It’s actually not wrong if you look at it in another way.
Big tech will abuse your data, but it will do within legal constraints, and there is actuall (though weak) accountability of these companies due to the legal system.
On federated services like Lemmy, instances are hosted by anonymous individuals. Most social media laws don’t apply to them, and their legal accountability is basically zero.
Lemmy, for example, does not comply with GDPR. There is no legal notice, no privacy contact person, no banner asking whether you are ok with the fact that your data is sent to unknown servers in random nations, no nothing. Private messages aren’t even encrypted, so any admin can read them without issues.
There is no way to actually delete your data, as the GDPR requires. Deleted posts are only marked as deleted and you can see their plain text content by just pressing the “reply” button in any of the apps. There isn’t any kind of guarantee, that your post will be deleted on other instances. If federation has problems, the post will remain on other instances and is now permanently undeletable by the user.
There are no moderation standards. Some instances will delete nazi content, some basically require nazi content. And some instance admin might even edit your posts to say something completely different. It’s all possible and in the hands of random people on the internet.
Hobbyist-run services are much worse when it comes to availability and reliability. If something happens while the admin is on holiday, nothing will get fixed. If the admin runs out of money, doesn’t care anymore or even dies, the instance with all it’s content and users is just gone.
So there are very real risks attached to a hobbyist-run service with no legal accountability and no transparency at all.
We all know the downsides of Big Tech though, so it’s everyone’s personal choice to figure out which disadvantages hurt them personally more.
Very much this. Plus, how easy will instance admin Joe Schmoe fold under external pressure to give access to certain groups, government bodies etc? And how well have Joe Schmoe implemented good security practices on the server and related things? Etc.
That’s a bit misleading to say like that. Go to the website, scroll to the footer and click on “Legal”. Your instance, feddit.de, has a legal notice, with a privacy contact person, mentioning you can request data erasure, and detailing where your data goes. Mine, lemmy.world, has a number of in depth legal documents attached there.
However, yes, other instances they are federated with might not take it as seriously though, and if all your data is going there too, then that’s a hole in your data privacy.
It’s actually not wrong if you look at it in another way.
So there are very real risks attached to a hobbyist-run service with no legal accountability and no transparency at all.
We all know the downsides of Big Tech though, so it’s everyone’s personal choice to figure out which disadvantages hurt them personally more.
@squaresinger @LinkOpensChest_wav yes and don’t let people fall for quasi legal privacy policies that lemmy.world & ilk provide #Lemmyworld #accountability #fediverserated
That happens if you don’t have an actual legal team… I am sure they are doing their best, but if you don’t have a lawyer, you can’t do legal texts.
Very much this. Plus, how easy will instance admin Joe Schmoe fold under external pressure to give access to certain groups, government bodies etc? And how well have Joe Schmoe implemented good security practices on the server and related things? Etc.
That’s a bit misleading to say like that. Go to the website, scroll to the footer and click on “Legal”. Your instance, feddit.de, has a legal notice, with a privacy contact person, mentioning you can request data erasure, and detailing where your data goes. Mine, lemmy.world, has a number of in depth legal documents attached there.
However, yes, other instances they are federated with might not take it as seriously though, and if all your data is going there too, then that’s a hole in your data privacy.
But if I request it there, after its federated everywhere, what happens?