Maybe someone can explain this to me.
An #EU citizen trying to access Facebook today faces the following choices (see screenshots).
In there, they say that they are asking this again to comply with #EU rules, and yet the question - and the options to choose from - are the same they had in the past.
So, hm, how does this make them comply with something they werenât complying before? Whatâs the detail Iâm missing?
↳
In-reply-to
»
@johanbove Why not Signal? đ¤
⤠Read More
@Prologic@twtxt.net Looking at Threema because it is European with servers in Switzerland and it has GDPR conformity, among some other reasons.
↳
In-reply-to
»
I'd like to see them fine me 2% of zero dollars
⤠Read More
83(4) GDPR sets forth fines of up to 10 million euros, or, in the case of an undertaking, up to 2% of its entire global turnover of the preceding fiscal year, whichever is higher.
Though I suppose it has to be the greater of the two. But I donât even have one euro to start with.
↳
In-reply-to
»
@prologic Do you have a link to some past discussion?
⤠Read More
@xuu@txt.sour.is I think it is more tricky than that.
âA company or entity âŚâ
Also, as I understand it, âpersonal or household activityâ (as you called it) is rather strict: An example could be you uploading photos to a webspace behind HTTP basic auth and sending that link to a friend. So, yes, a webserver is involved and you process your friendâs data (e.g., when did he access your files), but itâs just between you and him. But if you were to publish these photos publicly on a webserver that anyone can access, then itâs a different story â even though you could say that âthis is just my personal hobby, not related to any job or moneyâ.
If you operate a public Yarn pod and if you accept registrations from other users, then Iâm pretty sure the GDPR applies. đ¤ You process personal data and you donât really know these people. Itâs not a personal/private thing anymore.
↳
In-reply-to
»
@prologic Do you have a link to some past discussion?
⤠Read More
@falsifian@www.falsifian.org The GDPR does not apply to the processing of data for a purely personal or household activity that is not connected to a professional or commercial activity.
↳
In-reply-to
»
@falsifian Do you have specifics about the GRPD law about this?
⤠Read More
@movq@www.uninformativ.de @falsifian@www.falsifian.org @prologic@twtxt.net Maybe I donât know what Iâm talking about and Youâve probably already read this: Everything you need to know about the âRight to be forgottenâ coming straight out of the EUâs GDPR Website itself. It outlines the specific circumstances under which the right to be forgotten applies as well as reasons that trump the oneâs right to erasure âŚetc.
Iâm no lawyer, but my uneducated guess would be that:
A) twts are already publicly available/public knowledge and such⌠just donât process childrenâs personal data and MAYBE youâre good? Since thereâs this:
⌠an organizationâs right to process someoneâs data might override their right to be forgotten. Here are the reasons cited in the GDPR that trump the right to erasure:
- The data is being used to exercise the right of freedom of expression and information.
- The data is being used to perform a task that is being carried out in the public interest or when exercising an organizationâs official authority.
- The data represents important information that serves the public interest, scientific research, historical research, or statistical purposes and where erasure of the data would likely to impair or halt progress towards the achievement that was the goal of the processing.
B) What I love about the TWTXT sphere is itâs Human/Humane element! No deceptive algorithms, no Corpo B.S âŚetc. Just Humans. So maybe ⌠If we thought about it in this way, it wouldnât heart to be even nicer to others/offering strangers an even safer space.
I could already imagine a couple of extreme cases where, somewhere, in this peaceful world oneâs exercise of freedom of speech could get them in Real trouble (if not danger) if found out, it wouldnât necessarily have to involve something to do with Law or legal authorities. So, If someone asks, and maybe fearing fearing for⌠letâs just say âTheir well beingâ, would it heart if a pod just purged their content if itâs serving it publicly (maybe relay the info to other pods) and call it a day? It doesnât have to be about some law/convention somewhere ⌠𤡠I know! Too extreme, but Iâve seen news of people whoâd gone to jail or got their lives ruined for as little as a silly joke. And it doesnât even have to be about any of this.
P.S: Maybe make X tool check out robots.txt? Or maybe make long-term archives Opt-in? Opt-out?
P.P.S: Already Way too many MAYBEâs in a single twt! So Iâll just shut up. đ
↳
In-reply-to
»
@falsifian Do you have specifics about the GRPD law about this?
⤠Read More
@prologic@twtxt.net I have no specifics, only hopes. (I have seen some articles explaining the GDPR doesnât apply to a âpurely personal or household activityâ but I donât really know what that means.)
I donât know if itâs worth giving much thought to the issue unless either you expect to get big enough for the GDPR to matter a lot (I imagine making money is a prerequisite) or someone specifically brings it up. Unless you enjoy thinking through this sort of thing, of course.
↳
In-reply-to
»
@prologic Do you have a link to some past discussion?
⤠Read More
@falsifian@www.falsifian.org Do you have specifics about the GRPD law about this?
Would the GDPR would apply to a one-person client like jenny? I seriously hope not. If someone asks me to delete an email they sent me, I donât think I have to honour that request, no matter how European they are.
Iâm not sure myself now. So letâs find out whether parts of the GDPR actually apply to a truly decentralised system? đ¤
↳
In-reply-to
»
@prologic I wouldn't want my client to honour delete requests. I like my computer's memory to be better than mine, not worse, so it would bug me if I remember seeing something and my computer can't find it.
⤠Read More
@prologic@twtxt.net Do you have a link to some past discussion?
Would the GDPR would apply to a one-person client like jenny? I seriously hope not. If someone asks me to delete an email they sent me, I donât think I have to honour that request, no matter how European they are.
I am really bothered by the idea that someone could force me to delete my private, personal record of my interactions with them. Would I have to delete my journal entries about them too if they asked?
Maybe a public-facing client like yarnd needs to consider this, but that also bothers me. I was actually thinking about making an Internet Archive style twtxt archiver, letting you explore past twts, including long-dead feeds, see edit histories, deleted twts, etc.
O Pai Natal estarĂĄ a violar o RGPD?
Suggestion for the next #GDPR iteration: No landing pages allowed. Content must be served on the first request.
The easiest path to GDPR compliance: switch to a completely static website with no javascript, CGI, or CSS, and rotate the logs daily.
GDPR Hysteria ¡ Jacques Mattheij https://jacquesmattheij.com/gdpr-hysteria
Doc Searls Weblog ¡ GDPR will pop the adtech bubble https://blogs.harvard.edu/doc/2018/05/12/gdpr/