this post was submitted on 06 Aug 2023
1438 points (99.0% liked)

Announcements

23258 readers
3 users here now

Official announcements from the Lemmy project. Subscribe to this community or add it to your RSS reader in order to be notified about new releases and important updates.

You can also find major news on join-lemmy.org

founded 5 years ago
MODERATORS
 

This is an opportunity for any users, server admins, or interested third parties to ask anything they'd like to @[email protected] and I about Lemmy. This includes its development and future, as well as wider issues relevant to the social media landscape today.

Note: This will be the thread tmrw, so you can use this thread to ask and vote on questions beforehand.

Original Announcement thread

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 42 points 1 year ago (1 children)

Im not a lawyer so I dont know about GDPR. Do you know how similar platforms such as Mastodon handle it?

[–] [email protected] 26 points 1 year ago* (last edited 1 year ago) (1 children)

Hard to say exactly what Mastodon does, but mastodon.social's privacy policy should give you some direction in how they handle data: https://mastodon.social/privacy-policy

As mastodon.social is based in Germany, they will know about GDPR and have to follow it to the letter.

[–] [email protected] 31 points 1 year ago (3 children)

That sounds like its something for instance admins to handle, nothing we as developers need to care about. Maybe we should add a privacy policy for lemmy.ml but thats it.

[–] [email protected] 16 points 1 year ago

Yea it is ultimately on the admins, but Lemmy just needs to not make it hard to comply with GDPR. So it's up to admins to raise issues when Lemmy is seen as an obstacle to compliance, and it's up to devs to listen and implement compliance features.

[–] [email protected] 11 points 1 year ago

Wouldn’t it be prudent to build features into Lemmy that make it easy for admins to manage user data though?

[–] [email protected] 10 points 1 year ago

That's my take on it as well - GDPR is for the individual instances to deal with, as they're the ones who hold the data on their users and anything coming to them.

The software, of course, can have some design which purges data automatically or whatever, but ultimately the control is whoever is hosting Lemmy so no matter what Lemmy does, people can override it (though some sane defaults are always good, of course).