this post was submitted on 19 Oct 2023
57 points (95.2% liked)

Privacy

31982 readers
335 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
57
(lemmy.ml)
submitted 1 year ago* (last edited 10 months ago) by velox_vulnus@lemmy.ml to c/privacy@lemmy.ml
 

I'm in the process of deleting my entire messages, both from channels and threads. I'm not brave enough to use XMPP, so I'm moving over to Matrix. I've tried removing the phone number multiple time from my Discord app, but it keeps asking for verification, after which, it asks for another phone number. So basically, there's no way out.

And design-wise, I think it's pretty shit. By chance, if I were to reuse a phone number that's been used by another person before, who also happens to have abandoned their Discord account, then there's no way to sign in.

If you were to try accessing the abandoned account, how does that go? Try logging in with your phone number, request for password and then what? It will still send link to the email for account recovery. What if your Discord your email was stolen/abandoned or/and your account was stolen? You're going to be stuck with a phone number that cannot be used, and the malicious actors gets a free pass to do anything.

Now I just want to know if Discord will comply with the GDPR laws, even if I'm not from Europe? Because as of now, I do not want to stay a minute longer over there.

all 24 comments
sorted by: hot top controversial new old
[–] spudwart@spudwart.com 20 points 1 year ago (1 children)

had a phone number attached, just removed it, it allowed me to use my authenticator as verification.

[–] spudwart@spudwart.com 24 points 1 year ago (1 children)

as an aside, sms 2fa is the worst 2fa as sms is completely unencrypted.

[–] mp3@lemmy.ca 10 points 1 year ago

And can be SIMjacked.

[–] DuskyRo@lemmy.world 12 points 1 year ago (1 children)

Prepaid is the way. It shouldn't be but it is.

[–] JackGreenEarth@lemm.ee 7 points 1 year ago (3 children)

Why not just delete your Discord account? That should delete your number.

[–] ripe_banana@lemmy.world 44 points 1 year ago (2 children)

The world would be a better place if companies deleted your information as soon as you delete your account.

[–] amju_wolf@pawb.social 11 points 1 year ago

Anything else you do doesn't matter either if that's your approach. Only not giving them your number in the first place would work.

[–] DmMacniel@feddit.de 7 points 1 year ago

Good news when you are an EU citizen. Send out a GDPR request.

[–] IzzyData@lemmy.ml 4 points 1 year ago

They have probably already sold the information 100 times.

[–] mp3@lemmy.ca 0 points 1 year ago* (last edited 1 year ago) (1 children)

They may retain the phone number as an exemption to GDPR as a reason to fight spam and abuse of their system.

EDIT: look for the "legitimate interests" clause in GDPR.

[–] serratur@lemmy.wtf 5 points 1 year ago (4 children)

How? According to GDRP phone numbers is considered personal information, they dont have any right to use it to combat spam if the person asked for erasure.

[–] Atemu@lemmy.ml 2 points 1 year ago

Combatting spam and other attacks on their systems where the protection of said systems outweighs individual users' rights is PII processing that you explicitly do not need consent for under the GDPR.

This is called "legitimate interest".

[–] mp3@lemmy.ca 1 points 1 year ago

That could be covered under the "legitimate interests" clause, which covers "Fraud prevention" among other things. They do need to justify it if there is an audit.

[–] miss_brainfart@lemmy.ml 1 points 1 year ago (1 children)

Tell them, you know what will likely happen? The damn Clyde Bot will respond in the most unhelpful way. They do not give a single shit, they demonstrate that every time you try to get touch about anything that isn't one of the three things they let you contact them about.

[–] DmMacniel@feddit.de 0 points 1 year ago

then they have a huge huge problem at hand. And a big fine to pay as well.

[–] lordxakio@lemmy.world 4 points 1 year ago

If you are in the US, there are apps that give you a temp number you can use for calls and texts. It gets deleted when you don’t use it after sometime or manually delete it from your account.

[–] InstallGentoo@lemmy.zip 2 points 1 year ago