Article 3 GDPR is straightforward, gdpr will apply.
The real question is how any kind of authority could enforce it ? Almost no chance that any law enforcement/regulator will bother a single-user instance purely on the ground of gdpr…
Article 3 GDPR is straightforward, gdpr will apply.
The real question is how any kind of authority could enforce it ? Almost no chance that any law enforcement/regulator will bother a single-user instance purely on the ground of gdpr…
I’m not so sure about the GDPR status for the Fediverse, I don’t think there’s the law is prepared for “Jerry runs this for people, just for fun”. It’s very much “official organisation” or “money grabbing business” oriented. Someone should fund an actual lawyer to look into this and lay down the real requirements.
I’m working in the gdpr compiance field ;) Using a personnal device to monitor public space doesn’t fall under the household exception, this solution even pre-dates the GDPR (https://curia.europa.eu/jcms/upload/docs/application/pdf/2014-12/cp140175en.pdf).
(the case-law is about camera fixed on a private house, but the logic easily translates in a private server grabbing public data).
but when legal compliance comes up, everybody just sticks their fingers in their ears and pretends not to hear you.
Just as you did ^^
No, Lemmy servers are not exempt from GDPR compliance. The household exemption (you are not subject to gdpr for private activities) only applies for purely personnal activities. As soon as a service is offered to someone else, the exemption is no more applicable.
That’s one of the drawback about open-source projects, they are designed to fulfill a need (persistent storage & decentralised communication for Lemmy), and no one give a f*ck about legalities.
Just to clarify, I’m self-hosting. I’m using neither Proton nor Dropbox.
However, I’m a privacy pro, and I read Privacy Policies on a daily basis (ok… weekly basis).
The US companies recently moved to disclose ALL the providers they are using (including for controller activities) where European companies still hide this information (and disclose only the providers used to deliver the service). For a very concrete example, Salesforces is mentionned by Dropbox where Proton is silent about the crm they use.
On this specific aspect, the USA are ahead of EU.
That’s all I meant.
If you want to read it as “give your data to the USA”, feel free, but that’s not what I said.
I was not saying “Dropbox good” or “Proton bad”, just correcting a few things about the privacy policy in itself and what it means.
Encryption will not protect your privacy in the specific case of Dropbox.
They look into your activity, not files.
And that’s pretty much standard for any kind of commercial SaaS, just because of security concerns.
Also, they are quite transparent about the provider they are using for internal activities (Stripe, etc.). Companies in EU will typically not disclose such information. For example, Dropbox disclose the use of AWS (for hosting the infra & code, I guess), whereas Proton does not disclose any hosting company.
2 main reasons in my view:
It’s possible, I’ve been tricked last year by a similar attack (the sneakiest attack possible to target privacy people, imho).
I praise IT Security for putting so many safeguards, sandboxes and verifications!
It misses the most important information: why.
The CNIL (French privacy regulator) slapped Discord in October last year because they never deleted accounts (hi GDPR).
Since then, all tech companies are hurriedly designing a plan to mass delete inactive accounts.
TL;DR Both are crap and don’t respect your choice when opting out. iOs is even (a tiny bit) worse than Android, as info of nearby devices are being also sent.
Tried the quiz. First question: an app request access to data, what do you do?
Boy, first question and you already fuck up… Never heard about the concept of address?
You know that NAS can go in sleep mode, right? And wake up only when you try to activate them.
But what is the use-case? Only make your holiday films available to a media center? Or do you plan to also use it as a storage for other devices?
In the first case a sbc can do the trick (however can struggle if you share 4k). But I would definitely look into “real” NAS (Synology, qnas, etc.) before using a sbc.
It’s rather the other way around, Word is not 1 to 1 compatible with LibreOffice Writer when it comes to document editing. Writer is far better on that aspect.