As the Fediverse grows more and more, rules and regulations become more important. For example, is Lemmy GDPR compliant? If not, are admins aware of the possible consequence? What does this mean for the growth of Lemmy?
Edit: The question “is Lemmy GDPR compliant” should mean, does the software stack provide admins with means to be GDPR compliant.
Edit2: Similar discussion with many interesting opinions on lemmy.ml by /u/infamousbelgian@waste-of.space–> https://lemmy.ml/post/1409164
The GDPR also applies to invidivuals. It’s not very common, but if you start your own private data collection for shit and giggles you’ll have to take the necessary steps to comply with the GDPR. Of course you won’t need a data privacy officer or anything like that as an individual, but you do need to take certain precautions.
Now, with the way social media works, I’m pretty sure you can get away with claiming all data collected is necessary to make the system work in the first place, and Lemmy doesn’t even collect all that much data.
Most instances also accept donations and other financial incentives as well. That makes the entire system more complicated. With lemmy.world and other servers being run by Europeans, I’d say a significant part of Lemmy definitely does need to comply with the GDPR.
It doesn’t apply to purely personal use. See Article 2 section 2 ©. For shits and giggles would fall under that.
I don’t think a networked service repeating collected data to the internet would fall under “purely personal or household activity”.
The exception would make perfect sense for a personal address book or something like that, but if you manage to collect enough data to make leaks a problem for other people I don’t think you’ll get away with “just a personal project”.
I agree. I was replying to your comment that GDPR applies to private data collection for shits and giggles, which isn’t correct. For Lemmy, I’m certain it applies. GDPR applies to small churches even