There could be a legally binding contract stating that any deletion request must be forwarded to all parties it was send to, and that upon receiving such a request the data must be deleted. I do not think this would be unreasonable to ask to servers, especially as this deletion receipt could be fully automated.
Or there could be a delay of one minute before posts get federated, giving the user the option to quickly delete a comment or post.
legally binding contract
Maybe, but consider that federated servers may be located in entirely different legal jurisdictions, so this might be hard to create, let alone enforce.
I don’t think it will ever come to a lawsuit, nobody would ever want that. Under the GDPR you must be able to delete content, and the server must communicate this to all federated servers. So in effect, there is already a legally binding agreement between all servers that this deletion request must be honored (for people physically in the eu), it’s just not.
lemmy servers are already breaking the GDPR if they don’t follow forwarded deletion requests from people in the eu. This would just effectively be an extension of this to data from all people.
