Provide a mechanism for acknowledgements of Delete activities #406
Comments
|
This is probably a useful feature, especially for services concerned with tracking GDPR compliance of downstream processors. However, it's not currently covered in ActivityPub, and it would probably be a nicely-encapsulated FEP. I'd be happy to comment on, and even collaborate on, that FEP, since it has obvious use. |
evanp
added
the
pending-closure-in-7-days
|
me too! i think lots of diff kinds of implementation need this. tag me in the PR or draft PR! |
|
Unfortunately I'm not going to be able to work on this in the near term future, as I've already several ongoing projects. I am hopeful that someone can pick this up though!
|
|
I think this would make for a powerful FEP, not just for activities that the originating actor asks to be deleted, but also legal/copyright takedowns, etc. my question is whether it makes sense to have a single delete activity just for activities, or whether it might be possible to model this beyond activity objects to also work with attachments, which have a different identification/deduplication story across software (ISCC?) and which are not as neatly "owned" by originating actor. |
|
opened a FEP-ideas issue and linked back here, so close away! |
|
@bumblefudge do you mean eg media that instances make copies/transcodings of and host themselves, like masto.host on their CDN? |
|
right, transcodings, upscale/downscale might happen in that form of opinionated federation case, but i'm also thinking about the copyright/IP takedown case where some server may want to detect and/or verifiably remove not just the one version of, say, a copyrighted film that got taken down upstream, but also check its buckets for variants that have been tinted a little or cropped a few seconds short to break its hash. |
|
@evanp I think we should probably keep this open, perhaps a "awaiting FEP" label would be appropriate? |
|
This issue has been mentioned on SocialHub. There might be relevant details there: https://socialhub.activitypub.rocks/t/report-errors-in-server-processing/3006/15 |
@bumblefudge Yeah, I'd say that's safely out of scope for this proposal; that falls more under a Content ID system which can and absolutely has been abused (see Russian trolls claiming copyright over Ukrainian videos on youtube) |
|
@evanp can we change this to |
Currently when an origin server issues a Delete activity, it's a fire-and-forget action, and there's no guarantees that the deletion was actually actioned. Given the various data privacy laws around the world, I think we will need some mechanism to acknowledge a deletion request.
We could use
Acceptthough this could be ambiguous given Accept/Reject is more used around Follows and other activity types, and it's not like it'd be a really acceptable position to "reject" a deletion request from the user who's data is present on your instance. As such, I think we may need some sort of "Acknowledge" activity that just references another activity and says "yup, I've done the thing".In very rough form, this may look like:
This could help users' track the deletion of their accounts across the Fediverse, should they decide they want their content's permanently removed; Any instance that doesn't send back an acknowledgement could then be requested to delete the data through legal processes.
The text was updated successfully, but these errors were encountered: