Asklemmy

43810 readers

1592 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

Open-ended question
Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
Not ad nauseam inducing: please make sure it is a question that would be new to most members
An actual topic of discussion

Looking for support?

Looking for a community?

Lemmyverse: community search
sub.rehab: maps old subreddits to fediverse options, marks official as such
!lemmy411@lemmy.ca: a community for finding communities

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 5 years ago

MODERATORS

123

Lemmy and GDPR - What is the current state? (lemmy.world)

submitted 1 year ago* (last edited 1 year ago) by NewBrainWhoThis@lemmy.world to c/asklemmy@lemmy.ml

88 comments fedilink hide all child comments

As the Fediverse grows more and more, rules and regulations become more important. For example, is Lemmy GDPR compliant? If not, are admins aware of the possible consequence? What does this mean for the growth of Lemmy?

Edit: The question "is Lemmy GDPR compliant" should mean, does the software stack provide admins with means to be GDPR compliant.

Edit2: Similar discussion with many interesting opinions on lemmy.ml by /u/infamousbelgian@waste-of.space--> https://lemmy.ml/post/1409164

Edit3: direct link to philpo great answer-->https://feddit.de/comment/840786

you are viewing a single comment's thread
view the rest of the comments

[+] cwagner@lemmy.cwagner.me 10 points 1 year ago* (last edited 1 year ago) (1 children)

[deleted]

[–] heartlessevil@lemmy.one 3 points 1 year ago* (last edited 1 year ago) (1 children)

This isn't true since your single user instance is federated. For example, this comment is going to end up on your instance, and it could have my personal data.

edit: here's a meta-link to this comment on your instance: https://lemmy.cwagner.me/comment/2786 -- despite it originating from lemmy.one and the post being lemmy.ml from a user on lemmy.world (interestingly every person involved in this interaction is on a different instance)

[+] cwagner@lemmy.cwagner.me 2 points 1 year ago* (last edited 1 year ago) (1 children)

[deleted]

[–] skullgiver@popplesburger.hilciferous.nl 3 points 1 year ago (1 children)

You can disable most endpoints in your application firewall, or put them behind a whitelist. For federation to succeed you don't need all that many publicly reachable endpoints (mostly a bunch of inboxes and the data for your own user account).

I don't think the privacy policy is sufficient. My post will end up on your server but also on the server this community is hosted on, from which it'll end up on hundreds or thousands of other servers. I've never agreed to any of their privacy policies and terms of service and neither has anyone else here.

The concept of the Fediverse doesn't work well with traditional corporate interpretations of privacy law. Going strictly by the way it's interpreted for traditional social media, you're on the hook for any personal data your private instance stores and makes available. This approach effectively kills the concept of the Fediverse, so I sort of fear the inevitable DPA investigation and/or lawsuits.