This is an opportunity for any users, server admins, or interested third parties to ask anything they’d like to @nutomic@lemmy.ml and I about Lemmy. This includes its development and future, as well as wider issues relevant to the social media landscape today.

Note: This will be the thread tmrw, so you can use this thread to ask and vote on questions beforehand.

Original Announcement thread

  • 1984@lemmy.today
    link
    fedilink
    English
    arrow-up
    0
    ·
    1 year ago

    I asked in the other thread about GDPR.

    Nobody thinks it’s very interesting but if instances don’t follow gdpr, the entire network is at risk of legal consequences.

    So please bring this up, even though it’s not very fun.

    • Dessalines@lemmy.mlOPM
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Neither @nutomic@lemmy.ml or I are too familiar with the GDPR, so we don’t know everything that it requires. Lemmy doesn’t do any logging of IPs or other sensitive info, but of course instance runners could be doing their own logging / metrics via their webservers.

      We have a Legal section under admin settings, that’s an optional markdown field, that can probably be used for it. We’d need someone with GDPR expertise though to help put things together. Lemmy is international software, not european-specific, so we have to keep that in mind when supporting GDPR.

      • 1984@lemmy.today
        link
        fedilink
        English
        arrow-up
        0
        ·
        edit-2
        1 year ago

        That’s what I thought too until I looked it up. It applies to individuals as well.

        If an individual runs a web server and processes personal data of individuals within the European Union, then they are subject to the requirements of GDPR. GDPR applies to anyone, including individuals, who processes personal data of EU residents, regardless of whether they are operating as a business or on a personal basis. It’s important for the individual running the web server to comply with GDPR’s data protection principles and obligations to safeguard the personal data they process.

          • hikaru755@feddit.de
            link
            fedilink
            English
            arrow-up
            0
            ·
            1 year ago

            Basically, anything that involves the data being present somewhere in information systems that you control. Taking decisions based on it, displaying it on a webpage, make decisions based on it, even just storing it, all counts as processing under GDPR.