this post was submitted on 22 Jun 2023
5 points (100.0% liked)

Privacy

32045 readers
797 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
5
Privacy Policy (lemmy.ca)
submitted 1 year ago* (last edited 1 year ago) by sinnerdotbin@lemmy.ca to c/privacy@lemmy.ml
 

So it seems that no instance has published a privacy policy, many users are asking about such a thing (as they should), and much confusion on how federation happens among users AND some admins. I feel this is pretty important to the survival of Lemmy to work out a privacy policy framework.

Yes, the argument that "everything on the internet stays forever" is true, but there is a big distinction between captured copies, and some of the unique data distribution / management issues that come up with a federated service. It is important to inform the user of this distinction. It is also important to inform them how early the development is.

It is going to scare the pants off some users. I'd argue an educated user on an totally public platform is far more safe than an uneducated one on a closed platform, but let the user decide that for themselves. I'd much rather scare the pants off them then have them coming for me once they get caught with their pants down and feel I didn't do enough to warn them. Can you imagine hundreds of thousands of pantless lemmings with pitchforks coming for you? Not a pretty image.

I AM NOT A LAWYER, but I have created a template based on the Mastodon privacy policy if anyone wants a basic framework to start from:

https://github.com/BanzooIO/federated_policies_and_tos/blob/main/lemmy-privacy-policy.md

I am not overly experienced with instance management yet, but I have done my best to cover all aspects of how data is federated. Please contribute in correcting any errors.

I also feel it is important for admins to disclose the current lack of SSL support in connecting to PostgreSQL and what the local admin has done to mitigate the risk.

Issues on open on the topic of privacy policies here: https://github.com/LemmyNet/lemmy/issues/721 and https://github.com/LemmyNet/lemmy-ui/issues/1347

you are viewing a single comment's thread
view the rest of the comments
[โ€“] nodsocket@lemmy.world 0 points 1 year ago* (last edited 1 year ago) (1 children)

Good thinking. A privacy policy is very important to protect instances from legal trouble. Honestly, the Lemmy project should hire a professional lawyer to write this.

[โ€“] sinnerdotbin@lemmy.world 1 points 1 year ago* (last edited 1 year ago)

Definitely, thus the repeat warnings.

But some instances must really get on this sooner than later depending on their location, and this at least provides a starting framework to consult with someone on the laws locally.

Providing such a thing even when not required goes a long way in establishing trust with users, and honestly gives admins a reference on how they should be configuring and managing their instance data.

Plan to expand into templates for terms of service, moderator policies, mission statements, etc.