Asklemmy

43336 readers

843 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

Open-ended question
Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
Not ad nauseam inducing: please make sure it is a question that would be new to most members
An actual topic of discussion

Looking for support?

Looking for a community?

Lemmyverse: community search
sub.rehab: maps old subreddits to fediverse options, marks official as such
[email protected]: a community for finding communities

~Icon~ ~by~ ~@Double_[email protected]~

founded 5 years ago

MODERATORS

[email protected]

178

What are some downsides of software being federated? (lemm.ee)

submitted 1 year ago by [email protected] to c/[email protected]

115 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 20 points 1 year ago (1 children)

1: Anything that's federated is public (to instance admins) and can't be reliably deleted.

For ActivityPub, that's pretty much everything except user account.

For email (SMTP) that's sender, recipient, subject, and usually body.

Etc. Instance admins can log whatever they want. Laws like the GDPR or CCPA don't apply to all instances.

2: User signup is much harder because choice paralysis over which instance to join often sets in. That in turn leads to default recommendations, resulting in centralization in a few instances. E.g. lemmy.world, beehaw.org, sh.itjust.works, lemmy.ml for lemmy, Gmail, Apple mail, MS Live email, AWS email options for email.

[–] Ziggurat 1 points 1 year ago (1 children)

For your point 1) The same applies to any other social media or good old phpBB forums that some clubs still use. GDPR still apply as soon as you log personal data of an European user. So if an instance admin does shit with the data they can be charged.

GDPR isn't that complicated, tons of small non profit structure (e.g a sport club) deal with personal data without any issue. If you don't spy your user and do the minimum needed amount of data processing your data privacy policy can hold in a couple of lines. It get huge because big social media spy us

[–] [email protected] 2 points 1 year ago

Old-school forums have single points of contact. They're no more private than ActivityPub, but a takedown to the admin is a takedown of all instances. Obviously public data can be cached or archived, so as always you have to send takedowns to every archival service, search engine, and any CDNs too.

The GDPR "applies" whenever an EU resident's data is stored. The enforcement requires some presence in the EU by the entity storing the data. For multinational companies that means if they have any banking services there (e.g. taking payments from EU customers) they have a presence. For individual fediverse admins, that's not necessarily a concern. At worst their instance's domain would get blacklisted to EU users.