Drive we are so privacy focused here. What is to prevent myself or anybody out there, from starting to report individual instances of GDPR and CCPA.
No lemmy insurances are complying with national privacy laws and nobody is talking about it at all.
Drive we are so privacy focused here. What is to prevent myself or anybody out there, from starting to report individual instances of GDPR and CCPA.
No lemmy insurances are complying with national privacy laws and nobody is talking about it at all.
In the UK a screen name is an identifier. See ICO here. I am in the UK. Therefore combined with other data being collected, e.g. IP. Lemmy and instances I interact with are handling personal data. If it is transferred between instances when I search or view content from one instance to another, there are GDPR implications.
I agree, there is definitely work to be done regarding compliance.
If a screen name is an identifier doesn’t that make literally every social website or forum a potential breach? That seems a bit harsh
Not if they are compliant and handle the data correctly, but yes it is a minefield and pretty strict with potential huge fines for non compliance and breaches! I would not want to be in charge of trying to get it all straight for Lemmy!
Non-federated services keep data on their servers or share it with well-defined set of partners. This can be be done in accordance to GDPR. In fediverse that data is broadcasted to anybody who wants to listen (this make the network open). That is a big difference.
I hope you never send an e-mail overseas. Your e-mail provider would be in breach.
Just to be clear - I don’t think it is in breach but you have federated servers in various countries, some of which may be owned by entities that do business in the EU making copies of and forwarding messages that contain PII .
How would they be in breach?
You send the exact same kind of information when you send an email.
Username, host, and IP.
But e-mail is sent from one entity to another, through servers providing service for one or the other party. Most of Lemmy and Mastodon activities are publicly broadcasted and can be received and collected by any federated server.