Legal considerations of self-hosting Lemmy instance - eviltoast

Hi everyone,

I’ve been wondering about legal implications of self-hosting Lemmy. Isn’t it universally required in many countries to moderate the content that you host publicly? What happens when someone posts something illegal on your instance and you don’t won’t to bother with being a mod and just enjoy the technical aspects of it?

Would love to hear your thoughts on this!

  • whoopingsneeze@fedia.io
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    If you don’t want to moderate, don’t let others sign up to your instance. That deals with pretty much all your legal issues.

    For US-based people, register for DMCA notifications. This means if someone posts copyright infringing content, you get a message about it instead of your hosting provider, and you get to remove that content instead of your hosting provider removing your account.

    Check about GDPR compliance. Part of that is fully deleting user content in a timely fashion when they ask. I’ve heard that Lemmy might not be good about that, but I’m not sure. If you have any EU users, you’ll need to comply.

    If you want to run a large instance, you’ll need to have a plan regarding CSAM.

    If you do moderate, use The Bad Space or shared block lists to defederate from the the most problematic instances. I’m not sure whether they’ve really made it to this general corner of the fediverse, though.

    • cstine@lemmy.uncomfortable.business
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      For anyone who doesn’t know what ‘registering for DMCA notification’ means, you’re after https://www.copyright.gov/dmca-directory/

      That said, there’s no particular requirement that a DMCA notice be sent to you even if you have a registered agent and some reporters will send it to the abuse contact for the IP netblock you’re hosted on regardless of registration, so you may want to make sure you understand what steps your provider may or may not take when they get a DMCA notice before you actually get a notice.

  • kadu@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    As much as I disagree with some of them, I recall the folks at the Accidental Tech Podcast spent a good while on this very discussion back when people were migrating from Twitter to Mastodon, and they had some interesting concerns and conclusions.

    The answer is yes, in many places the admin hosting the content could be responsible for the content. Where I live I believe they would have to provide user data about who made the post, and if they refuse, they become the responsible party.

  • Jamoke@lemmy.themainframe.org
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    You can set your instance to private and close registrations, which is what I am doing. That way you can use it only for yourself and a few friends and still be connected to the fediverse. The communities that you make on your self-hosted instance wouldn’t be connected, though.

    • minode@szmer.infoOP
      link
      fedilink
      English
      arrow-up
      0
      ·
      1 year ago

      What’s the benefit of doing this apart from a technical challenge and fun? Such a server wouldn’t support the network in any way, right?

      • Jamoke@lemmy.themainframe.org
        link
        fedilink
        English
        arrow-up
        0
        ·
        1 year ago

        Well, as you mentioned before it’s to enjoy the “technical aspect”, which could be many reasons. For one, if the instance you signed up on shuts down there goes your account with it. I feel better self-hosting because I am in control of when/if it shuts down.

        • melc@feddit.nl
          link
          fedilink
          English
          arrow-up
          0
          ·
          1 year ago

          I’ve actually been playing with this idea myself! Is it hard to set up/manage?

          • Jamoke@lemmy.themainframe.org
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            It was super easy. I just edited the config file in the Ansible playbook and needed to edit the certbot task because I use Cloudflare but other than that it was a breeze.