this post was submitted on 30 Aug 2024
237 points (98.0% liked)

Ask Lemmy

27042 readers
1354 users here now

A Fediverse community for open-ended, thought provoking questions

Please don't post about US Politics. If you need to do this, try [email protected]


Rules: (interactive)


1) Be nice and; have funDoxxing, trolling, sealioning, racism, and toxicity are not welcomed in AskLemmy. Remember what your mother said: if you can't say something nice, don't say anything at all. In addition, the site-wide Lemmy.world terms of service also apply here. Please familiarize yourself with them


2) All posts must end with a '?'This is sort of like Jeopardy. Please phrase all post titles in the form of a proper question ending with ?


3) No spamPlease do not flood the community with nonsense. Actual suspected spammers will be banned on site. No astroturfing.


4) NSFW is okay, within reasonJust remember to tag posts with either a content warning or a [NSFW] tag. Overtly sexual posts are not allowed, please direct them to either [email protected] or [email protected]. NSFW comments should be restricted to posts tagged [NSFW].


5) This is not a support community.
It is not a place for 'how do I?', type questions. If you have any questions regarding the site itself or would like to report a community, please direct them to Lemmy.world Support or email [email protected]. For other questions check our partnered communities list, or use the search function.


Reminder: The terms of service apply here too.

Partnered Communities:

Tech Support

No Stupid Questions

You Should Know

Reddit

Jokes

Ask Ouija


Logo design credit goes to: tubbadu


founded 1 year ago
MODERATORS
 

"The SCOPE Act takes effect this Sunday, Sept. 1, and will require everyone to verify their age for social media."

So how does this work with Lemmy? Is anyone in Texas just banned, is there some sort of third party ID service lined up...for every instance, lol.

But seriously, how does Lemmy (or the fediverse as a whole) comply? Is there some way it just doesn't need to?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 1 month ago

Ok, once more, continuing,

Hmm - if different DPOs can’t agree, then I don’t see how we get to the point of a user friendly manual.

I’m thinking about the issue of web-scraping, in particular. Some say that it’s almost always illegal. The European Commission, for one, disagrees.

I pulled this from google: https://www.morganlewis.com/pubs/2024/05/eu-regulator-adopts-restrictive-gdpr-position-on-data-scraping-impacting-ai-technologies

Thank you, that's a really good example! I understand the need to rein in AI, of course. My point stands (and it doesn't seem like you disagree) - a user friendly manual remains difficult to achieve.

Web-scraping is in some ways related. You could also get (almost all of) the data through scraping. If it’s not legal to scrape lemmy without permission, then it’s probably not legal to spin up your own instance and get the data that way. It depends on your purpose, of course.

Interesting. So pyfedi is a good example - the software supports backfilling when the instance discovers a new community/magazine on another instance for the first time, but it does it via API only. This means no backfilling of comments, and sometimes you can see posts from years ago in a stale magazine but which don't get backfilled because the API doesn't return them.

That’s also why I find the whole issue a little silly. Someone outside Europe could just scrape the data from the web interface and not worry about the GDPR.

Clearview AI is a good example of exactly this kind of bad actor, see https://lemmy.world/comment/12151959

But it seems like even then there are ways to enforce.

You’d have to put all of Europe behind a firewall to make it make sense.

Interestingly I've seen the reverse happen - websites blocking access to ip addresses that appear to be based in the EU to avoid having to deal with the GDPR and its ramifications.

That’s a prime example of why I say the people in charge of the GDPR have no idea of the technology they are regulating.

I disagree. The issue you're describing is a common one in terms of extraterritoriality. How does the IRS get US citizens who are dual citizens living abroad to still pay taxes to the US? Enforcing laws extraterritorially is never easy, but as the IRS has proven, it is possible.

I am one of those hoping that the GDPR would be a tool for the opposite (a way to rein in the big players, so to speak).

Me too. I'd say this is point one of what I'd like the GDPR to achieve.

Such regulation inherently favors big players. The cost of creating a compliant service/app/etc is fairly constant, regardless of the size of the user base.
This is what’s inherently disturbing to me.

Same here. I'm thinking one way forward may be to add funding to expand the agencies - one side does the regulation, but the other side offers free services to small business and individuals to help them comply.

Besides, the GDPR inherently favors elites. Most people will never have ... the money to hire professionals to do it right.

No, I think that's a plus of the GDPR. Cost is on the company to comply and relevant gov't agency to chase up if the company doesn't. Facebook was brought in line, so it seems like a success so far. An example of point one above working.

Besides, the GDPR inherently favors elites. Has anyone ever ... chased after you to get paparazzi pictures? Some people’s personal data is worth a lot more than that of others. Most people will never have to worry about scrubbing unflattering media stories from search engines,

Isn't this specifically covered by the journalism exception that the GDPR providers? https://verfassungsblog.de/the-gdprs-journalistic-exemption-and-its-side-effects/

Has anyone ever tracked your private jet on twitter?

I can kind of understand this though. What if I want that hidden so militants with missiles can't shoot me down? Easily justifiable by protection of life.

Even if it is flawed it’s still a step in the right direction IMVHO. I’m in Canada, which had PIPEDA back in 2000 - 18 years before the GDPR took effect in the EU.

Tell me what you hope the GDPR will achieve and I’ll tell you if there is any chance.

See where I mention point one above.

I’d write what the fundamental problems are, but time is short.

Seeing as it's a couple of months later, I'd add that I'm willing to wait if you think you will ever get around to it. Though you have already brought up some good points - the most salient one beinrg that GDPR compliance is simply too expensive and not user friendly for a small time individual, but I still feel that this is something that can be improved upon without major revisions to the GDPR itself.