96
Nightmare on Lemmy Street (A Fediverse GDPR Horror Story) - Michael Altfield's Tech Blog
(tech.michaelaltfield.net)
A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).
If you wanted to get help with moderating your own community then head over to !moderators@lemmy.world!
Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy
Well then, once the EU knows about Lemmy, it'll be screwed. Again, you don't get to make excuses when dealing with GDPR. The book will be thrown at you once you have EU citizen's data, which lemmy obviously does. Saying "we made this application without it ever being possible to comply with GDPR" will only get you a bigger fine, or worse.
"Lemmy" (the software) doesn't have any data. It all resides on servers owned by people other than Lemmy's developers. They have the user data and would absolutely be subject to GDPR.
Again, no matter what Lemmy's devs put in place, it doesn't matter because the instance admins can do whatever they want.
Way to go being pedantic about it.
Once they know about one server, they will know about most large instances. Since Lemmy doesn't implement any GDPR features (i.e. cookie notices, a button for deletion, etc) every larger instance will get hit.
Only those based in the EU.