this post was submitted on 07 Jul 2023
1 points (100.0% liked)

Fediverse

35709 readers
316 users here now

A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).

If you wanted to get help with moderating your own community then head over to !moderators@lemmy.world!

Rules

Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration)

founded 2 years ago
MODERATORS
ruud@lemmy.world
TragicNotCute@lemmy.world
Xylinna@lemmy.world
MrCenny@lemmy.world
automodbeta@lemmy.world
woelkchen@lemmy.world
1
GDPR (lemmy.world)
submitted 2 years ago by redditcunts@lemmy.world to c/fediverse@lemmy.world
24 comments fedilink hide all child comments
 

Drive we are so privacy focused here. What is to prevent myself or anybody out there, from starting to report individual instances of GDPR and CCPA.

No lemmy insurances are complying with national privacy laws and nobody is talking about it at all.

you are viewing a single comment's thread
view the rest of the comments
[–] animist@lemmy.one 0 points 2 years ago (2 children)

Can you provide specific and detailed examples

[–] trouser_mouse@lemmy.world 1 points 2 years ago* (last edited 2 years ago) (1 children)

This is just at a really high level. Take for example https://lemdro.id. I am in the UK.

  • I do not get cookie information / consent
  • How do I make a SAR request, it isn't stated
  • What is their data retention and privacy policy, it isn't stated
  • How do I make a data sharing request as a member of law enforcement or government
  • How is data processed if I am under 16/13
  • Is data transferred from an EU to non-EU server if I search their content from another instance? Are the correct controls and risk assessments in place
  • If I delete my .id account under right to be forgotten, how is my request propagated between other instances to ensure my data isn't retained somewhere on another instance which has pulled the data
  • If I use an account from another instance and post an image on .id, and then delete my account, is the image I posted deleted from their server and backups etc

GDPR is very serious and an absolute minefield. I am pretty sure Lemmy and individual instances are not compliant, and I am not sure they can be fully - it may have to be on a best-endeavours basis. Be interesting to see how that holds up under a challenge.

[–] animist@lemmy.one 0 points 2 years ago

Holy shit that is quite a lot

[–] redditcunts@lemmy.world 0 points 2 years ago (2 children)

Can you point my to where the GDPR policy for lemmy.world is?

[–] animist@lemmy.one 0 points 2 years ago

maybe