That’s a great example! I am actually aware of this case. Mind that the article quotes:

Meta’s sanction is for breaching conditions set out in the pan-EU regulation governing transfers of personal data to so-called third countries (in this case the US) without ensuring adequate protections for people’s information.

And we discuss the GDPR in the context of the data requests retrieval in here. So you’re absolutely correct in that they suck about following it to the letter, but I don’t think this particular one applies to this discussion.

I would suggest you to sent a GDPR request to facebook (if you’re in a position to be covered by GDPR and have a facebook account) and to your lemmy instance (being lemmy.world).

Facebook will have a bunch more data on you, undoubtedly, but it will take no time for them to process the request.

Lemmy? Good luck with that. First try finding their privacy page and see what data they actually collect on you. Whom they send it to process. Try reaching the admins maybe? Lemmy has no tooling whatsoever to help with that so they will have to get their hands dirty with postgresql, too.

I like fb no more than anyone in this thread but let’s be realistic. They do have a much better story of complying with GDPR specifically than anything in fediverse.

I’m pretty sure the parent company knows how to deal with GDPR between facebook, whatsapp, and instagram. Whatever issues they faced in EU (most probably the EU’s Digital Markets Act) isn’t directly related to GDPR, because if it was for GDPR compliance alone I guarantee they’d be in the appstore by this evening.

Isn’t it subject to the same GDPR rules that the whole of fediverse pretends they don’t exist? All it takes is asking facebook what they have on you and unlike some “depersonalized” identifier you can ask for your data based on the activitypub id. It’s actually much easier to go after a big corp with such a request as opposed to some random mastodon or lemmy instance.

At that point it’s easier to run your own instance, I guess? As it stands now, it’s not trivial to scale neither the db storage (postgres) nor the backend (lemmy).

I don’t think that users’ donating parts of compute is a way to go, honestly. You’ll have to think about bad actors (such users will effectively be instance admins for some subset of data), and it might quickly deteriorate into the weird crypto world (aka let’s use blockchain as a storage because no one can be trusted to really count the upvotes).

Unfortunately, it’s a very tricky issue to solve. I’d say donating to your instance so that its operators have enough finances to support it is the way.

This one was on page 3 of lemmy.world, heh. Rolling out the update that tries to scrape all pages proper right now.