“The SCOPE Act takes effect this Sunday, Sept. 1, and will require everyone to verify their age for social media.”

So how does this work with Lemmy? Is anyone in Texas just banned, is there some sort of third party ID service lined up…for every instance, lol.

But seriously, how does Lemmy (or the fediverse as a whole) comply? Is there some way it just doesn’t need to?

34 points

If you don’t operate in Texas, do you have you comply? Is the easy fix is don’t have your servers be in Texas?

permalink
report
reply
12 points

Someone can correct me if im wrong, but, pretty sure its any social media. Similar to what happened with pornhub.

According to the Texas Office of the Attorney General, this new law will primarily “apply to digital services that provide an online platform for social interaction between users that: (1) allow users to create a public or semi-public profile to use the service, and (2) allow users to create or post content that can be viewed by other users of the service. This includes digital services such as message boards, chat rooms, video channels, or a main feed that presents users content created and posted by other users.”

permalink
report
parent
reply
28 points

I mean my question was addressing the scope of the jurisdiction Texas can have over a server in another state. It feels like the onus is on them (or the ISPs in Texas) to block that server

permalink
report
parent
reply
4 points
*

Maybe someone is better equip to answer this question. As far as I understand, it is up to the social media company, as it is operating in the state. Sort of the way the corporate office of a national grocery store can be sued.

https://www.texaspolicy.com/wp-content/uploads/2023/04/2023-05-BillAnalysis-HB18-Updated.pdf

First, it prohibits digital service providers from entering into an agreement with a known minor unless they have verifiable parental consent.

It seems its up to whomever is registering the account. If the person is under 18 they see a scrubbed version, of the person is over 18 they have full access. I’m not sure an ISP has control like that. I could be wrong.

I know with pornhub, the ISP didn’t block the site, pornhub itself did.

permalink
report
parent
reply

Aha,

Exemptions Small businesses as defined by the Small Business Administration (SBA);

Not sure how’d this work overseas, but basically lemmy.world and friends just needs to apply to SBA to get recognized as a small business, and they’re all good. (Or perhaps they could try to apply thru a US Embassy; or apply at a local authority and argue for legal equivalence between the SBA’s recognition and their own country’s).

As for enforcement, well,

If someone were to violate the act, the AG’s office may seek … civil penalties of up to $10,000 per violation, and attorneys’ fees

So yeah basically it comes down to trying to grab money. So as they say about sucking blood from a turnip…

permalink
report
parent
reply

(1) allow users to create a public or semi-public profile to use the service

So it seems like I’m safe. I run my own single-user instance to federate and post - but I don’t allow others to sign up at all, so they can’t create a public or “semi-public” profile here (and what does semi-public mean?)

permalink
report
parent
reply
1 point
*

I find this interesting. Does one just install software and buy a domain? I would assume theres somewhere you have to register with in order to federate. I mean, if theres no one to go after, this would be a nice work around. At least, until theres a site for every Texan that figures it out.

I think semi public would be like setting your facebook profile to private. It shows your name, and basic details, but doesn’t show all your posts or interactions.

Edit: haha, you kinda answered this somewhere else as I was typing.

permalink
report
parent
reply
1 point

I was going to argue that your account is publicly viewable, but I realized that you may still be right. This depends on their definition of what is a user.

Same with semi-public. May even be used for anything that is not public but they don’t like it.

permalink
report
parent
reply
4 points

Fuck 'em. They want to do this, let Facebook, and Reddit, and Instagram, and TikTok and the fediverse, and any others that I’m forgetting refuse to serve connections to Texas.

Make Texas the ONE PLACE where the internet is just yahoo and thehampsterdance.com

And then when Texans go elsewhere, they realize all they did was punish themselves. The rest of the world moves on without them.

permalink
report
parent
reply
5 points

If you own an instance it’s better to check with a lawyer. They might give you a warning first or they might go after you immediately. How effective that is depends on what country you live in and which country the server is in.

permalink
report
parent
reply

My guess is that the law is basically extra-territorial - meaning that in theory it applies no matter where you are based.

For a for-profit service this is more enforceable - just gotta find a way to seize the stream of money flowing out of Texas for violate of the law.

For a service based in the US this is more enforceable - just gotta get the federal system and other states to cooperate, and enforce Texas’s court judgement, and then Texas can find a way to seize the stream of money flowing around and out of the US (or perhaps seize the US assets of the company).

For a non-commercial entity based in the territory of the European Union that has no funds flowing at all from the US (think lemmy.world or feddit.de here) then it’s probably quite a bit harder to do anything at all in terms of effective enforcement.

permalink
report
parent
reply
2 points

I’m gonna petition my state to make a law that if someone is from Texas and tries to enforce Texan laws on my state, they’re executed on the spot.

