Highlighting the recent report of users and admins being unable to delete images, and how Trust & Safety tooling is currently lacking.

    • maynarkh@feddit.nl
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      10 months ago

      Lemmy instances offer services to me as an in-EU data subject, and that makes it subject under the very Article 3/2 (a) you linked.

      the offering of goods or services, irrespective of whether a payment of the data subject is required, to such data subjects in the Union

      Since there is federation, a US-based instance would still be a data processor if it IP blocked be as coming from the EU.

      I did in fact read it.

      • SupraMario@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        10 months ago

        Read the rest of it, instead of cherry picking shit. The instance needs to be collecting your data and selling it or making some sort of money off of it.

          • SupraMario@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            10 months ago

            the offering of goods or services, irrespective of whether a payment of the data subject is required, to such data subjects in the Union; or the monitoring of their behaviour as far as their behaviour takes place within the Union.

            Lemmy doesn’t sell anything and it doesn’t monitor you or collect pii.

            • maynarkh@feddit.nl
              link
              fedilink
              English
              arrow-up
              1
              ·
              10 months ago

              Anything that someone’s identity can be even indirectly inferred is PII. The GDPR explicitly defines usernames as online identifiers as PII.

              The whole “irrespective of whether a payment of the data subject is required” bit is so that it applies to free services like Lemmy as well. Lemmy provides me with a free service. It even monitors me through federation, since it scrapes my username and comments from other instances without my affirmative and explicit consent. Using a service, no matter its nature, is not consent as required by the GDPR.

              There is an explicit cutout for services you offer yourself or your household members. The reason it is there is that free services like Lemmy absolutely do qualify.

              • SupraMario@lemmy.world
                link
                fedilink
                English
                arrow-up
                1
                arrow-down
                1
                ·
                10 months ago

                No it doesn’t, and good luck finding a case where someone has been fined for hosting a free service that doesn’t sell anything.

                • maynarkh@feddit.nl
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  arrow-down
                  1
                  ·
                  10 months ago

                  There are dozens of cases of fines issued to municipalities, and government offices that don’t do business. France fined a parliamentary candidate. Italy has fined the Italian Archery Federation, an NGO. Germany fined a bunch of individual police officers and an employee of a Covid testing centre.

                  Please either start backing up your claim of some supposed nonprofit exception, or go sealioning somewhere else.