this post was submitted on 05 Jul 2023
123 points (97.7% liked)

Asklemmy

43810 readers
1617 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy ๐Ÿ”

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 5 years ago
MODERATORS
 

As the Fediverse grows more and more, rules and regulations become more important. For example, is Lemmy GDPR compliant? If not, are admins aware of the possible consequence? What does this mean for the growth of Lemmy?

Edit: The question "is Lemmy GDPR compliant" should mean, does the software stack provide admins with means to be GDPR compliant.

Edit2: Similar discussion with many interesting opinions on lemmy.ml by /u/infamousbelgian@waste-of.space--> https://lemmy.ml/post/1409164

Edit3: direct link to philpo great answer-->https://feddit.de/comment/840786

you are viewing a single comment's thread
view the rest of the comments
[โ€“] seacocker@lemmy.world 1 points 1 year ago* (last edited 1 year ago) (1 children)

My statement about it being up to those running instances is mean in terms of it's up to them to read the legislation and come to a conclusion. If I were hosting an instance I'd certainly assume it applied, though I doubt there has been any case testing its implementation in this sort of situation.

I can see someone starting a lawsuit against a standards incompliant server that ignores deletes and edits, though.

I wonder if the first data breach will draw the attention of a regulator. We're all using essentially alpha software, with no privacy notice, I doubt there are RoPAs or DPIAs, I doubt there is a DPO.. all those things might upset someone like the ICO in the UK if a breach were to occur.

Edit: saying that, I'm not sure any breach would even be reportable given what data is collected by Lemmy.

I'm not even sure what a data breach would look like. I'm guessing the server logs which include the IP addresses, usernames, and password hashes?

If this does go wrong, I'm wary of what will happen. I'm pretty sure Fediverse servers are on thin ice.