Should be about as enforceable as this joke of a law.

permalink
report
parent
reply
17 points

Texas: “I’m gonna let you finish but I’m just going to keep regressing right now.”

permalink
report
reply
145 points

Why should it affect LW or any other (non-Texan) instance? Any rogue country with populists at the head can implement any arbitrary legislation. That does not affect Lemmy instances hosted in countries with reasonable governments. If Texas wants to enforce their rules (or punish for non-compliance), it is on them to approach instance admins or block the site in their corner of the global internet.

permalink
report
reply
42 points

This is a fair view. I’m not sure anyone has gotten that far, especially outside the country.

Heres an article about a similar bill in Utah, that hasn’t gone into effect yet.

What’s not clear from the Utah bill and others is how the states plan to enforce the new regulations.

I mean if the general consensus is that it doesn’t apply, then, cool.

permalink
report
parent
reply
83 points
*

I live in Texas, and can confidently tell you the people writing these laws have no fundamental concept of what the internet is or how to implement or enforce such a law for consistent adherence.

I can also tell you with confidence this law will be wielded with impunity against specific companies/sites our corrupt, petulant AG decides to go after. Fuck Ken Paxton.

As far as users in Texas, this is nothing a VPN can’t fix.

permalink
report
parent
reply
17 points

They think it’s a big truck that you can just dump something on

permalink
report
parent
reply
8 points

Is there a way to put a VPN on the router, so that all devices are covered?

permalink
report
parent
reply
22 points

I can absolutely see Texas looking at it the other way. “Your website can be accessed by our citizens? On you to comply with our laws.” They then spit out a bunch of criminal charges that make things rather inconvenient for some instance hosts. The US reach into international banking systems is uncomfortably long.

The real problem question is about federation. You can post to an instance from any federated instance. If an account is created in one instance and the user posts to a federated instance are both liable? You have to be able to create accounts AND post to be subject to the law. Can one instance not allow posts but host accounts for participation in other instances to skirt around the law?

permalink
report
parent
reply
28 points

That would require jurisdiction to charge them anyways. They do not have such power.

permalink
report
parent
reply
21 points

jurisdiction and extradition. theyre too busy suppressing voting and melting their elderly.

permalink
report
parent
reply
1 point

isn’t this exactly what happened with porn sites?

permalink
report
parent
reply
1 point

Interstate commerce is not under the jurisdiction of any state, it’s under the jurisdiction of the federal government. They’d need a federal bill passed.

permalink
report
parent
reply
12 points

Look where it’s hosted? Sorry, but this approach has been outdated for decades. Laws apply when you address the users inside that legislation. No matter where you are, where your server is, etc.

permalink
report
parent
reply
3 points

Do you have examples of that? From what I’ve seen the laws only apply if a business has a physical presence in that state or country.

permalink
report
parent
reply
9 points

Pornhub is an example of exactly this. They’ve blocked whole stares like Arkansas and Utah over these kinds of laws. I highly doubt pornhub has a physical presence in Arkansas of all places.

permalink
report
parent
reply
3 points

Is there any Lemmy hosted in the US? Texas can put on a stunt against any US instance, but don’t see them even trying for anything from the rest of the world. Too much work/money with too little chance of success.

permalink
report
parent
reply
2 points

And the state I’m in would tell them to fuck right off and would probably allow me to counter sue Texas into the ground for harassment. I don’t think Texas wants to mess with states that have massive GDPs and contribute lots of money to the federal government.

permalink
report
parent
reply
34 points

So much freedom that it hurts.

permalink
report
reply
49 points

The same way lemmy works with GPDR. Lemmy completely ignores it.

permalink
report
reply
12 points

That’s the vibe I’m getting. No problem.

permalink
report
parent
reply

At times like this I wish we had /c/LegalAdvice - would love for someone who says “IAAL” to chime in.

Some of the biggest lemmy instances - lemmy.world, feddit.de - are based in the EU. I don’t understand how EU based instances like these would be able to get away with not following GDPR.

Though, it may be more that GDPR doesn’t apply, as per https://decoded.legal/blog/2022/11/notes-on-operating-fediverse-services-mastodon-pleroma-etc-from-an-english-law-point-of-view/

[The UK GDPR] does not apply to … the processing of personal data by an individual in the course of a purely personal or household activity
But for those spinning up an instance of a fediverse service for them and their friends, for a hobby, I think there’s far more scope for argument.

