this post was submitted on 06 Aug 2023
919 points (98.8% liked)
Announcements
23269 readers
123 users here now
Official announcements from the Lemmy project. Subscribe to this community or add it to your RSS reader in order to be notified about new releases and important updates.
You can also find major news on join-lemmy.org
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
That's what I thought too until I looked it up. It applies to individuals as well.
As someone not residing in the EU, I don't see how they could possibly enforce that. Best they could do is block my instance I suppose. Have they done that for any small site?
I mean, I would delete/provide all data of any user who requests me to do so for themselves. But I'm likely not following every facet of the GDPR.
They don't work like that, they have no technical capabilites. I think it would work more like a company being ordered to pay a fine if a user on your instance finds out that his data is not deleted if he asks.
But this is complicated so I hope someone else has good input on this topic. Someone must have run a website with registered users in Europe before without being a corporation.
The fediverse brings a new touch to all of this also, since the posts and comments are replicated across instances. Will that matter to the EU law? Maybe, maybe not.
What does "processing" data mean though?
Basically, anything that involves the data being present somewhere in information systems that you control. Taking decisions based on it, displaying it on a webpage, make decisions based on it, even just storing it, all counts as processing under GDPR.
Asking chat gpt, so take it with a bit of salt, but it's usually correct about these things.