Nightmare on Lemmy Street (A Fediverse GDPR Horror Story) - Michael Altfield's Tech Blog - eviltoast
  • deegeese@sopuli.xyz
    link
    fedilink
    English
    arrow-up
    9
    arrow-down
    7
    ·
    edit-2
    10 months ago

    Inflicting lawyers on an open source project is a great way to drive off the developers.

    If I hear Lemmy has a GDPR problem I assume it’s lawyer BS only European instance admins have to worry about.

    If I hear Lemmy has bugs in basic CRUD functionality, that’s a real issue.

      • kernelle@lemmy.world
        link
        fedilink
        English
        arrow-up
        8
        ·
        10 months ago

        Yet GDPR requires if you operate anywhere but allow European citizens to register, you have to be GDPR compliant as well, or risk being blocked by an entire continent.

        • Maalus@lemmy.world
          link
          fedilink
          English
          arrow-up
          5
          arrow-down
          2
          ·
          10 months ago

          You can get fined by the entire continent. And you would need to pay up in that case, if living in the US for instance. The laws aren’t toothless, otherwise everyone would be abusing them, instead go to any US news site in Europe, and they’ll tell you they can’t serve content to you for legal reasons.

          • kernelle@lemmy.world
            link
            fedilink
            English
            arrow-up
            3
            arrow-down
            2
            ·
            10 months ago

            Oh for sure they will try to fine, but being another sovereignty they have no authority to force a payment.

            • Maalus@lemmy.world
              link
              fedilink
              English
              arrow-up
              3
              arrow-down
              6
              ·
              10 months ago

              Yeaaaah no. Look it up, you still have to pay up. It’s insanely good for EU citizens. Look at the top fines - Meta, Google, Amazon, Instagram, Facebook, with fines being tens of milions of dollars. The US works with the EU and you still get fined.

              • kernelle@lemmy.world
                link
                fedilink
                English
                arrow-up
                6
                arrow-down
                1
                ·
                10 months ago

                Ofcourse they do, because they want to keep their business working in Europe. Which doesn’t apply to a decentralized system like the fediverse. But they do not have to pay the fine if they shut down all operations within Europe, which no company wants to do.

                • Maalus@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  4
                  arrow-down
                  4
                  ·
                  10 months ago

                  Most servers are in Europe. Also, yeah, that’s my point - if you shut down access for Europeans, your worries fade away. The thing is - people want to have the cake and eat it too - not comply with GDPR and still allow people in Europe to be able to reach all instances.

                  Right now, Lemmy is too small to be noticed by anyone. But all it takes is some a-hole reporting GDPR noncompliance, and the entire project will get hit, and it will get hit hard.

                  • kernelle@lemmy.world
                    link
                    fedilink
                    English
                    arrow-up
                    6
                    arrow-down
                    1
                    ·
                    10 months ago

                    “your point” was that the EU can force a fine on any foreign company operating outside the EU for not following local laws, which is ridiculous. But I agree with the rest.

          • lambalicious@lemmy.sdf.org
            link
            fedilink
            English
            arrow-up
            1
            arrow-down
            2
            ·
            10 months ago

            The laws aren’t toothless, otherwise everyone would be abusing them,

            Have you heard of such small indie developers such as Google, Amazon or Facebook?

            • Maalus@lemmy.world
              link
              fedilink
              English
              arrow-up
              3
              ·
              10 months ago

              The exact same ones who have millions in fines racked up and are paying them? Yes, I have heard of those.

              • lambalicious@lemmy.sdf.org
                link
                fedilink
                English
                arrow-up
                1
                arrow-down
                1
                ·
                10 months ago

                You said it yourself: Millions. Not Billions.

                For these companies, paying such a mundane fine is just the business cost of being able to do whatever they want. The execs figuratively (and perhaps literally too) piss out a fine payment every morning before reading the newspaper company whatsapp account.

                • Maalus@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  10 months ago

                  And you think that lemmy devs / admins being hit by thousands of dollars of a fine is going to go the same way facebook goes? That they’ll be able to ignore it and say it’s a cost of business? The giant corps get fined too. The US companies get fined too (for all the people saying “this EU law, me no care”.

    • woelkchen@lemmy.worldM
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      1
      ·
      10 months ago

      If I hear Lemmy has bugs in basic CRUD functionality, that’s a real issue.

      Coincidentally I saw bug reports by that person and another person earlier that day (before the blog post was published), including one opened months ago with absolutely no reaction at all of even acknowledging that this is even an issue: https://github.com/LemmyNet/lemmy/issues/3973

      I’ve heard from time to time that Lemmy developers can be difficult to work with (I never worked with them, so I make it clear that this is hearsay) but I have the suspicion that there is some merit to that.