In any case it seems like asking a fediverse instance to be compliant with the GDPR is possible, see for an example at https://sciences.re/ropa/ and https://mastodon.social/@robin/109331826373808946 for a discussion.

permalink
report
parent
reply
4 points

They won’t be able to the second someone reports them and a spotlight is put onto them. It does apply. Devs just don’t give a shit and admins are hosting what’s available.

permalink
report
parent
reply
2 points

a purely personal or household activity

No chance. This is what makes it legal to share data within a family and, to a degree, among friends. Running an open social media platform is neither a personal nor a household activity.

The UK is not part of the EU. They kept the GDPR when they left, but it should not be assumed that the UK interpretation is always the same.

The GDPR is not very thoroughly enforced; much to the chagrin of some people. This may or may not change in the future. It would be politically quite unpopular, a bit like thoroughly enforcing no-parking zones.

permalink
report
parent
reply
-3 points

It’s going to be a big problem when the EU catches wind. Gpdr is a nasty law, hard to comply with properly, and has harsh fines. And no, “we tried to comply” will not fly

permalink
report
parent
reply
2 points

hard to comply with properly

Not at all. Don’t collect personal data that’s not technically necessary for the service to work. Tell users what data is collected and for what purposes. Done.

permalink
report
parent
reply
1 point

It is a problem. If anyone complains or sues about GDPR compliance, they will get fined and/or have to pay damages.

There’s also other regulations, like the DSA. I’m fairly sure the GDPR isn’t the only legal problem.

permalink
report
parent
reply
7 points

It doesn’t exactly ignore it, but in a sense GDPR doesn’t apply to Lemmy.

Long story short, GDPR is made to protect private information, and EVERYTHING in Lemmy is public so there is no private information to protect. It’s similar to things like pastebin or even public feed in Facebook, companies cannot be penalized for people willingly exposing their information publicly, but private information that is made public is a problem.

permalink
report
parent
reply
2 points

That is entirely incorrect. It is general data protection regulation, not privacy regulation.

You are given certain rights over data relating to you. For example: you may have it deleted. Have you googled the name of a person? At the bottom, you will find a notice that “some results may have been removed”. Under the GDPR, you can make search engines delete links relating to you; for example, links to unflattering news stories (once you are out of the public eye).

permalink
report
parent
reply
1 point

Sorry, forgot about answering here. Although the name is General data it is about personal data. I was going to reply with point by point why it either doesn’t apply to Lemmy or it follows GDPR, but I think it might be easier to answer directly your point about right to be forgotten.

First of all Lemmy allows you to delete your posts and user so it complies with it, but even if it didn’t GEPR has this to say:

Paragraphs 1 and 2 shall not apply to the extent that processing is necessary:

Paragraphs 1 and 2 are the right to be forgotten

for exercising the right of freedom of expression and information;

Which one could argue is public forum primary use

for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) in so far as the right referred to in paragraph 1 is likely to render impossible or seriously impair the achievement of the objectives of that processing;

Which again one could argue is part of the purpose of Lemmy as well.

permalink
report
parent
reply

Ask Lemmy

!asklemmy@lemmy.world

Create post

A Fediverse community for open-ended, thought provoking questions


Rules: (interactive)


1) Be nice and; have fun

Doxxing, trolling, sealioning, racism, and toxicity are not welcomed in AskLemmy. Remember what your mother said: if you can’t say something nice, don’t say anything at all. In addition, the site-wide Lemmy.world terms of service also apply here. Please familiarize yourself with them


2) All posts must end with a '?'

This is sort of like Jeopardy. Please phrase all post titles in the form of a proper question ending with ?


3) No spam

Please do not flood the community with nonsense. Actual suspected spammers will be banned on site. No astroturfing.


4) NSFW is okay, within reason

Just remember to tag posts with either a content warning or a [NSFW] tag. Overtly sexual posts are not allowed, please direct them to either !asklemmyafterdark@lemmy.world or !asklemmynsfw@lemmynsfw.com. NSFW comments should be restricted to posts tagged [NSFW].


5) This is not a support community.

It is not a place for ‘how do I?’, type questions. If you have any questions regarding the site itself or would like to report a community, please direct them to Lemmy.world Support or email info@lemmy.world. For other questions check our partnered communities list, or use the search function.


6) No US Politics.

Please don’t post about current US Politics. If you need to do this, try !politicaldiscussion@lemmy.world or !askusa@discuss.online


Reminder: The terms of service apply here too.

Partnered Communities:

Tech Support

No Stupid Questions

You Should Know

Reddit

Jokes

Ask Ouija


Logo design credit goes to: tubbadu


Community stats

  • 11K

    Monthly active users

  • 3K

    Posts

  • 100K

    Comments