How to Kill a Decentralised Network (such as the Fediverse) écrit par Ploum, Lionel Dricot, ingénieur, écrivain de science-fiction, développeur de logiciels libres.
A warning and a perspective from an insider who has been through this before.
I wouldn’t assume the EU would necessarily be interested in protecting the Fediverse. Legislation like the GDPR is very much oriented towards working with corporate entities and the open Fediverse model is generally at odds with the right to be forgotten (since it’s effectively impossible to ensure all copies of a user’s data are deleted - I don’t even think it’s possible to determine which nodes may have a copy of a year old post).
Couldn’t the protocol be updated to be more compliant with the right to be forgotten? Something like, when a user deletes a comment it gets deleted from the DB of every federated instance. Sure enough, admins might have made backups and that would theoretically go against the GDPR but still… you can only apply these laws to a certain extent. It’s the same as you posting a picture on Facebook, me downloading it and you deleting it afterwards. Even if you were to make a GDPR request to Meta you still couldn’t get the picture on my PC. But that’s not Meta’s fault, they can’t do much about that.
I assume the parent commenter referred to the EU because they seem to be the only governing body on the planet with enough influence and an actual desire to actually stand up to major corporations. The US sure ain’t going to be doing it, and the list of other options is essentially zero, so that’s the only hope we have in terms of legal protections or regulations.
I wouldn’t assume the EU would necessarily be interested in protecting the Fediverse. Legislation like the GDPR is very much oriented towards working with corporate entities and the open Fediverse model is generally at odds with the right to be forgotten (since it’s effectively impossible to ensure all copies of a user’s data are deleted - I don’t even think it’s possible to determine which nodes may have a copy of a year old post).
Couldn’t the protocol be updated to be more compliant with the right to be forgotten? Something like, when a user deletes a comment it gets deleted from the DB of every federated instance. Sure enough, admins might have made backups and that would theoretically go against the GDPR but still… you can only apply these laws to a certain extent. It’s the same as you posting a picture on Facebook, me downloading it and you deleting it afterwards. Even if you were to make a GDPR request to Meta you still couldn’t get the picture on my PC. But that’s not Meta’s fault, they can’t do much about that.
I assume the parent commenter referred to the EU because they seem to be the only governing body on the planet with enough influence and an actual desire to actually stand up to major corporations. The US sure ain’t going to be doing it, and the list of other options is essentially zero, so that’s the only hope we have in terms of legal protections or regulations.