Asklemmy

43661 readers

1308 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

Open-ended question
Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
Not ad nauseam inducing: please make sure it is a question that would be new to most members
An actual topic of discussion

Looking for support?

Looking for a community?

Lemmyverse: community search
sub.rehab: maps old subreddits to fediverse options, marks official as such
[email protected]: a community for finding communities

~Icon~ ~by~ ~@Double_[email protected]~

founded 5 years ago

MODERATORS

[email protected]

Lemmy and GDPR - What is the current state? (lemmy.world)

submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]

11 comments fedilink hide all child comments

As the Fediverse grows more and more, rules and regulations become more important. For example, is Lemmy GDPR compliant? If not, are admins aware of the possible consequence? What does this mean for the growth of Lemmy?

Edit: The question "is Lemmy GDPR compliant" should mean, does the software stack provide admins with means to be GDPR compliant.

Edit2: Similar discussion with many interesting opinions on lemmy.ml by /u/[email protected]> https://lemmy.ml/post/1409164

Edit3: direct link to philpo great answer-->https://feddit.de/comment/840786

all 12 comments

sorted by: hot top controversial new old

[–] [email protected] 0 points 1 year ago (1 children)

Lemmy is GDPR compliant, as far as I know.

Admins can entirely purge you off their instance, should you ask them to, and other servers do not store any personal details that GDPR would require be deletable. By most interpretations.

It can be argued that previously federated data that is now out of reach and as such cannot be deleted, could constitute a breach of GDPR.

[–] [email protected] 0 points 1 year ago* (last edited 1 year ago) (1 children)

GDPR Art 4.(1) 'personal data' means any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

Posts in the Lemmy instances contain information relating to an identifiable natural person (by their user handle), as they contain the person’s ideas and opinions. Therefore the Lemmy instances are handling personal data and must comply with the GDPR.

[–] [email protected] 0 points 1 year ago (1 children)

Lemmy can avoid the impossibly heavy burden of compliance by becoming an underground illegal service and/or IP banning the Europeans Union and/or abolishing the European Union.

[–] [email protected] 0 points 1 year ago (1 children)

abolishing the European Union

Ah, yes. I believe this was step 4 of setting up your self-hosted instance.

[–] [email protected] 1 points 1 year ago

Yes, someone please automate this

[–] [email protected] 0 points 1 year ago (1 children)

Does Lemmy even need to be gdpr compliment? It's not a company, it's private individuals.

[–] [email protected] 1 points 1 year ago* (last edited 11 months ago) (1 children)

[This comment has been deleted by an automated system]

[–] [email protected] 0 points 1 year ago (1 children)

It doesn't apply to purely personal use. See Article 2 section 2 (c). For shits and giggles would fall under that.

[–] [email protected] 1 points 1 year ago* (last edited 11 months ago)

[This comment has been deleted by an automated system]