likely don't.

DraconicNEO avatar Feb 08 '24 07:02 DraconicNEO

@dessalines I'm not a rust developer, but I will try to contribute some better documentation to the lemmy project in relation to similar issues this month.

I understand you have more issues than your dev team can handle, but I do hope that you add these data privacy/legal issues to your roadmap as high-priority to be tackled asap.

maltfield avatar Feb 09 '24 19:02 maltfield

For additional context of this issue, please see Nightmare on Lemmy Street (A Fediverse GDPR Horror Story)

Nightmare on Lemmy St - A GDPR Horror Story

maltfield avatar Mar 04 '24 22:03 maltfield