danieljackson

Lemmy is not opimized for google. There is some consideration when you run a full-javascript app like Lemmy, and to the best of my knowledge, Lemmy didn't follow their guideline.

The link I provided says that pseudonymous data can be used to hide personalized data.

If you are a DPO, you can see the appeal and benefits of pseudonymization. It makes data identifiable if needed, but inaccessible to unauthorized users and allows data processors and data controllers to lower the risk of a potential data breach and safeguard personal data.

GDPR requires you to take all appropriate technical and organizational measures to protect personal data, and pseudonymization can be an appropriate method of choice if you want to keep the data utility.

The owner of lemmy.one can use tk338@lemmy.one to map it to an IP and/or email address. This becomes now personally identifiable data. But other instance owners can't map it to any personalized data, so it is basically "anonymized data" for them.

You just have to provide a way to either

• To delete personally identifiable data
• Unlink the personally identifiable data from the pseudonymized data on your local instance.

Disclaimer, IANAL, YMMV, yaddy, yadda,...

Everybody is talking about the GPDR, but the GPDR when hosting in the EU, should be the least if your concerns. As I said elsewhere:

• Lemmy is not doing tracking/personalized-ads.
• Lemmy is only collecting IPs and email addresses as personally identifiable information. It's not sharing them. So it makes GDPR compliance easy.

The real issue is Directive on Copyright in the Digital Single Market which is a nightmare if you want to host lemmy legally. Realistically, the government don't care about a few copyright infrigement by some guy/gal hosting a lemmy instance in their garage.

But, if you want to follow the law to the letter, the EU doesn't have any fair use. So theorically, you need to allow users to only post creative commons images, with attribution. Or do some copyright checks on the content posted on your instance. Here is an EU video on how to comply with the directive, it's a nightmare.

As I said in another comment, the GDPR protects people. And the GDPR only applies to personnaly identifiable data (IPs, email addresses, street address, legal name, date of birh...) Lemmy only collect emails and IPs, and do not share them between instances. So it's very easy to comply to the GDPR as long as you don't do anything shady.

The EU has a marketing issue. They tried to pass legislation to prevent companies to collect data. But instead, company displayed a popup, kept collecting data, and blamed it on the EU. Everytime I see a popup, I blame ruthless data collection.

Actually, Lemmy is most likely violatiing the California Consumer Privacy Act, which, as opposed to the GPDR, gives the right to update/delete any data generated by the user, not only personally identifiable information.

The GDPR doesn't apply only to services hosted in the EU, but any services handling the data of an EU citizen.

This is why some news outlets in the US just decided to block EU users all together, out of laziness.

IANAL, but the GDPR doesn't cover pseudonymous data. Actually the GDPR encourages data processors (= services) to use pseudomization.

Personally identifiable information are IPs, email addresses, street address, name, date of birth, ... Lemmy only collect IPs and email addresses. And these are not shared between instances.

Whether the service is hosted in the EU or not, as long as it serves EU users, lemmy should provide a way to delete emails and ip information in a self serving way. (maybe by deleting the account) In the mean time, instances admins have to fulfil requests to delete emails/ips of EU citizens from the database.

It depends to what you mean by "rich people." Yes, climate shambled by the global north, or the to 20% richest citizens of the planet.

I agree that big corporations bear a big burden for climate change, like, for example, Exxon which knew about CO~2~ since the 50s, and tried to hide it, and lobby against any regulation.

But saying that, us the 99% westerners don't bare responsability by buying a new iPhone every year, is a lie.

4chan is just a bunch of people pretending to be racist/homophobic/... for the lulz. Only a minority are hardcore trump supporters, neonazis, ...

This argument was already settled https://edition.cnn.com/2013/05/22/tech/web/pronounce-gif/index.html

If humans have a bot-like behavior, it's okay to mark them as bot. If a human is only posting to promote products/astroturf, who cares if it's misclassified, it doesn't add anything to the discourse. IMHO, that's good riddance.

And in my solution, at the end the instance owner takes action, it's not like there is no human recourse.

Because there is no karma system on lemmy (thank goodness, I'm against karma), you can easily create a 1000s of bots which will upvote your post and bring it to front page.

The solution is not some custom anti-abuse system which can be game. (Stuff like "you can't vote because of the age of your account", ...) IMHO, the solution is bot detection. Since everything is public an an instance, somebody at some point will start scraping instance to detect bot behavior and inform instance owner. It will come with maturity.