You’re on Sopuli, which is hosted in Europe, so it’s an issue for your server. Same with Lemmy.world and Lemmy.ml, actually.
Over half of the Fediverse is hosted in companies that require GDPR compliance. Maybe your private server isn’t, but that doesn’t mean this stuff isn’t relevant for the rest of the network.
As for the CRUD problem: the issue is actually the API design, once you leave a page where you uploaded the image, your browser throws out the delete token and you no longer have control over the image. This could be easily solved by adding a list of attachments and delete tokens to the database so each user can delete their files, but there is currently no frontend or backend API to accomplish that.
Yet GDPR requires if you operate anywhere but allow European citizens to register, you have to be GDPR compliant as well, or risk being blocked by an entire continent.
You can get fined by the entire continent. And you would need to pay up in that case, if living in the US for instance. The laws aren’t toothless, otherwise everyone would be abusing them, instead go to any US news site in Europe, and they’ll tell you they can’t serve content to you for legal reasons.
Yeaaaah no. Look it up, you still have to pay up. It’s insanely good for EU citizens. Look at the top fines - Meta, Google, Amazon, Instagram, Facebook, with fines being tens of milions of dollars. The US works with the EU and you still get fined.
Ofcourse they do, because they want to keep their business working in Europe. Which doesn’t apply to a decentralized system like the fediverse. But they do not have to pay the fine if they shut down all operations within Europe, which no company wants to do.
Most servers are in Europe. Also, yeah, that’s my point - if you shut down access for Europeans, your worries fade away. The thing is - people want to have the cake and eat it too - not comply with GDPR and still allow people in Europe to be able to reach all instances.
Right now, Lemmy is too small to be noticed by anyone. But all it takes is some a-hole reporting GDPR noncompliance, and the entire project will get hit, and it will get hit hard.
“your point” was that the EU can force a fine on any foreign company operating outside the EU for not following local laws, which is ridiculous. But I agree with the rest.
It’s not ridiculous if you actually read up what GDPR is. They can place a fine on any foreign company. It probably won’t be enforced in China, Russia, Iran, etc. But GDPR isn’t a “local law”. Most countries comply with it, hence cookie notices and all that jazz
For these companies, paying such a mundane fine is just the business cost of being able to do whatever they want. The execs figuratively (and perhaps literally too) piss out a fine payment every morning before reading the newspaper company whatsapp account.
You’re on Sopuli, which is hosted in Europe, so it’s an issue for your server. Same with Lemmy.world and Lemmy.ml, actually.
Over half of the Fediverse is hosted in companies that require GDPR compliance. Maybe your private server isn’t, but that doesn’t mean this stuff isn’t relevant for the rest of the network.
As for the CRUD problem: the issue is actually the API design, once you leave a page where you uploaded the image, your browser throws out the delete token and you no longer have control over the image. This could be easily solved by adding a list of attachments and delete tokens to the database so each user can delete their files, but there is currently no frontend or backend API to accomplish that.
Yet GDPR requires if you operate anywhere but allow European citizens to register, you have to be GDPR compliant as well, or risk being blocked by an entire continent.
You can get fined by the entire continent. And you would need to pay up in that case, if living in the US for instance. The laws aren’t toothless, otherwise everyone would be abusing them, instead go to any US news site in Europe, and they’ll tell you they can’t serve content to you for legal reasons.
Oh for sure they will try to fine, but being another sovereignty they have no authority to force a payment.
Yeaaaah no. Look it up, you still have to pay up. It’s insanely good for EU citizens. Look at the top fines - Meta, Google, Amazon, Instagram, Facebook, with fines being tens of milions of dollars. The US works with the EU and you still get fined.
Ofcourse they do, because they want to keep their business working in Europe. Which doesn’t apply to a decentralized system like the fediverse. But they do not have to pay the fine if they shut down all operations within Europe, which no company wants to do.
Most servers are in Europe. Also, yeah, that’s my point - if you shut down access for Europeans, your worries fade away. The thing is - people want to have the cake and eat it too - not comply with GDPR and still allow people in Europe to be able to reach all instances.
Right now, Lemmy is too small to be noticed by anyone. But all it takes is some a-hole reporting GDPR noncompliance, and the entire project will get hit, and it will get hit hard.
“your point” was that the EU can force a fine on any foreign company operating outside the EU for not following local laws, which is ridiculous. But I agree with the rest.
It’s not ridiculous if you actually read up what GDPR is. They can place a fine on any foreign company. It probably won’t be enforced in China, Russia, Iran, etc. But GDPR isn’t a “local law”. Most countries comply with it, hence cookie notices and all that jazz
Have you heard of such small indie developers such as Google, Amazon or Facebook?
The exact same ones who have millions in fines racked up and are paying them? Yes, I have heard of those.
You said it yourself: Millions. Not Billions.
For these companies, paying such a mundane fine is just the business cost of being able to do whatever they want. The execs figuratively (and perhaps literally too) piss out a fine payment every morning before reading the
newspapercompany whatsapp account.