this post was submitted on 19 Jun 2023
158 points (98.8% liked)

Technology

37754 readers
417 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

Federated services have always had privacy issues but I expected Lemmy would have the fewest, but it's visibly worse for privacy than even Reddit.

  • Deleted comments remain on the server but hidden to non-admins, the username remains visible
  • Deleted account usernames remain visible too
  • Anything remains visible on federated servers!
  • When you delete your account, media does not get deleted on any server
you are viewing a single comment's thread
view the rest of the comments
[–] zenithseeker 1 points 1 year ago* (last edited 1 year ago) (1 children)

The originating instance definitely cannot be held responsible for failing to force a separate instance in another country to delete its cached copy of user data imo. I think what is more likely is that EU courts could force European Jimmy instances to only federate with GDPR-compliant instances. (so federation by whitelist rather than blacklist)

[–] philpo@feddit.de 1 points 1 year ago (1 children)

This is incorrect if the data transfer was done voluntarily/planned. This also applies to EU data outside the EU - Meta has been fined a 1.2 billion euro for that.

And no, the definitive definition of the data transfer extent is a key point of the GDPR. Each and every data owner has the right to know where their data is stored exactly. So a "EU only" would not be enough - It is basically already mandatory as transfer to other countries is a major problem after Schrems 2.

[–] zenithseeker 1 points 1 year ago (1 children)

Ah yeah if the originating instance sends data to a secondary one then that is somewhat different.

[–] philpo@feddit.de 2 points 1 year ago

Transfers it voluntarily. Which is the case in the Fediverse.