this post was submitted on 05 Mar 2024
72 points (86.7% liked)

Privacy

31998 readers
1085 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I dont really use it much tbf just thought it was a cool project but I've just read about how lemmy instances can be fined for not complying with GDPR Read more

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 12 points 8 months ago (1 children)

While the post you link to is new to me, thank you for sharing, the underlying issues associated with running your own instance are what has stopped me from running my own at this stage.

If the only person on your own instance is you, then none of this really matters, since you are the master of your own destiny. As I understand it, the GDPR doesn't apply.

The moment you let anyone else create an account however, there's a liability. You become exposed to whatever they say in their account on your instance and other laws start applying.

What I mean by that is as I understand it, any illegal or undesirable activity conducted by an account holder on something you control becomes a legal minefield for you. And you'll be stuck in the middle between the account holder and the world. Things like the GDPR may apply, but that likely depends on their location.

So, if your instance is just you, no need to delete it. If it's more, then I'd be thinking long and hard about who else is there with you.

Finally, consider the implications of taking money from account holders to finance your instance, now there's a financial contract between you and them.

[–] [email protected] 1 points 8 months ago (1 children)

That would be true if their instance wasn't federating. If the instance is federating, then it's downloading content from other users, even if the user isn't registered on the instance. And that content is publicly available.

So if someone discovers their content on their instance and sends them a GDPR request (eg Erasure), then they are legally required to process it.

[–] [email protected] 1 points 8 months ago

I do not believe that is true, but I'm happy to be wrong.