Lemmy's Image Problem
wedistribute.org
The popular Reddit alternative's user count has grown a lot over the past year. One problem, though: users and admins can't delete images.

Highlighting the recent report of users and admins being unable to delete images, and how Trust & Safety tooling is currently lacking.

  • maynarkh@feddit.nlEnglish
    0·
    6 months ago

    Anything that someone’s identity can be even indirectly inferred is PII. The GDPR explicitly defines usernames as online identifiers as PII.

    The whole “irrespective of whether a payment of the data subject is required” bit is so that it applies to free services like Lemmy as well. Lemmy provides me with a free service. It even monitors me through federation, since it scrapes my username and comments from other instances without my affirmative and explicit consent. Using a service, no matter its nature, is not consent as required by the GDPR.

    There is an explicit cutout for services you offer yourself or your household members. The reason it is there is that free services like Lemmy absolutely do qualify.

    • SupraMario@lemmy.worldEnglish
      0·
      6 months ago

      No it doesn’t, and good luck finding a case where someone has been fined for hosting a free service that doesn’t sell anything.

      • maynarkh@feddit.nlEnglish
        0·
        6 months ago

        There are dozens of cases of fines issued to municipalities, and government offices that don’t do business. France fined a parliamentary candidate. Italy has fined the Italian Archery Federation, an NGO. Germany fined a bunch of individual police officers and an employee of a Covid testing centre.

        Please either start backing up your claim of some supposed nonprofit exception, or go sealioning somewhere else.

          • maynarkh@feddit.nlEnglish
            0·
            6 months ago

            Nice moving the goalposts there. You said “not selling anything”. I think police officers or the “Association for the prevention and study of crimes, abuses and negligence in information technology and advanced communications” don’t sell stuff, they were fined nevertheless.

            If I put a link to for example this case where a small social media provider got fined for nothing more than not handling data well, you could move the goalposts even further.

            Or you could look at the countless cases brought against private individuals where they of course are not selling things. Austria fined a guy under GDPR for having a dashcam!

            So again, you made a claim that there is an exception under GDPR for “forum owners of foss”. Let’s see evidence for that claim.

            • SupraMario@lemmy.worldEnglish
              0·
              6 months ago

              Summary The company has sent invitations to contacts uploaded by its users without their consent or any other legal basis.

              Let’s see, in the EU and was a company that sold and processed data.

              All you have done is provided that companies that hold pii in the EU have been fined before.

              I’ll ask again, please provide a instance of a person who holds no pii operating a forum or instance that is free, sells no data and makes no profit off the instance being fined.