Warning: You cannot delete posts or comments on Lemmy. It stays up forever, and is in direct violation of GDPR and other national privacy laws.

purple_mimosa@programming.dev · 11 months ago

Warning: You cannot delete posts or comments on Lemmy. It stays up forever, and is in direct violation of GDPR and other national privacy laws.

Silverseren@kbin.social · 11 months ago

It’s been a problem for a while. Considering major social media companies have already gotten massive fines from the EU for violating the GDPR, maybe the lemmy devs will put more effort in setting up a deletion system once the EU sends them a fine for breaking the law?

ttmrichter@lemmy.world · 11 months ago

They can’t fine the “lemmy devs” (nor any other Fediverse devs). They can fine the operators of servers, and even there only those operating servers in the legal jurisdiction of the EU (which is checks notes the EU).

0xtero@kbin.social · 11 months ago

In this case, the “lemmy devs” and the operators of lemmy.ml are the same people and it’s hosted within EU.
But - that’s still a far cry from getting any kind of GDPR violation report going, much less getting it through the process to actual fines.
People like to bring up GDPR violations as a some kind of super-moderator tool, but it isn’t that easy and it definitely isn’t automated.

ttmrichter@lemmy.world · 11 months ago

You are missing ~~the~~several points.

Lemmy is software. lemmy.ml is a server. The devs of Lemmy can’t be fined unless specifically the server they operate (lemmy.ml, recall) is doing something against the GDPR.
There is more than Lemmy in this picture. You’re on kbin. There’s dozens of other servers based on ActivityPub out there, all of which can be breaking the GDPR. This non-problem is not related to Lemmy. It’s the foundational architecture of ActivityPub. (And HTTP, incidentally. And XMPP. And and and and… Literally every distributed protocol ever made or that ever will be made has this non-problem.
The things people are complaining about here may not actually even be covered by GDPR.

0xtero@kbin.social · 11 months ago

Yeah. That’s what I said

ttmrichter@lemmy.world · 11 months ago

Yeah, sorry, man. All the ignorance was blurring together and your post was caught unjustly in the fringe.

FaceDeer@kbin.social · 11 months ago

The EU doesn’t have global jurisdiction, if an instance developer or admin has no EU presence then they could just ignore them.

jman6495@kbin.social · edit-2 11 months ago

Sure, but EU data protection laws may require EU based Lemmy instances to block instances that dont honour deletion requests.

This is why mastodon was built GDPR compliant by design.

Silverseren@kbin.social · 11 months ago

Sure. Lemmy does have such a presence though.

FaceDeer@kbin.social · 11 months ago

“Lemmy” is a piece of software. A piece of software can’t violate the GDPR, it’s just a blob of data. You need to be running a server to do something that would break the GDPR. Those server-running admins are the ones that need to be concerned about their EU presence.

Maybe some of the people developing Lemmy are in that category and might get in trouble, but it will be because they’re running servers not because they’re developing Lemmy. If they get arrested or whatever it has no effect on Lemmy-the-software.