LemmyNet
GDPR Style User Data Export
Requirements
- [X] Is this a feature request? For questions or discussions use https://lemmy.ml/c/lemmy_support
- [X] Did you check to see if this issue already exists?
- [X] Is this only a feature request? Do not put multiple feature requests in one issue.
- [X] Is this a backend issue? Use the lemmy-ui repo for UI / frontend issues.
- [X] Do you agree to follow the rules in our Code of Conduct?
Is your proposal related to a problem?
While a data import / export feature is being worked on, it would be good to have an export only feature for GDPR compliance reasons as well as user comfort.
Describe the solution you'd like.
There should be an API call that, upon user authentication and authorisation, exports all data to (multiple) CSV files. Theese could be zipped first. It would include all comments and posts with the relevant scores and replies as well as the data included in the already implemented user export option. "Private" messages and post images would most likely be exported to a seperate folder in the archive. A rate limit should be applied to this request so that a user can only request this once every 24 hours and no more than, say, 5 per month.
Describe alternatives you've considered.
An alternative would be for the API request to include an email adress. The request then gets made and queed up, so there are not multiple running at the same time. Once completed, the backend sends an email to the user with a download link. After, say 7 days, the zip file gets deleted off of the server.
Additional context
This was discussed in the context of my home instance, feddit.ch, shutting down and there being no way to export my data natively.
You can already import/export your account data on the settings page. Comments, post and private messages can be retrieved through the api, so I dont see why there should be a separate method to download them. It could easily be handled by an external tool like lasim.
Paging through content via the API is less than ideal, and it won't be difficult to add this.
Comments, post and private messages can be retrieved through the api
Is that enough for GDPR compliance?
It would certainly not make it fully compliant, as there are other issues to still solve (Data proccessing objection, and deletion are not automated, but an instance admin could manipulate the database manually), but according to my limited legal skills having a universal export button would, while making the user have even some advanced technicall skills would not make Lemmy compliant with article 20, The right to data portability (gdpr.eu)
https://gdpr.eu/checklist/#tab-4-1
Are public posts even considered as "personal data"? To do this properly it would be necessary to pay a lawyer to figure out how exactly GDPR would apply to Lemmy. If we rely on interpretations from amateurs those will most likely be wrong.
Consoom lawyers
Or just implement the darn feature either way because it reduces vendor lock-in
Consoom lawyers
What do you mean? GDPR is a law so of course it needs to be interpreted by lawyers. And how can an open source project have any vendor lock-in?
I used "vendor lock-in" to refer to any inconvenience in using data outside of Lemmy. With libre software (when backend is included), there's a limit to how dangerous it can be. With lemmy, I now think it's a negligible issue unless a third party export tool doesn't already exist. Bun GDPR compliance is important, and I think it's a bad idea to wait until we know for sure that it requires exporting of posts.
Also, maybe this is a frontend issue.
I can work on this sometime soon. I'm just going to add a simple user data export. We can tweak it later if an actual GDPR lawyer shows up to help with compliance.
For the future, any GDPR compliance advice needs to come from a lawyer, not from random non-lawyers interpreting what they think is correct.