I’m trying to understand how safe it is to use an account on lemmy.world to post dissenting opinions regarding the U.S. government. I have three questions:
- If a subpoena is issued for IP records for a user or their comments, will all historical IP data be available to provide?
- Is there a time limit on how long IP records are kept?
- When a user deletes their account on lemmy.world, are their comments and/or IP records also deleted?
Asking for a friend…
Assume that anything you do can be linked to you, and act accordingly.
Only use a VPN to connect to the internet, and choose a server in a country without an information sharing agreement with the country you’re in.
Use an email service that allows you to generate aliases so your actual email isn’t on record.
Even if they’re not doing those things, they could always start. I year Proton for these things, but you can research the best provider for you.
Only use a VPN…
This instance disallows posting from known VPN IP addresses. Just FYI
That’s a good reason to avoid the instance, then.
I suggest using internet access at public libraries or a dedicated, anonymized, linux based (Tails) laptop and connect to public wifi access points. Coffee shops with outside seating and only outdoor cameras are a good choice.
The fediverse is different than online social media. You have one server who has the data yes, but you are essentially blasting out all of your opinions across the entirety of the fediverse, where anyone or any entity can have a listener. There are no deletes either, meaning that whoever is listening does not have obey the delete request.
We have our open world free from takedowns and corporate, but the tradeoff is privacy. Expect anyone to be listening
Whenever you post something publicly on the internet, it’s best to assume that you may not be able to delete it. Scrapers, search engines, caches, people taking screenshots, … This is of course especially true with the fediverse, where posts are duplicated across servers. (Typically deletion requests are honored, but they might not, or they don’t go through because of an issue, and even then the previously listed issues are still present.)
However, this is only regarding information that’s either public or shared through the protocol, which doesn’t include your IP address or the email address used to register. These are only available to the server your account is on and the client you connect with, if you’re using an app. This information is I believe what OP was asking about, not the posts themselves.
(Without a proxy / VPN (comes with its own up- and downsides) your internet provider can also check some of your internet traffic, such as who you’re connecting to, though typically not what data is being exchanged, due to encryption, like HTTPS.)
whoever is listening does not have to obey the delete request
Say it louder for those in back. I kept getting downvoted when I said that the GDPR won’t help them on the fediverse as there are instances in places it won’t help.
I know me too, I love it here don’t get me wrong, but literally anyone can host an instance. GDPR is great overall, but it doesn’t cover when you blast your data to N number of other servers. There’s no clawback, and even then like we both said, there’s nothing stopping a 3 letter agency for listening and just ignoring the delete request. I love it here, but I’m not going to just give out private info either. If you want encrypted messaging, go to Matrix