I dont really use it much tbf just thought it was a cool project but I’ve just read about how lemmy instances can be fined for not complying with GDPR Read more

  • Onno (VK6FLAB)@lemmy.radio
    link
    fedilink
    arrow-up
    13
    arrow-down
    1
    ·
    10 months ago

    While the post you link to is new to me, thank you for sharing, the underlying issues associated with running your own instance are what has stopped me from running my own at this stage.

    If the only person on your own instance is you, then none of this really matters, since you are the master of your own destiny. As I understand it, the GDPR doesn’t apply.

    The moment you let anyone else create an account however, there’s a liability. You become exposed to whatever they say in their account on your instance and other laws start applying.

    What I mean by that is as I understand it, any illegal or undesirable activity conducted by an account holder on something you control becomes a legal minefield for you. And you’ll be stuck in the middle between the account holder and the world. Things like the GDPR may apply, but that likely depends on their location.

    So, if your instance is just you, no need to delete it. If it’s more, then I’d be thinking long and hard about who else is there with you.

    Finally, consider the implications of taking money from account holders to finance your instance, now there’s a financial contract between you and them.

    • maltfield
      link
      fedilink
      arrow-up
      1
      ·
      10 months ago

      That would be true if their instance wasn’t federating. If the instance is federating, then it’s downloading content from other users, even if the user isn’t registered on the instance. And that content is publicly available.

      So if someone discovers their content on their instance and sends them a GDPR request (eg Erasure), then they are legally required to process it.