@the IDK the answer either but boosted the post in case someone seeing it can reply.
Uncategorized
3
Posts
3
Posters
0
Views
-
@the IDK the answer either but boosted the post in case someone seeing it can reply. Curious to also know the response, thanks
cc: @Em0nM4stodon -
@the IDK the answer either but boosted the post in case someone seeing it can reply. Curious to also know the response, thanks
cc: @Em0nM4stodonIt’s my opinion that every Mastodon server is a joint controller of personal data under GDPR.
Single-user instances receiving personal data from people you interact with, and includes even special category data if people are discussing their religion or sexuality, that’s all data you temporarily store and process for your use.
Activitypub nor Mastodon discloses to data subjects who all has recieved their data, so it would be very challenging for a data subject to identify and communicate with all Mastodon instances.
Regardless, under GDPR, as a joint controller, you must be responsive to the rights of data subjects.
It’s also in my opinion that, however, Activitypub is a synchronous technology— meaning, when a data subject deletes a post, that deletion should sync (tombstone?) to federated servers who implement the same protocol spec.
But this is a tech that hasn’t been tested in court as far as I know. Just because it’s legally untested, and just because it would be difficult for a data subject to find small instances and make demands based on EU fundamental rights, wouldn’t make joint controllers not responsible to be responsive to data subjects.
There’s no way for a data subject to know if your server is a small or large instance receiving and processing their personal data, or if you do any potentially unlawful processing (not required for the fulfillment of the Activitypub protocol— data subjects have a lawful right to ask and the onus is on the data controller) so again, it’s important to be responsive to requests.
-
It’s my opinion that every Mastodon server is a joint controller of personal data under GDPR.
Single-user instances receiving personal data from people you interact with, and includes even special category data if people are discussing their religion or sexuality, that’s all data you temporarily store and process for your use.
Activitypub nor Mastodon discloses to data subjects who all has recieved their data, so it would be very challenging for a data subject to identify and communicate with all Mastodon instances.
Regardless, under GDPR, as a joint controller, you must be responsive to the rights of data subjects.
It’s also in my opinion that, however, Activitypub is a synchronous technology— meaning, when a data subject deletes a post, that deletion should sync (tombstone?) to federated servers who implement the same protocol spec.
But this is a tech that hasn’t been tested in court as far as I know. Just because it’s legally untested, and just because it would be difficult for a data subject to find small instances and make demands based on EU fundamental rights, wouldn’t make joint controllers not responsible to be responsive to data subjects.
There’s no way for a data subject to know if your server is a small or large instance receiving and processing their personal data, or if you do any potentially unlawful processing (not required for the fulfillment of the Activitypub protocol— data subjects have a lawful right to ask and the onus is on the data controller) so again, it’s important to be responsive to requests.
@yawnbox @Crissy @the @Em0nM4stodon I think the idea is that remote servers are secondary processors, and your own server has a responsibility to notify them when you delete your data, but no more. That said, I think we should have some kind of ack for deletion that says that the server actually deleted it.
Gli ultimi otto messaggi ricevuti dalla Federazione
-
Assemblea nazionale di Rete Kurdistan Italia
@anarchia
Le popolazioni del Kurdistan e del Medio Oriente stanno vivendo un passaggio cruciale. Dopo anni di guerra, invasioni e tentativi di cancellazione politica e culturale, si apre oggi un nuovo scenario complesso: la prospettiva di un processo di pace in...https://www.rivoluzioneanarchica.it/assemblea-nazionale-di-rete-kurdistan-italia/
-
@Gina polyester is ok for repelling water, but it's a terrible insulator and doesn't allow your skin to breathe, so you just get itchy and sweaty despite not actually being warm. Look for 100% wool instead! Ideally a wool overcoat - the length works against both rain and wind and wool is so good that you don't even need a thick/heavy one.
It's even better for bedding because it regulates rather than just cooks. So a wool duvet is good all year round, cooling you in summer and warming in winter.
-
Sarò alla marcia perchè la Palestina trovi finalmente Pace
@giornalismo
articolo21.org/2025/10/saro-al…
Anche stavolta parteciperò alla Marcia della Pace Perugia-Assisi. L’ho fatto tante volte, fin dai tempi della FGCI. Poi, negli anni, con i figli piccoli, figli di noi che stavamo diventando
-
"Amore è un termine troppo debole". Probabilmente #DianeKeaton non avrebbe voluto essere ricordata solo come "la musa di #WoodyAllen". Ma quando sei la protagonista di un #film così, scritto per te come la citazione iniziale, con uno dei finali più belli della storia, è inevitabile. Io e Annie - StreamingCommunity https://streamingcommunityz.me/it/watch/6762
-
Oggi tutti in marcia per la pace!
@giornalismo
articolo21.org/2025/10/oggi-tu…
“Ci sarà una partecipazione molto ampia da ogni parte d’Italia. Ringraziamo tutti coloro che hanno reso possibile questo evento, istituzioni incluse”. Così Flavio Lotti, presidente della Fondazione PerugiAssisi per la Cultura della Pace, ha aperto l’incontro con la stampa
-
@aks bugs filed:
https://bugs.kde.org/show_bug.cgi?id=510510
https://bugs.kde.org/show_bug.cgi?id=510513thank you for the encouragement and assistance
-
Today I realized a mistake so bad they should take my #gamedev license... #solodev #indiegame
-
This is a neat question from a recent Sophos survey
https://news.sophos.com/en-us/2025/10/08/the-state-of-ransomware-in-healthcare-2025/
