While the RFC specifies a whole bunch on the payload structure there's more than enough in there left to the implementation. It will absolutely not allow interoperability unless messengers will specifically for on adding it. No more than WhatsApp and Skype are, even though both use the signal protocol.
farcaller
joined 1 year ago
That's a great example! I am actually aware of this case. Mind that the article quotes:
Meta’s sanction is for breaching conditions set out in the pan-EU regulation governing transfers of personal data to so-called third countries (in this case the US) without ensuring adequate protections for people’s information.
And we discuss the GDPR in the context of the data requests retrieval in here. So you’re absolutely correct in that they suck about following it to the letter, but I don’t think this particular one applies to this discussion.
I would suggest you to sent a GDPR request to facebook (if you’re in a position to be covered by GDPR and have a facebook account) and to your lemmy instance (being lemmy.world).
Facebook will have a bunch more data on you, undoubtedly, but it will take no time for them to process the request.
Lemmy? Good luck with that. First try finding their privacy page and see what data they actually collect on you. Whom they send it to process. Try reaching the admins maybe? Lemmy has no tooling whatsoever to help with that so they will have to get their hands dirty with postgresql, too.
I like fb no more than anyone in this thread but let's be realistic. They do have a much better story of complying with GDPR specifically than anything in fediverse.
I’m pretty sure the parent company knows how to deal with GDPR between facebook, whatsapp, and instagram. Whatever issues they faced in EU (most probably the EU's Digital Markets Act) isn’t directly related to GDPR, because if it was for GDPR compliance alone I guarantee they'd be in the appstore by this evening.
Isn’t it subject to the same GDPR rules that the whole of fediverse pretends they don’t exist? All it takes is asking facebook what they have on you and unlike some “depersonalized” identifier you can ask for your data based on the activitypub id. It's actually much easier to go after a big corp with such a request as opposed to some random mastodon or lemmy instance.
At that point it's easier to run your own instance, I guess? As it stands now, it's not trivial to scale neither the db storage (postgres) nor the backend (lemmy).
I don’t think that users’ donating parts of compute is a way to go, honestly. You’ll have to think about bad actors (such users will effectively be instance admins for some subset of data), and it might quickly deteriorate into the weird crypto world (aka let's use blockchain as a storage because no one can be trusted to really count the upvotes).
Unfortunately, it's a very tricky issue to solve. I'd say donating to your instance so that its operators have enough finances to support it is the way.
Something something actions and consequences.
They got 10M signups in hours. I honestly don’t think they are in this after “the rest of the fediverse.”
There's no will in there. They must give you your data or else. The only thing they can do is to notify you of a required extension because they are overwhelmed. Sans that, they are obliged by law to give you what's yours.
I made a tool for that just yesterday: https://directory.fstab.sh/. Or try https://lemmyverse.net/ for something much more fancier.
On one side of the spectrum you have the likes of Synology: you pay premium for the software that does what it says in a nice compact enclosure. Good documentation, easy UI, potentially limiting flexibility.
On the other side, you can make a linux box and declare it a NAS. Run whatever storage you want with whatever filesystem. Any enclosure and form factor you can imagine. Infinitely scalable, but also you’re absolutely on your own in configuring and managing it.
I'd suggest figuring a budget first, and then figuring how much of a hands-on approach you want to have.