danieljackson

The link I provided says that pseudonymous data can be used to hide personalized data.

If you are a DPO, you can see the appeal and benefits of pseudonymization. It makes data identifiable if needed, but inaccessible to unauthorized users and allows data processors and data controllers to lower the risk of a potential data breach and safeguard personal data.

GDPR requires you to take all appropriate technical and organizational measures to protect personal data, and pseudonymization can be an appropriate method of choice if you want to keep the data utility.

The owner of lemmy.one can use tk338@lemmy.one to map it to an IP and/or email address. This becomes now personally identifiable data. But other instance owners can't map it to any personalized data, so it is basically "anonymized data" for them.

You just have to provide a way to either

• To delete personally identifiable data
• Unlink the personally identifiable data from the pseudonymized data on your local instance.

Disclaimer, IANAL, YMMV, yaddy, yadda,...

Everybody is talking about the GPDR, but the GPDR when hosting in the EU, should be the least if your concerns. As I said elsewhere:

• Lemmy is not doing tracking/personalized-ads.
• Lemmy is only collecting IPs and email addresses as personally identifiable information. It's not sharing them. So it makes GDPR compliance easy.

The real issue is Directive on Copyright in the Digital Single Market which is a nightmare if you want to host lemmy legally. Realistically, the government don't care about a few copyright infrigement by some guy/gal hosting a lemmy instance in their garage.

But, if you want to follow the law to the letter, the EU doesn't have any fair use. So theorically, you need to allow users to only post creative commons images, with attribution. Or do some copyright checks on the content posted on your instance. Here is an EU video on how to comply with the directive, it's a nightmare.

As I said in another comment, the GDPR protects people. And the GDPR only applies to personnaly identifiable data (IPs, email addresses, street address, legal name, date of birh...) Lemmy only collect emails and IPs, and do not share them between instances. So it's very easy to comply to the GDPR as long as you don't do anything shady.

The EU has a marketing issue. They tried to pass legislation to prevent companies to collect data. But instead, company displayed a popup, kept collecting data, and blamed it on the EU. Everytime I see a popup, I blame ruthless data collection.

Actually, Lemmy is most likely violatiing the California Consumer Privacy Act, which, as opposed to the GPDR, gives the right to update/delete any data generated by the user, not only personally identifiable information.

The GDPR doesn't apply only to services hosted in the EU, but any services handling the data of an EU citizen.

This is why some news outlets in the US just decided to block EU users all together, out of laziness.

IANAL, but the GDPR doesn't cover pseudonymous data. Actually the GDPR encourages data processors (= services) to use pseudomization.

Personally identifiable information are IPs, email addresses, street address, name, date of birth, ... Lemmy only collect IPs and email addresses. And these are not shared between instances.

Whether the service is hosted in the EU or not, as long as it serves EU users, lemmy should provide a way to delete emails and ip information in a self serving way. (maybe by deleting the account) In the mean time, instances admins have to fulfil requests to delete emails/ips of EU citizens from the database.

I'm very defensive when it comes to NSFW. But I think "NSFW flag with mandatory reason from a drop down" (e.g. nudity, sex, violence, gore, explicit-language) is the best solution which satisfy both. That is actually a great idea.

Where is the line between NSFW and XXX?

Nudity? Which nudity? Are nipples NSFW but vulva is XXX?

Multiple people being nude at the same? A photo of a guy holding his penis to masturbate is NSFW, but a photo of a nudist beach is XXX?

Sexual contact? A person is kneeling in front of a penis with their mouth open it's NSFW? But as soon as they hold it, it's XXX?

I'm trying to create a healthy porn community on lemmy. And the hostility of lemmy towards it is worrisome in my opinion. People are calling for de-federating lemmynsfw, people file false reports on my NSFW-only communities, the majority of instances ban porn,…

IMHO, there should be only two tags "NSFW", "NSFL". (= Not Safe For Life, meaning gore) There was this running-joke on reddit last year "when I was younger 'NSFW' on /r/all meant boobs, now it's most likely a video of a bomb being dropped from a drone blowing up russian soldiers."

I don't think we should rate the degree of NSFW or NSFL. Where is the line? I assume a topless lady is NSFW, not porn. But is a fully nude woman or man NSFW, or porn? If it's still "just" NSFW, what about two fully naked men holding each other penises? Or a woman on her knees looking at a penis without touching it, with her mouse open? This is a very fine line.

I'm in favour of most european broadcasting laws: visible nipples are fine as long as they're not sexuality, but "16" or "18" rating is recommended. Visible anus, vulva or penis makes "18/Unrated" mandatory, whether there is intercourse or not.

I would translate this to lemmy to "anything with nipples, anus, vulva or penis visible is NSFW, regardless of intercourse" No grading of "NSFW" or "porn."

Meta is playing the "we want to have an open network" the same way google used to use XMPP/Jabber for gtalk, but as soon as they will get the opportunity, they will lock it down and fuck the federation.

I'm happy that Kev told them to shove it.