Not sure I understand. How could there possibly be a solution? Isn’t this an inherent problem with federation? You can’t un-share information
The images aren’t federated afaik. They live on your home instance. If somebody else views them, they’re loaded directly from there.
However there’s no link between the images and your account. You can’t delete them yourself because Lemmy doesn’t store the “delete token”. They’re effectively orphaned.
Not true, images are federated. Sometimes they are not copied if your instance has a lower image size limit than the instance the image came from (if the image is too large), but generally images are copied between instances.
I did check a few embedded images, and they still seemed to be served from the original. So I dunno. Maybe they’re copied and still served from the original, which would be an odd thing to do.
Aah the embedded ones in comments? Yes to my knowledge those aren’t federated. But pictures posted as posts will be federated.
But you can delete your copy, ask others nicely to delete theirs, and refuse to accept more copies of the same thing.
I’m not sure if Lemmy supports any of this, but it seems pretty important for e.g. child porn.
How can you refuse to accept more copies of the same thing, when you deleted all the version it can compare itself to?
When you get a deletion request, hash the bytes and store the hash.
There could be a legally binding contract stating that any deletion request must be forwarded to all parties it was send to, and that upon receiving such a request the data must be deleted. I do not think this would be unreasonable to ask to servers, especially as this deletion receipt could be fully automated.
legally binding contract
Maybe, but consider that federated servers may be located in entirely different legal jurisdictions, so this might be hard to create, let alone enforce.
When writing a contract you can just specify which legal system the parties agree to use - this is quite common.
I don’t think it will ever come to a lawsuit, nobody would ever want that. Under the GDPR you must be able to delete content, and the server must communicate this to all federated servers. So in effect, there is already a legally binding agreement between all servers that this deletion request must be honored (for people physically in the eu), it’s just not.
lemmy servers are already breaking the GDPR if they don’t follow forwarded deletion requests from people in the eu. This would just effectively be an extension of this to data from all people.
Or there could be a delay of one minute before posts get federated, giving the user the option to quickly delete a comment or post.
That’s a great idea :) Maybe you can submit a feature request for this on GitHub?