Hey mastodon admins, the 25th may is coming closer and so the #GDPR. I don't think the Data Protection Authorities will be a big problem at the moment, they are also overwhelmed by the new regulations and they would try to solve the problem in a favorable way before sanctioning an instance.
The real problem will be lawyers trying to gain money from instances which don't follow the regulations imposed by the GDPR. So the big question is, what do we need to do to comply these rules? #mastoadmin
@leah I think in a sense it is a pretty big clusterfuck for any federated network, isn't it? Because the point of Masto is to send personal data to other servers, but GDPR mandates that you have some sort of contract with said servers that you rely data to, no?
Equivalently, how would you implement a "right to forget"? You don't have a contract with other servers that obliges them to delete e.g. a toot. You can't do shit. How could Masto ever be GDPR compliant?
Perhaps, when I post to my personal website that is publicly accessible, the issue is similar. I am making information accessible to anyone.
When I post on Mastodon, it's the same situation, I'm posting to my personal website. I'm also sending this content to the fediverse just like with RSS, for anyone to access.
With email, A writes to B, but the PB server is run by Google, is Google allowed to use that data ?
Le réseau social de l'avenir : pas de publicité, pas de surveillance institutionnelle, conception éthique et décentralisation ! Gardez le contrôle de vos données avec Mastodon !