this post was submitted on 05 Jul 2023
148 points (96.8% liked)

Asklemmy

43857 readers
1649 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy πŸ”

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_[email protected]~

founded 5 years ago
MODERATORS
 

As the Fediverse grows more and more, rules and regulations become more important. For example, is Lemmy GDPR compliant? If not, are admins aware of the possible consequence? What does this mean for the growth of Lemmy?

Edit: The question "is Lemmy GDPR compliant" should mean, does the software stack provide admins with means to be GDPR compliant.

Edit2: Similar discussion with many interesting opinions on lemmy.ml by /u/[email protected]> https://lemmy.ml/post/1409164

Edit3: direct link to philpo great answer-->https://feddit.de/comment/840786

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 12 points 1 year ago (5 children)

There’s no reason why activitypub would be considered any different from email

Are you sure? Email only sends your message to servers which you explicitly ask it to. If you only trust protonmail, you can choose to only send emails to other protonmail addresses. If protonmail chose to share your emails with other third parties regardless, I can't help but think maybe that breaches the GDPR.

Lemmy, by design, propagates copies to instances based on opaque factors outside of the user's control, even when the UI suggests that you are sending content locally. In the case of posting a comment to a community hosted on your home instance: Lemmy will send a copy to whichever servers happen to have users that are currently subscribed to that community. It's a very opaque outcome and pretty far from the outcome you'd experience when sending an email message to someone using the same email provider.

even search engines and internet archives

Yes, but these are genuinely disconnected entities who come across the data as a user might. Lemmy doesn't personally phone up Google and send them a copy of your comment as soon as you post it, but that's basically exactly what happens when Lemmy federates a comment with other instances via ActivityPub.


FWIW: I think Lemmy as a piece of software is actually very aligned with the interests of the EU more generally and I think it would be a bad idea for them to come down on federated social media as a GDPR issue. I nevertheless worry that it represents untested waters and can certainly imagine a reality where it receives a raw deal from regulators.

[–] [email protected] 3 points 1 year ago

Wouldn't this be solvable by one of those cookie banners or some sort of waiver? After all, the only personal information I can think of that is shared is your username, which anyone can see if they just go to your instance. The post and the comments are public, aren't they?

[–] [email protected] 1 points 1 year ago

Wouldn't this be solvable by one of those cookie banners or some sort of waiver? After all, the only personal information I can think of that is shared is your username, which anyone can see if they just go to your instance. The post and the comments are public, aren't they?

[–] [email protected] 1 points 1 year ago

Wouldn't this be solvable by one of those cookie banners or some sort of waiver? After all, the only personal information I can think of that is shared is your username, which anyone can see if they just go to your instance. The post and the comments are public, aren't they?

[–] [email protected] 0 points 1 year ago

Wouldn't this be solvable by one of those cookie banners or some sort of waiver? After all, the only personal information I can think of that is shared is your username, which anyone can see if they just go to your instance. The post and the comments are public, aren't they?

[–] [email protected] 0 points 1 year ago

Wouldn't this be solvable by one of those cookie banners or some sort of waiver? After all, the only personal information I can think of that is shared is your username, which anyone can see if they just go to your instance. The post and the comments are public, aren't they?