this post was submitted on 06 Aug 2023
1392 points (98.8% liked)

Announcements

23294 readers
1 users here now

Official announcements from the Lemmy project. Subscribe to this community or add it to your RSS reader in order to be notified about new releases and important updates.

You can also find major news on join-lemmy.org

founded 5 years ago
MODERATORS
 

This is an opportunity for any users, server admins, or interested third parties to ask anything they'd like to @nutomic@lemmy.ml and I about Lemmy. This includes its development and future, as well as wider issues relevant to the social media landscape today.

Note: This will be the thread tmrw, so you can use this thread to ask and vote on questions beforehand.

Original Announcement thread

you are viewing a single comment's thread
view the rest of the comments
[–] nutomic@lemmy.ml 42 points 1 year ago (1 children)

Im not a lawyer so I dont know about GDPR. Do you know how similar platforms such as Mastodon handle it?

[–] matt@lemmy.world 26 points 1 year ago* (last edited 1 year ago) (1 children)

Hard to say exactly what Mastodon does, but mastodon.social's privacy policy should give you some direction in how they handle data: https://mastodon.social/privacy-policy

As mastodon.social is based in Germany, they will know about GDPR and have to follow it to the letter.

[–] nutomic@lemmy.ml 31 points 1 year ago (3 children)

That sounds like its something for instance admins to handle, nothing we as developers need to care about. Maybe we should add a privacy policy for lemmy.ml but thats it.

[–] tatterdemalion@programming.dev 16 points 1 year ago

Yea it is ultimately on the admins, but Lemmy just needs to not make it hard to comply with GDPR. So it's up to admins to raise issues when Lemmy is seen as an obstacle to compliance, and it's up to devs to listen and implement compliance features.

[–] joelghill@lemmy.ml 11 points 1 year ago

Wouldn’t it be prudent to build features into Lemmy that make it easy for admins to manage user data though?

[–] matt@lemmy.world 11 points 1 year ago

That's my take on it as well - GDPR is for the individual instances to deal with, as they're the ones who hold the data on their users and anything coming to them.

The software, of course, can have some design which purges data automatically or whatever, but ultimately the control is whoever is hosting Lemmy so no matter what Lemmy does, people can override it (though some sane defaults are always good, of course).