Highlighting the recent report of users and admins being unable to delete images, and how Trust & Safety tooling is currently lacking.

    • Quokka@quokk.au
      link
      fedilink
      English
      arrow-up
      7
      arrow-down
      11
      ·
      10 months ago

      If an entity isn’t in Europe it shouldn’t be a problem at all.

      • RubberDuck@lemmy.world
        link
        fedilink
        English
        arrow-up
        10
        arrow-down
        1
        ·
        10 months ago

        That depends and should depend on what the instance is used for and whom it is used for.

        • Quokka@quokk.au
          link
          fedilink
          English
          arrow-up
          4
          arrow-down
          9
          ·
          10 months ago

          If it’s an instance open to anyone, it’s up to Europeans to not participate if they don’t want to.

              • RubberDuck@lemmy.world
                link
                fedilink
                English
                arrow-up
                5
                ·
                edit-2
                10 months ago

                From your link:

                • a company established outside the EU and is offering goods/services (paid or for free) or is monitoring the behaviour of individuals in the EU.

                A social networks core purpose is processing data, processing of data does pose risks to people.

                I doubt that privacy watchdogs will pursue smaller instances, but pretending it never applies could lead to legal issues.

                • Quokka@quokk.au
                  link
                  fedilink
                  English
                  arrow-up
                  3
                  arrow-down
                  4
                  ·
                  10 months ago

                  Eh i still dont think itd hold up.

                  But more reason to hate European arrogance. Imagine if i could go to say your blog, comment my name and address, and sue you for not going into your database and scrubbing it all. Just another way to benefit big companies at the expense of individuals who dont have the tech skills to comply but want to run their own personal sites.

                  • RubberDuck@lemmy.world
                    link
                    fedilink
                    English
                    arrow-up
                    3
                    arrow-down
                    1
                    ·
                    10 months ago

                    Such an ignorant stance. Privacy is an individuals RIGHT. It should have been the defacto stance for everything.

                    You allowed the corporate fuckery to cloud your thinking it is too much to ask for. It isn’t. And GDPR compliance is usually straightforward.

                    • is the data required to do what you and the user agree, then be explicit on why and store it. (So the content of a post is required, anything else is not).
                    • Do not use data for purposes not explicitly agreed to with the user and remove any data no longer nessecary.
                    • certain data can NEVER be stored unless legally required to do so.

                    If the blog platform in your example had an option to “delete my account” and it would then completely scrubbed this would be plenty compliant probably. As would the option for people to comment without storing anything but the comment.

      • maynarkh@feddit.nl
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        1
        ·
        10 months ago

        Or the US. The US enforces GDPR on behalf of the EU. If the US catches you with misusing EU citizens’ data, they will let the EU take 10 million off your accounts and/or close your instance.