“The SCOPE Act takes effect this Sunday, Sept. 1, and will require everyone to verify their age for social media.”
So how does this work with Lemmy? Is anyone in Texas just banned, is there some sort of third party ID service lined up…for every instance, lol.
But seriously, how does Lemmy (or the fediverse as a whole) comply? Is there some way it just doesn’t need to?
Lemmy isn’t social media. Ignoring that though, the law actually says:
According to the Texas Office of the Attorney General, this new law will primarily “apply to digital services that provide an online platform for social interaction between users that: (1) allow users to create a public or semi-public profile to use the service, and (2) allow users to create or post content that can be viewed by other users of the service. This includes digital services such as message boards, chat rooms, video channels, or a main feed that presents users content created and posted by other users.”
Which literally applies to every single site on the entire planet that has a comment section. This law is incredibly unenforceable.
I totally disagree on both counts: forums are social media, and Lemmy is not a mere forum. Lemmy is a platform where people can create forums, and many of those forums (communities) exist mainly to socialize.
I’ll give you that some forums (both on Lemmy and otherwise) that have a clear defined topic - such as tech support for a particular thing - are somewhat different from “social media”, but even in those three are often regulars who use the forum to socialize with each other. Any forum with an “off-topic” subforum is social media in my book, in a very real sense (not just technically).
But hey, we can disagree on this and it’s fine.
It’s a social news aggregator. I assume the difference is, that this is to follow mainly news, whereas social media is to mainly follow people. In my 10 years of reddit and now Lemmy I never followed any account, I was just there for the niche topics and news aggregation.
A forum?? Which have existed for literal decades before social media was a thing? If you define literally anything social as social media then you’re defining the entire internet as social media which is just a useless definition.
It’s absolutely not. It has none of the hallmarks of social media (personal relationship, feed of user activity, likes and shares). It’s a forum. Forums existed for decades before social media. If you define forums as social media then you are defining every comment section on every site, including news sites, help sites, things like stack overflow even, as social media which is clearly ridiculous and so broad as to be a useless definition.
Nuh uh! I’m a Sovereign Netizen and I’m not driving social engagement, I’m just a traveler on the information superhighway!
They said its not but, I think the argument they were trying to make was that it’s not enforceable.
Yep. This is another dumbass politicians trying to solve a problem that doesn’t exist with a solution that doesn’t work.
It’s the internet - so unless you’re under Texas’ jurisdiction, then it’s likely going to just simply be ignored. Lemmy doesn’t have an interest in making money in Texas or anything, so it’s not like they can go after bank accounts, or otherwise retaliate in any manner other than blocking Lemmy in Texas…so…nothing lost.
The same way lemmy works with GPDR. Lemmy completely ignores it.
It doesn’t exactly ignore it, but in a sense GDPR doesn’t apply to Lemmy.
Long story short, GDPR is made to protect private information, and EVERYTHING in Lemmy is public so there is no private information to protect. It’s similar to things like pastebin or even public feed in Facebook, companies cannot be penalized for people willingly exposing their information publicly, but private information that is made public is a problem.
That is entirely incorrect. It is general data protection regulation, not privacy regulation.
You are given certain rights over data relating to you. For example: you may have it deleted. Have you googled the name of a person? At the bottom, you will find a notice that “some results may have been removed”. Under the GDPR, you can make search engines delete links relating to you; for example, links to unflattering news stories (once you are out of the public eye).
Sorry, forgot about answering here. Although the name is General data it is about personal data. I was going to reply with point by point why it either doesn’t apply to Lemmy or it follows GDPR, but I think it might be easier to answer directly your point about right to be forgotten.
First of all Lemmy allows you to delete your posts and user so it complies with it, but even if it didn’t GEPR has this to say:
Paragraphs 1 and 2 shall not apply to the extent that processing is necessary:
Paragraphs 1 and 2 are the right to be forgotten
for exercising the right of freedom of expression and information;
Which one could argue is public forum primary use
for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) in so far as the right referred to in paragraph 1 is likely to render impossible or seriously impair the achievement of the objectives of that processing;
Which again one could argue is part of the purpose of Lemmy as well.
It’s going to be a big problem when the EU catches wind. Gpdr is a nasty law, hard to comply with properly, and has harsh fines. And no, “we tried to comply” will not fly
hard to comply with properly
Not at all. Don’t collect personal data that’s not technically necessary for the service to work. Tell users what data is collected and for what purposes. Done.
At times like this I wish we had /c/LegalAdvice - would love for someone who says “IAAL” to chime in.
Some of the biggest lemmy instances - lemmy.world, feddit.de - are based in the EU. I don’t understand how EU based instances like these would be able to get away with not following GDPR.
Though, it may be more that GDPR doesn’t apply, as per https://decoded.legal/blog/2022/11/notes-on-operating-fediverse-services-mastodon-pleroma-etc-from-an-english-law-point-of-view/
[The UK GDPR] does not apply to … the processing of personal data by an individual in the course of a purely personal or household activity
But for those spinning up an instance of a fediverse service for them and their friends, for a hobby, I think there’s far more scope for argument.
In any case it seems like asking a fediverse instance to be compliant with the GDPR is possible, see for an example at https://sciences.re/ropa/ and https://mastodon.social/@robin/109331826373808946 for a discussion.
a purely personal or household activity
No chance. This is what makes it legal to share data within a family and, to a degree, among friends. Running an open social media platform is neither a personal nor a household activity.
The UK is not part of the EU. They kept the GDPR when they left, but it should not be assumed that the UK interpretation is always the same.
The GDPR is not very thoroughly enforced; much to the chagrin of some people. This may or may not change in the future. It would be politically quite unpopular, a bit like thoroughly enforcing no-parking zones.
They won’t be able to the second someone reports them and a spotlight is put onto them. It does apply. Devs just don’t give a shit and admins are hosting what’s available.
So much freedom that it hurts.
Good luck Texans. Nordman will heed your call